util.c

Go to the documentation of this file.

/*
  +----------------------------------------------------------------------+
  | phar php single-file executable PHP extension                        |
  | utility functions                                                    |
  +----------------------------------------------------------------------+
  | Copyright (c) The PHP Group                                          |
  +----------------------------------------------------------------------+
  | This source file is subject to version 3.01 of the PHP license,      |
  | that is bundled with this package in the file LICENSE, and is        |
  | available through the world-wide-web at the following url:           |
  | https://www.php.net/license/3_01.txt                                 |
  | If you did not receive a copy of the PHP license and are unable to   |
  | obtain it through the world-wide-web, please send a note to          |
  | license@php.net so we can mail you a copy immediately.               |
  +----------------------------------------------------------------------+
  | Authors: Gregory Beaver <cellog@php.net>                             |
  |          Marcus Boerger <helly@php.net>                              |
  +----------------------------------------------------------------------+
*/
 
#include "phar_internal.h"
#include "php_phar.h"
#include "ext/hash/php_hash.h" /* Needed for PHP_HASH_API in ext/hash/php_hash_sha.h */
#include "ext/hash/php_hash_sha.h"
#include "ext/standard/md5.h"
 
#ifdef PHAR_HAVE_OPENSSL
/* OpenSSL includes */
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/crypto.h>
#include <openssl/pem.h>
#include <openssl/err.h>
#include <openssl/conf.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
#include <openssl/pkcs12.h>
#else
static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len, uint32_t sig_type);
#endif
 
/* for links to relative location, prepend cwd of the entry */
static char *phar_get_link_location(phar_entry_info *entry) /* {{{ */
{
    char *p, *ret = NULL;
    if (!entry->link) {
        return NULL;
    }
    if (entry->link[0] == '/') {
        return estrdup(entry->link + 1);
    }
    p = strrchr(entry->filename, '/');
    if (p) {
        *p = '\0';
        spprintf(&ret, 0, "%s/%s", entry->filename, entry->link);
        return ret;
    }
    return entry->link;
}
/* }}} */
 
phar_entry_info *phar_get_link_source(phar_entry_info *entry) /* {{{ */
{
    phar_entry_info *link_entry;
    char *link;
 
    if (!entry->link) {
        return entry;
    }
 
    link = phar_get_link_location(entry);
    if (NULL != (link_entry = zend_hash_str_find_ptr(&(entry->phar->manifest), entry->link, strlen(entry->link))) ||
        NULL != (link_entry = zend_hash_str_find_ptr(&(entry->phar->manifest), link, strlen(link)))) {
        if (link != entry->link) {
            efree(link);
        }
        return phar_get_link_source(link_entry);
    } else {
        if (link != entry->link) {
            efree(link);
        }
        return NULL;
    }
}
/* }}} */
 
static php_stream *phar_get_entrypufp(const phar_entry_info *entry)
{
    if (!entry->is_persistent) {
        return entry->phar->ufp;
    }
    return PHAR_G(cached_fp)[entry->phar->phar_pos].ufp;
}
 
/* retrieve a phar_entry_info's current file pointer for reading contents */
php_stream *phar_get_efp(phar_entry_info *entry, int follow_links) /* {{{ */
{
    if (follow_links && entry->link) {
        phar_entry_info *link_entry = phar_get_link_source(entry);
 
        if (link_entry && link_entry != entry) {
            return phar_get_efp(link_entry, 1);
        }
    }
 
    if (phar_get_fp_type(entry) == PHAR_FP) {
        if (!phar_get_entrypfp(entry)) {
            /* re-open just in time for cases where our refcount reached 0 on the phar archive */
            phar_open_archive_fp(entry->phar);
        }
        return phar_get_entrypfp(entry);
    } else if (phar_get_fp_type(entry) == PHAR_UFP) {
        return phar_get_entrypufp(entry);
    } else if (entry->fp_type == PHAR_MOD) {
        return entry->fp;
    } else {
        /* temporary manifest entry */
        if (!entry->fp) {
            entry->fp = php_stream_open_wrapper(entry->tmp, "rb", STREAM_MUST_SEEK|0, NULL);
        }
        return entry->fp;
    }
}
/* }}} */
 
static zend_off_t phar_get_fp_offset(const phar_entry_info *entry)
{
    if (!entry->is_persistent) {
        return entry->offset;
    }
    if (PHAR_G(cached_fp)[entry->phar->phar_pos].manifest[entry->manifest_pos].fp_type == PHAR_FP) {
        if (!PHAR_G(cached_fp)[entry->phar->phar_pos].manifest[entry->manifest_pos].offset) {
            PHAR_G(cached_fp)[entry->phar->phar_pos].manifest[entry->manifest_pos].offset = entry->offset;
        }
    }
    return PHAR_G(cached_fp)[entry->phar->phar_pos].manifest[entry->manifest_pos].offset;
}
 
int phar_seek_efp(phar_entry_info *entry, zend_off_t offset, int whence, zend_off_t position, int follow_links) /* {{{ */
{
    php_stream *fp = phar_get_efp(entry, follow_links);
    zend_off_t temp, eoffset;
 
