Differential D10181
Build PHP hash and session modules by default Authored by feld on Mar 29 2017, 12:20 PM. Tags None Referenced Files
Details There is a known bug affecting FreeBSD which causes a security setting The result it is impossible to use a different session hash function on build, test, run, upgrade
Diff Detail
Event TimelineComment Actions Hello feld, thanks for working on this. It slips steadily under my focus and workload :/ I'm unsure about the change of PHP 7.1. Since the diff should solve PR 202591 its worth noticing, that the directive "session.hash_function" was removed in PHP 7.1. The change wouldn't be needed to get the security, but it would be consequent. So i'm in slight favor of your change. Greetings, Comment Actions Correct, php71 is getting the change for consistency only. Honestly, hash and session modules are so commonly used it should be of no consequence to include them. Comment Actions The following lines look wrong: hash_DEPENDS= lang/php${PHP_VER} PHP_EXT_INC should be used instead. Comment Actions Please notice: the hash module is gone in PHP 7.4. Its part of the core and can't be disabled anymore. You find details here: |