Dev news

Commit 5bd7e3be0b2 for php.net

commit 5bd7e3be0b2678e6fd7c2b66ea1a450281783208
Merge: 1f50b63369a ccb9ec6c2e3
Author: Ilija Tovilo <ilija.tovilo@me.com>
Date:   Sat May 2 01:56:54 2026 +0200

    Merge branch 'PHP-8.3' into PHP-8.4

    * PHP-8.3:
      Backport compatibility changes for OpenSSL 4.0

diff --cc NEWS
index a6fe8e2136a,ee92bacf700..3dbfb272495
--- a/NEWS
+++ b/NEWS
@@@ -1,32 -1,6 +1,35 @@@
  PHP                                                                        NEWS
  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 -?? ??? ????, PHP 8.3.31
 +?? ??? ????, PHP 8.4.22
 +
 +- Opcache:
 +  . Fixed tracing JIT crash when a VM interrupt is handled during an observed
 +    user function call. (Levi Morrison)
 +
++- OpenSSL:
++  . Fix compatibility issues with OpenSSL 4.0. (jordikroon, Remi)
++
 +- Standard:
 +  . Fixed bug GH-21689 (version_compare() incorrectly handles versions ending
 +    with a dot). (timwolla)
 +
 +07 May 2026, PHP 8.4.21
 +
 +- Core:
 +  . Fixed bug GH-19983 (GC assertion failure with fibers, generators and
 +    destructors). (iliaal)
 +  . Fixed bug GH-21478 (Forward property operations to real instance for
 +    initialized lazy proxies). (iliaal)
 +  . Fixed bug GH-21605 (Missing addref for Countable::count()). (ilutov)
 +  . Fixed bug GH-21699 (Assertion failure in shutdown_executor when resolving
 +    self::/parent::/static:: callables if the error handler throws). (macoaure)
 +  . Fixed bug GH-21603 (Missing addref for __unset). (ilutov)
 +  . Fixed bug GH-21760 (Trait with class constant name conflict against
 +    enum case causes SEGV). (Pratik Bhujel)
 +
 +- CLI:
 +  . Fixed bug GH-21754 (`--rf` command line option with a method triggers
 +    ext/reflection deprecation warnings). (DanielEScherzer)

  - Curl:
    . Add support for brotli and zstd on Windows. (Shivam Mathur)
diff --cc ext/openssl/openssl.c
index 8fc830b756d,56e00d2ae6c..6d179cebabd
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@@ -771,8 -753,8 +771,8 @@@ static time_t php_openssl_asn1_time_to_
  		return (time_t)-1;
  	}

 -	if (timestr_len < 13 && timestr_len != 11) {
 +	if (timestr_len < 13) {
- 		php_error_docref(NULL, E_WARNING, "Unable to parse time string %s correctly", timestr->data);
+ 		php_error_docref(NULL, E_WARNING, "Unable to parse time string %s correctly", ASN1_STRING_get0_data(timestr));
  		return (time_t)-1;
  	}

diff --cc ext/openssl/xp_ssl.c
index 11a6b56bf44,960cbd1b6c1..ffacd8a107b
--- a/ext/openssl/xp_ssl.c
+++ b/ext/openssl/xp_ssl.c
@@@ -496,12 -497,12 +496,12 @@@ static bool php_openssl_matches_san_lis
  			}
  			OPENSSL_free(cert_name);
  		} else if (san->type == GEN_IPADD) {
- 			if (san->d.iPAddress->length == 4) {
+ 			if (ASN1_STRING_length(san->d.iPAddress) == 4) {
 -				sprintf(ipbuffer, "%d.%d.%d.%d",
 +				snprintf(ipbuffer, sizeof(ipbuffer), "%d.%d.%d.%d",
- 					san->d.iPAddress->data[0],
- 					san->d.iPAddress->data[1],
- 					san->d.iPAddress->data[2],
- 					san->d.iPAddress->data[3]
+ 					ASN1_STRING_get0_data(san->d.iPAddress)[0],
+ 					ASN1_STRING_get0_data(san->d.iPAddress)[1],
+ 					ASN1_STRING_get0_data(san->d.iPAddress)[2],
+ 					ASN1_STRING_get0_data(san->d.iPAddress)[3]
  				);
  				if (strcasecmp(subject_name, (const char*)ipbuffer) == 0) {
  					sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);