    if (!fp) {
        return -1;
    }
 
    if (follow_links) {
        phar_entry_info *t;
        t = phar_get_link_source(entry);
        if (t) {
            entry = t;
        }
    }
 
    if (entry->is_dir) {
        return 0;
    }
 
    eoffset = phar_get_fp_offset(entry);
 
    switch (whence) {
        case SEEK_END:
            temp = eoffset + entry->uncompressed_filesize + offset;
            break;
        case SEEK_CUR:
            temp = eoffset + position + offset;
            break;
        case SEEK_SET:
            temp = eoffset + offset;
            break;
        default:
            temp = 0;
    }
 
    if (temp > eoffset + (zend_off_t) entry->uncompressed_filesize) {
        return -1;
    }
 
    if (temp < eoffset) {
        return -1;
    }
 
    return php_stream_seek(fp, temp, SEEK_SET);
}
/* }}} */
 
/* mount an absolute path or uri to a path internal to the phar archive */
zend_result phar_mount_entry(phar_archive_data *phar, char *filename, size_t filename_len, char *path, size_t path_len) /* {{{ */
{
    phar_entry_info entry = {0};
    php_stream_statbuf ssb;
    int is_phar;
    const char *err;
 
    if (phar_path_check(&path, &path_len, &err) > pcr_is_ok) {
        return FAILURE;
    }
 
    if (path_len >= sizeof(".phar")-1 && !memcmp(path, ".phar", sizeof(".phar")-1)) {
        /* no creating magic phar files by mounting them */
        return FAILURE;
    }
 
    is_phar = (filename_len > 7 && !memcmp(filename, "phar://", 7));
 
    entry.phar = phar;
    entry.filename = estrndup(path, path_len);
#ifdef PHP_WIN32
    phar_unixify_path_separators(entry.filename, path_len);
#endif
    entry.filename_len = path_len;
    if (is_phar) {
        entry.tmp = estrndup(filename, filename_len);
    } else {
        entry.tmp = expand_filepath(filename, NULL);
        if (!entry.tmp) {
            entry.tmp = estrndup(filename, filename_len);
        }
    }
    filename = entry.tmp;
 
    /* only check openbasedir for files, not for phar streams */
    if (!is_phar && php_check_open_basedir(filename)) {
        efree(entry.tmp);
        efree(entry.filename);
        return FAILURE;
    }
 
    entry.is_mounted = 1;
    entry.is_crc_checked = 1;
    entry.fp_type = PHAR_TMP;
 
    if (SUCCESS != php_stream_stat_path(filename, &ssb)) {
        efree(entry.tmp);
        efree(entry.filename);
        return FAILURE;
    }
 
    if (ssb.sb.st_mode & S_IFDIR) {
        entry.is_dir = 1;
        if (NULL == zend_hash_str_add_ptr(&phar->mounted_dirs, entry.filename, path_len, entry.filename)) {
            /* directory already mounted */
            efree(entry.tmp);
            efree(entry.filename);
            return FAILURE;
        }
    } else {
        entry.is_dir = 0;
        entry.uncompressed_filesize = entry.compressed_filesize = ssb.sb.st_size;
    }
 
    entry.flags = ssb.sb.st_mode;
 
    if (NULL != zend_hash_str_add_mem(&phar->manifest, entry.filename, path_len, (void*)&entry, sizeof(phar_entry_info))) {
        return SUCCESS;
    }
 
    efree(entry.tmp);
    efree(entry.filename);
    return FAILURE;
}
/* }}} */
 
zend_string *phar_find_in_include_path(zend_string *filename, phar_archive_data **pphar) /* {{{ */
{
    zend_string *ret;
    char *path, *arch, *entry, *test;
    size_t arch_len, entry_len;
    phar_archive_data *phar;
 
    if (pphar) {
        *pphar = NULL;
    } else {
        pphar = &phar;
    }
 
    if (!zend_is_executing() || !PHAR_G(cwd)) {
        return NULL;
    }
 
    zend_string *fname = zend_get_executed_filename_ex();
    if (!fname) {
        return NULL;
    }
 
    bool is_file_a_phar_wrapper = zend_string_starts_with_literal_ci(fname, "phar://");
    size_t length_phar_protocol = strlen("phar://");
 
    if (
        PHAR_G(last_phar)
        && is_file_a_phar_wrapper
        && ZSTR_LEN(fname) - length_phar_protocol >= PHAR_G(last_phar_name_len)
        && !memcmp(ZSTR_VAL(fname) + length_phar_protocol, PHAR_G(last_phar_name), PHAR_G(last_phar_name_len))
    ) {
        arch = estrndup(PHAR_G(last_phar_name), PHAR_G(last_phar_name_len));
        arch_len = PHAR_G(last_phar_name_len);
        phar = PHAR_G(last_phar);
        goto splitted;
    }
 
    if (!is_file_a_phar_wrapper || SUCCESS != phar_split_fname(ZSTR_VAL(fname), ZSTR_LEN(fname), &arch, &arch_len, &entry, &entry_len, 1, 0)) {
        return NULL;
    }
 
    efree(entry);
 
    if (*ZSTR_VAL(filename) == '.') {
        size_t try_len;
 
        if (FAILURE == phar_get_archive(&phar, arch, arch_len, NULL, 0, NULL)) {
            efree(arch);
            return NULL;
        }
splitted:
        if (pphar) {
            *pphar = phar;
        }
 
        try_len = ZSTR_LEN(filename);
        test = phar_fix_filepath(estrndup(ZSTR_VAL(filename), ZSTR_LEN(filename)), &try_len, 1);
 
        if (*test == '/') {
            if (zend_hash_str_exists(&(phar->manifest), test + 1, try_len - 1)) {
                ret = strpprintf(0, "phar://%s%s", arch, test);
                efree(arch);
                efree(test);
                return ret;
            }
        } else {
            if (zend_hash_str_exists(&(phar->manifest), test, try_len)) {
                ret = strpprintf(0, "phar://%s/%s", arch, test);
                efree(arch);
                efree(test);
                return ret;
            }
        }
        efree(test);
    }
 
    spprintf(&path, MAXPATHLEN + 1 + strlen(PG(include_path)), "phar://%s/%s%c%s", arch, PHAR_G(cwd), DEFAULT_DIR_SEPARATOR, PG(include_path));
    efree(arch);
    ret = php_resolve_path(ZSTR_VAL(filename), ZSTR_LEN(filename), path);
    efree(path);
 
    if (ret && zend_string_starts_with_literal_ci(ret, "phar://")) {
        /* found phar:// */
        if (SUCCESS != phar_split_fname(ZSTR_VAL(ret), ZSTR_LEN(ret), &arch, &arch_len, &entry, &entry_len, 1, 0)) {
            return ret;
        }
 
        *pphar = zend_hash_str_find_ptr(&(PHAR_G(phar_fname_map)), arch, arch_len);
 
        if (!*pphar && PHAR_G(manifest_cached)) {
            *pphar = zend_hash_str_find_ptr(&cached_phars, arch, arch_len);
        }
 
        efree(arch);
        efree(entry);
    }
 
    return ret;
}
/* }}} */
 
static zend_result phar_create_writeable_entry(phar_archive_data *phar, phar_entry_info *entry, char **error) /* {{{ */
{
    if (entry->fp_type == PHAR_MOD) {
        /* already newly created, truncate */
        php_stream_truncate_set_size(entry->fp, 0);
 
        entry->old_flags = entry->flags;
        entry->is_modified = 1;
        phar->is_modified = 1;
        /* reset file size */
        entry->uncompressed_filesize = 0;
        entry->compressed_filesize = 0;
        entry->crc32 = 0;
        entry->flags = PHAR_ENT_PERM_DEF_FILE;
        entry->fp_type = PHAR_MOD;
        entry->offset = 0;
        return SUCCESS;
    }
 
    if (error) {
        *error = NULL;
    }
 
    /* open a new temp file for writing */
    if (entry->link) {
        efree(entry->link);
        entry->link = NULL;
        entry->tar_type = (entry->is_tar ? TAR_FILE : '\0');
    }
 
    entry->fp = php_stream_fopen_tmpfile();
 
    if (!entry->fp) {
        if (error) {
            spprintf(error, 0, "phar error: unable to create temporary file");
        }
        return FAILURE;
    }
 
    entry->old_flags = entry->flags;
    entry->is_modified = 1;
    phar->is_modified = 1;
    /* reset file size */
    entry->uncompressed_filesize = 0;
    entry->compressed_filesize = 0;
    entry->crc32 = 0;
    entry->flags = PHAR_ENT_PERM_DEF_FILE;
    entry->fp_type = PHAR_MOD;
    entry->offset = 0;
    return SUCCESS;
}
/* }}} */
 
static zend_result phar_separate_entry_fp(phar_entry_info *entry, char **error) /* {{{ */
{
    php_stream *fp;
    phar_entry_info *link;
 
    if (FAILURE == phar_open_entry_fp(entry, error, 1)) {
        return FAILURE;
    }
 
    if (entry->fp_type == PHAR_MOD) {
        return SUCCESS;
    }
 
    fp = php_stream_fopen_tmpfile();
    if (fp == NULL) {
        spprintf(error, 0, "phar error: unable to create temporary file");
        return FAILURE;
    }
    phar_seek_efp(entry, 0, SEEK_SET, 0, 1);
    link = phar_get_link_source(entry);
 
    if (!link) {
        link = entry;
    }
 
    if (SUCCESS != php_stream_copy_to_stream_ex(phar_get_efp(link, 0), fp, link->uncompressed_filesize, NULL)) {
        if (error) {
            spprintf(error, 4096, "phar error: cannot separate entry file \"%s\" contents in phar archive \"%s\" for write access", entry->filename, entry->phar->fname);
        }
        return FAILURE;
    }
 
    if (entry->link) {
        efree(entry->link);
        entry->link = NULL;
        entry->tar_type = (entry->is_tar ? TAR_FILE : '\0');
    }
 
    entry->offset = 0;
    entry->fp = fp;
    entry->fp_type = PHAR_MOD;
    entry->is_modified = 1;
    return SUCCESS;
}
/* }}} */

zend_result phar_get_entry_data(phar_entry_data **ret, char *fname, size_t fname_len, char *path, size_t path_len, const char *mode, char allow_dir, char **error, int security) /* {{{ */
{
    phar_archive_data *phar;
    phar_entry_info *entry;
    bool for_write  = mode[0] != 'r' || mode[1] == '+';
    bool for_append = mode[0] == 'a';
    bool for_create = mode[0] != 'r';
    bool for_trunc  = mode[0] == 'w';
 
    if (!ret) {
        return FAILURE;
    }
 
    *ret = NULL;
 
    if (error) {
        *error = NULL;
    }
 
    if (FAILURE == phar_get_archive(&phar, fname, fname_len, NULL, 0, error)) {
        return FAILURE;
    }
 
    if (for_write && PHAR_G(readonly) && !phar->is_data) {
        if (error) {
            spprintf(error, 4096, "phar error: file \"%s\" in phar \"%s\" cannot be opened for writing, disabled by ini setting", path, fname);
        }
        return FAILURE;
    }
 
    if (!path_len) {
        if (error) {
            spprintf(error, 4096, "phar error: file \"\" in phar \"%s\" must not be empty", fname);
        }
        return FAILURE;
    }
really_get_entry:
    if (allow_dir) {
        if ((entry = phar_get_entry_info_dir(phar, path, path_len, allow_dir, for_create && !PHAR_G(readonly) && !phar->is_data ? NULL : error, security)) == NULL) {
            if (for_create && (!PHAR_G(readonly) || phar->is_data)) {
                return SUCCESS;
            }
            return FAILURE;
        }
    } else {
        if ((entry = phar_get_entry_info(phar, path, path_len, for_create && !PHAR_G(readonly) && !phar->is_data ? NULL : error, security)) == NULL) {
            if (for_create && (!PHAR_G(readonly) || phar->is_data)) {
                return SUCCESS;
            }
            return FAILURE;
        }
    }
 
    if (for_write && phar->is_persistent) {
        if (FAILURE == phar_copy_on_write(&phar)) {
            if (error) {
                spprintf(error, 4096, "phar error: file \"%s\" in phar \"%s\" cannot be opened for writing, could not make cached phar writeable", path, fname);
            }
            return FAILURE;
        } else {
            goto really_get_entry;
        }
    }
 
    if (entry->is_modified && !for_write) {
        if (error) {
            spprintf(error, 4096, "phar error: file \"%s\" in phar \"%s\" cannot be opened for reading, writable file pointers are open", path, fname);
        }
        return FAILURE;
    }
 
    if (entry->fp_refcount && for_write) {
        if (error) {
            spprintf(error, 4096, "phar error: file \"%s\" in phar \"%s\" cannot be opened for writing, readable file pointers are open", path, fname);
        }
        return FAILURE;
    }
 
    if (entry->is_deleted) {
        if (!for_create) {
            return FAILURE;
        }
        entry->is_deleted = 0;
    }
 
    if (entry->is_dir) {
        *ret = (phar_entry_data *) emalloc(sizeof(phar_entry_data));
        (*ret)->position = 0;
        (*ret)->fp = NULL;
        (*ret)->phar = phar;
        (*ret)->internal_file = entry;
 
        if (!phar->is_persistent) {
            ++(entry->phar->refcount);
            ++(entry->fp_refcount);
        }
 
        return SUCCESS;
    }
 
    if (entry->fp_type == PHAR_MOD) {
        if (for_trunc) {
            if (FAILURE == phar_create_writeable_entry(phar, entry, error)) {
                return FAILURE;
            }
        } else if (for_append) {
            phar_seek_efp(entry, 0, SEEK_END, 0, 0);
        }
    } else {
        if (for_write) {
            if (entry->link) {
                efree(entry->link);
                entry->link = NULL;
                entry->tar_type = (entry->is_tar ? TAR_FILE : '\0');
            }
 
            if (for_trunc) {
                if (FAILURE == phar_create_writeable_entry(phar, entry, error)) {
                    return FAILURE;
                }
            } else {
                if (FAILURE == phar_separate_entry_fp(entry, error)) {
                    return FAILURE;
                }
            }
        } else {
            if (FAILURE == phar_open_entry_fp(entry, error, 1)) {
                return FAILURE;
            }
        }
    }
 
    *ret = (phar_entry_data *) emalloc(sizeof(phar_entry_data));
    (*ret)->position = 0;
    (*ret)->phar = phar;
    (*ret)->internal_file = entry;
    (*ret)->fp = phar_get_efp(entry, 1);
    if (entry->link) {
        phar_entry_info *link = phar_get_link_source(entry);
        if(!link) {
            efree(*ret);
            return FAILURE;
        }
        (*ret)->zero = phar_get_fp_offset(link);
    } else {
        (*ret)->zero = phar_get_fp_offset(entry);
    }
 
    if (!phar->is_persistent) {
        ++(entry->fp_refcount);
        ++(entry->phar->refcount);
    }
 
    return SUCCESS;
}
/* }}} */

phar_entry_data *phar_get_or_create_entry_data(char *fname, size_t fname_len, char *path, size_t path_len, const char *mode, char allow_dir, char **error, int security) /* {{{ */
{
    phar_archive_data *phar;
    phar_entry_info *entry, etemp;
    phar_entry_data *ret;
    const char *pcr_error;
    char is_dir;
 
#ifdef PHP_WIN32
    phar_unixify_path_separators(path, path_len);
#endif
 
    is_dir = (path_len && path[path_len - 1] == '/') ? 1 : 0;
 
    if (FAILURE == phar_get_archive(&phar, fname, fname_len, NULL, 0, error)) {
        return NULL;
    }
 
    if (FAILURE == phar_get_entry_data(&ret, fname, fname_len, path, path_len, mode, allow_dir, error, security)) {
        return NULL;
    } else if (ret) {
        return ret;
    }
 
    if (phar_path_check(&path, &path_len, &pcr_error) > pcr_is_ok) {
        if (error) {
            spprintf(error, 0, "phar error: invalid path \"%s\" contains %s", path, pcr_error);
        }
        return NULL;
    }
 
    if (phar->is_persistent && FAILURE == phar_copy_on_write(&phar)) {
        if (error) {
            spprintf(error, 4096, "phar error: file \"%s\" in phar \"%s\" cannot be created, could not make cached phar writeable", path, fname);
        }
        return NULL;
    }
 
    /* create a new phar data holder */
    ret = (phar_entry_data *) emalloc(sizeof(phar_entry_data));
 
    /* create an entry, this is a new file */
    memset(&etemp, 0, sizeof(phar_entry_info));
    etemp.filename_len = path_len;
    etemp.fp_type = PHAR_MOD;
    etemp.fp = php_stream_fopen_tmpfile();
 
    if (!etemp.fp) {
        if (error) {
            spprintf(error, 0, "phar error: unable to create temporary file");
        }
        efree(ret);
        return NULL;
    }
 
    etemp.fp_refcount = 1;
 
    if (allow_dir == 2) {
        etemp.is_dir = 1;
        etemp.flags = etemp.old_flags = PHAR_ENT_PERM_DEF_DIR;
    } else {
        etemp.flags = etemp.old_flags = PHAR_ENT_PERM_DEF_FILE;
    }
    if (is_dir && path_len) {
        etemp.filename_len--; /* strip trailing / */
        path_len--;
    }
 
    phar_add_virtual_dirs(phar, path, path_len);
    etemp.is_modified = 1;
    etemp.timestamp = time(0);
    etemp.is_crc_checked = 1;
    etemp.phar = phar;
    etemp.filename = estrndup(path, path_len);
    etemp.is_zip = phar->is_zip;
 
    if (phar->is_tar) {
        etemp.is_tar = phar->is_tar;
        etemp.tar_type = etemp.is_dir ? TAR_DIR : TAR_FILE;
    }
 
    if (NULL == (entry = zend_hash_str_add_mem(&phar->manifest, etemp.filename, path_len, (void*)&etemp, sizeof(phar_entry_info)))) {
        php_stream_close(etemp.fp);
        if (error) {
            spprintf(error, 0, "phar error: unable to add new entry \"%s\" to phar \"%s\"", etemp.filename, phar->fname);
        }
        efree(ret);
        efree(etemp.filename);
        return NULL;
    }
 
    if (!entry) {
        php_stream_close(etemp.fp);
        efree(etemp.filename);
        efree(ret);
        return NULL;
    }
 
    ++(phar->refcount);
    ret->phar = phar;
    ret->fp = entry->fp;
    ret->position = ret->zero = 0;
    ret->internal_file = entry;
 
    return ret;
}
/* }}} */
 
static inline void phar_set_pharfp(phar_archive_data *phar, php_stream *fp)
{
    if (!phar->is_persistent) {
        phar->fp =  fp;
        return;
    }
 
    PHAR_G(cached_fp)[phar->phar_pos].fp = fp;
}
 
/* initialize a phar_archive_data's read-only fp for existing phar data */
zend_result phar_open_archive_fp(phar_archive_data *phar) /* {{{ */
{
    if (phar_get_pharfp(phar)) {
        return SUCCESS;
    }
 
    if (php_check_open_basedir(phar->fname)) {
        return FAILURE;
    }
 
    phar_set_pharfp(phar, php_stream_open_wrapper(phar->fname, "rb", IGNORE_URL|STREAM_MUST_SEEK|0, NULL));
 
    if (!phar_get_pharfp(phar)) {
        return FAILURE;
    }
 
    return SUCCESS;
}
/* }}} */
 
/* copy file data from an existing to a new phar_entry_info that is not in the manifest */
zend_result phar_copy_entry_fp(phar_entry_info *source, phar_entry_info *dest, char **error) /* {{{ */
{
    phar_entry_info *link;
 
    if (FAILURE == phar_open_entry_fp(source, error, 1)) {
        return FAILURE;
    }
 
    if (dest->link) {
        efree(dest->link);
        dest->link = NULL;
        dest->tar_type = (dest->is_tar ? TAR_FILE : '\0');
    }
 
    dest->fp_type = PHAR_MOD;
    dest->offset = 0;
    dest->is_modified = 1;
    dest->fp = php_stream_fopen_tmpfile();
    if (dest->fp == NULL) {
        spprintf(error, 0, "phar error: unable to create temporary file");
        return EOF;
    }
    phar_seek_efp(source, 0, SEEK_SET, 0, 1);
    link = phar_get_link_source(source);
 
    if (!link) {
        link = source;
    }
 
    if (SUCCESS != php_stream_copy_to_stream_ex(phar_get_efp(link, 0), dest->fp, link->uncompressed_filesize, NULL)) {
        php_stream_close(dest->fp);
        dest->fp_type = PHAR_FP;
        if (error) {
            spprintf(error, 4096, "phar error: unable to copy contents of file \"%s\" to \"%s\" in phar archive \"%s\"", source->filename, dest->filename, source->phar->fname);
        }
        return FAILURE;
    }
 
    return SUCCESS;
}
/* }}} */
 
static void phar_set_entrypufp(const phar_entry_info *entry, php_stream *fp)
{
    if (!entry->phar->is_persistent) {
        entry->phar->ufp =  fp;
        return;
    }
 
    PHAR_G(cached_fp)[entry->phar->phar_pos].ufp = fp;
}
 
static void phar_set_fp_type(phar_entry_info *entry, enum phar_fp_type type, zend_off_t offset)
{
    phar_entry_fp_info *data;
 
    if (!entry->is_persistent) {
        entry->fp_type = type;
        entry->offset = offset;
        return;
    }
    data = &(PHAR_G(cached_fp)[entry->phar->phar_pos].manifest[entry->manifest_pos]);
    data->fp_type = type;
    data->offset = offset;
}
 
/* open and decompress a compressed phar entry
 */
zend_result phar_open_entry_fp(phar_entry_info *entry, char **error, int follow_links) /* {{{ */
{
    php_stream_filter *filter;
    phar_archive_data *phar = entry->phar;
    char *filtername;
    zend_off_t loc;
    php_stream *ufp;
    phar_entry_data dummy;
 
    if (follow_links && entry->link) {
        phar_entry_info *link_entry = phar_get_link_source(entry);
        if (link_entry && link_entry != entry) {
            return phar_open_entry_fp(link_entry, error, 1);
        }
    }
 
    if (entry->is_modified) {
        return SUCCESS;
    }
 
    if (entry->fp_type == PHAR_TMP) {
        if (!entry->fp) {
            entry->fp = php_stream_open_wrapper(entry->tmp, "rb", STREAM_MUST_SEEK|0, NULL);
        }
        return SUCCESS;
    }
 
    if (entry->fp_type != PHAR_FP) {
        /* either newly created or already modified */
        return SUCCESS;
    }
 
    if (!phar_get_pharfp(phar)) {
        if (FAILURE == phar_open_archive_fp(phar)) {
            spprintf(error, 4096, "phar error: Cannot open phar archive \"%s\" for reading", phar->fname);
            return FAILURE;
        }
    }
 
    if ((entry->old_flags && !(entry->old_flags & PHAR_ENT_COMPRESSION_MASK)) || !(entry->flags & PHAR_ENT_COMPRESSION_MASK)) {
        dummy.internal_file = entry;
        dummy.phar = phar;
        dummy.zero = entry->offset;
        dummy.fp = phar_get_pharfp(phar);
        if (FAILURE == phar_postprocess_file(&dummy, entry->crc32, error, 1)) {
            return FAILURE;
        }
        return SUCCESS;
    }
 
    if (!phar_get_entrypufp(entry)) {
        phar_set_entrypufp(entry, php_stream_fopen_tmpfile());
        if (!phar_get_entrypufp(entry)) {
            spprintf(error, 4096, "phar error: Cannot open temporary file for decompressing phar archive \"%s\" file \"%s\"", phar->fname, entry->filename);
            return FAILURE;
        }
    }
 
    dummy.internal_file = entry;
    dummy.phar = phar;
    dummy.zero = entry->offset;
    dummy.fp = phar_get_pharfp(phar);
    if (FAILURE == phar_postprocess_file(&dummy, entry->crc32, error, 1)) {
        return FAILURE;
    }
 
    ufp = phar_get_entrypufp(entry);
 
    if ((filtername = phar_decompress_filter(entry, 0)) != NULL) {
        filter = php_stream_filter_create(filtername, NULL, 0);
    } else {
        filter = NULL;
    }
 
    if (!filter) {
        spprintf(error, 4096, "phar error: unable to read phar \"%s\" (cannot create %s filter while decompressing file \"%s\")", phar->fname, phar_decompress_filter(entry, 1), entry->filename);
        return FAILURE;
    }
 
    /* now we can safely use proper decompression */
    /* save the new offset location within ufp */
    php_stream_seek(ufp, 0, SEEK_END);
    loc = php_stream_tell(ufp);
    php_stream_filter_append(&ufp->writefilters, filter);
    php_stream_seek(phar_get_entrypfp(entry), phar_get_fp_offset(entry), SEEK_SET);
 
    if (entry->uncompressed_filesize) {
        if (SUCCESS != php_stream_copy_to_stream_ex(phar_get_entrypfp(entry), ufp, entry->compressed_filesize, NULL)) {
            spprintf(error, 4096, "phar error: internal corruption of phar \"%s\" (actual filesize mismatch on file \"%s\")", phar->fname, entry->filename);
            php_stream_filter_remove(filter, 1);
            return FAILURE;
        }
    }
 
    php_stream_filter_flush(filter, 1);
    php_stream_flush(ufp);
    php_stream_filter_remove(filter, 1);
 
    if (php_stream_tell(ufp) - loc != (zend_off_t) entry->uncompressed_filesize) {
        spprintf(error, 4096, "phar error: internal corruption of phar \"%s\" (actual filesize mismatch on file \"%s\")", phar->fname, entry->filename);
        return FAILURE;
    }
 
    entry->old_flags = entry->flags;
 
    /* this is now the new location of the file contents within this fp */
    phar_set_fp_type(entry, PHAR_UFP, loc);
    dummy.zero = entry->offset;
    dummy.fp = ufp;
    if (FAILURE == phar_postprocess_file(&dummy, entry->crc32, error, 0)) {
        return FAILURE;
    }
    return SUCCESS;
}
/* }}} */

phar_entry_info * phar_open_jit(phar_archive_data *phar, phar_entry_info *entry, char **error) /* {{{ */
{
    if (error) {
        *error = NULL;
    }
    /* seek to start of internal file and read it */
    if (FAILURE == phar_open_entry_fp(entry, error, 1)) {
        return NULL;
    }
    if (-1 == phar_seek_efp(entry, 0, SEEK_SET, 0, 1)) {
        spprintf(error, 4096, "phar error: cannot seek to start of file \"%s\" in phar \"%s\"", entry->filename, phar->fname);
        return NULL;
    }
    return entry;
}
/* }}} */
 
PHP_PHAR_API zend_result phar_resolve_alias(char *alias, size_t alias_len, char **filename, size_t *filename_len) /* {{{ */ {
    phar_archive_data *fd_ptr;
    if (HT_IS_INITIALIZED(&PHAR_G(phar_alias_map))
            && NULL != (fd_ptr = zend_hash_str_find_ptr(&(PHAR_G(phar_alias_map)), alias, alias_len))) {
        *filename = fd_ptr->fname;
        *filename_len = fd_ptr->fname_len;
        return SUCCESS;
    }
    return FAILURE;
}
/* }}} */
 
zend_result phar_free_alias(phar_archive_data *phar, char *alias, size_t alias_len) /* {{{ */
{
    if (phar->refcount || phar->is_persistent) {
        return FAILURE;
    }
 
    /* this archive has no open references, so emit a notice and remove it */
    if (zend_hash_str_del(&(PHAR_G(phar_fname_map)), phar->fname, phar->fname_len) != SUCCESS) {
        return FAILURE;
    }
 
    /* invalidate phar cache */
    PHAR_G(last_phar) = NULL;
    PHAR_G(last_phar_name) = PHAR_G(last_alias) = NULL;
 
    return SUCCESS;
}
/* }}} */

zend_result phar_get_archive(phar_archive_data **archive, char *fname, size_t fname_len, char *alias, size_t alias_len, char **error) /* {{{ */
{
    phar_archive_data *fd, *fd_ptr;
    char *my_realpath, *save;
    size_t save_len;
 
    phar_request_initialize();
 
    if (error) {
        *error = NULL;
    }
 
    *archive = NULL;
 
    if (PHAR_G(last_phar) && fname_len == PHAR_G(last_phar_name_len) && !memcmp(fname, PHAR_G(last_phar_name), fname_len)) {
        *archive = PHAR_G(last_phar);
        if (alias && alias_len) {
 
            if (!PHAR_G(last_phar)->is_temporary_alias && (alias_len != PHAR_G(last_phar)->alias_len || memcmp(PHAR_G(last_phar)->alias, alias, alias_len))) {
                if (error) {
                    spprintf(error, 0, "alias \"%s\" is already used for archive \"%s\" cannot be overloaded with \"%s\"", alias, PHAR_G(last_phar)->fname, fname);
                }
                *archive = NULL;
                return FAILURE;
            }
 
            if (PHAR_G(last_phar)->alias_len && NULL != (fd_ptr = zend_hash_str_find_ptr(&(PHAR_G(phar_alias_map)), PHAR_G(last_phar)->alias, PHAR_G(last_phar)->alias_len))) {
                zend_hash_str_del(&(PHAR_G(phar_alias_map)), PHAR_G(last_phar)->alias, PHAR_G(last_phar)->alias_len);
            }
 
            zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), alias, alias_len, *archive);
            PHAR_G(last_alias) = alias;
            PHAR_G(last_alias_len) = alias_len;
        }
 
        return SUCCESS;
    }
 
    if (alias && alias_len && PHAR_G(last_phar) && alias_len == PHAR_G(last_alias_len) && !memcmp(alias, PHAR_G(last_alias), alias_len)) {
        fd = PHAR_G(last_phar);
        fd_ptr = fd;
        goto alias_success;
    }
 
    if (alias && alias_len) {
        if (NULL != (fd_ptr = zend_hash_str_find_ptr(&(PHAR_G(phar_alias_map)), alias, alias_len))) {
alias_success:
            if (fname && (fname_len != fd_ptr->fname_len || strncmp(fname, fd_ptr->fname, fname_len))) {
                if (error) {
                    spprintf(error, 0, "alias \"%s\" is already used for archive \"%s\" cannot be overloaded with \"%s\"", alias, fd_ptr->fname, fname);
                }
                if (SUCCESS == phar_free_alias(fd_ptr, alias, alias_len)) {
                    if (error) {
                        efree(*error);
                        *error = NULL;
                    }
                }
                return FAILURE;
            }
 
            *archive = fd_ptr;
            fd = fd_ptr;
            PHAR_G(last_phar) = fd;
            PHAR_G(last_phar_name) = fd->fname;
            PHAR_G(last_phar_name_len) = fd->fname_len;
            PHAR_G(last_alias) = alias;
            PHAR_G(last_alias_len) = alias_len;
 
            return SUCCESS;
        }
 
        if (PHAR_G(manifest_cached) && NULL != (fd_ptr = zend_hash_str_find_ptr(&cached_alias, alias, alias_len))) {
            goto alias_success;
        }
    }
 
    my_realpath = NULL;
    save = fname;
    save_len = fname_len;
 
    if (fname && fname_len) {
        if (NULL != (fd_ptr = zend_hash_str_find_ptr(&(PHAR_G(phar_fname_map)), fname, fname_len))) {
            *archive = fd_ptr;
            fd = fd_ptr;
 
            if (alias && alias_len) {
                if (!fd->is_temporary_alias && (alias_len != fd->alias_len || memcmp(fd->alias, alias, alias_len))) {
                    if (error) {
                        spprintf(error, 0, "alias \"%s\" is already used for archive \"%s\" cannot be overloaded with \"%s\"", alias, fd_ptr->fname, fname);
                    }
                    return FAILURE;
                }
 
                if (fd->alias_len && NULL != (fd_ptr = zend_hash_str_find_ptr(&(PHAR_G(phar_alias_map)), fd->alias, fd->alias_len))) {
                    zend_hash_str_del(&(PHAR_G(phar_alias_map)), fd->alias, fd->alias_len);
                }
 
                zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), alias, alias_len, fd);
            }
 
            PHAR_G(last_phar) = fd;
            PHAR_G(last_phar_name) = fd->fname;
            PHAR_G(last_phar_name_len) = fd->fname_len;
            PHAR_G(last_alias) = fd->alias;
            PHAR_G(last_alias_len) = fd->alias_len;
 
            return SUCCESS;
        }
 
        if (PHAR_G(manifest_cached) && NULL != (fd_ptr = zend_hash_str_find_ptr(&cached_phars, fname, fname_len))) {
            *archive = fd_ptr;
            fd = fd_ptr;
 
            /* this could be problematic - alias should never be different from manifest alias
               for cached phars */
            if (!fd->is_temporary_alias && alias && alias_len) {
                if (alias_len != fd->alias_len || memcmp(fd->alias, alias, alias_len)) {
                    if (error) {
                        spprintf(error, 0, "alias \"%s\" is already used for archive \"%s\" cannot be overloaded with \"%s\"", alias, fd_ptr->fname, fname);
                    }
                    return FAILURE;
                }
            }
 
            PHAR_G(last_phar) = fd;
            PHAR_G(last_phar_name) = fd->fname;
            PHAR_G(last_phar_name_len) = fd->fname_len;
            PHAR_G(last_alias) = fd->alias;
            PHAR_G(last_alias_len) = fd->alias_len;
 
            return SUCCESS;
        }
 
        if (NULL != (fd_ptr = zend_hash_str_find_ptr(&(PHAR_G(phar_alias_map)), save, save_len))) {
            fd = *archive = fd_ptr;
 
            PHAR_G(last_phar) = fd;
            PHAR_G(last_phar_name) = fd->fname;
            PHAR_G(last_phar_name_len) = fd->fname_len;
            PHAR_G(last_alias) = fd->alias;
            PHAR_G(last_alias_len) = fd->alias_len;
 
            return SUCCESS;
        }
 
        if (PHAR_G(manifest_cached) && NULL != (fd_ptr = zend_hash_str_find_ptr(&cached_alias, save, save_len))) {
            fd = *archive = fd_ptr;
 
            PHAR_G(last_phar) = fd;
            PHAR_G(last_phar_name) = fd->fname;
            PHAR_G(last_phar_name_len) = fd->fname_len;
            PHAR_G(last_alias) = fd->alias;
            PHAR_G(last_alias_len) = fd->alias_len;
 
            return SUCCESS;
        }
 
        /* not found, try converting \ to / */
        my_realpath = expand_filepath(fname, my_realpath);
 
        if (my_realpath) {
            fname_len = strlen(my_realpath);
            fname = my_realpath;
        } else {
            return FAILURE;
        }
#ifdef PHP_WIN32
        phar_unixify_path_separators(fname, fname_len);
#endif
 
        if (NULL != (fd_ptr = zend_hash_str_find_ptr(&(PHAR_G(phar_fname_map)), fname, fname_len))) {
realpath_success:
            *archive = fd_ptr;
            fd = fd_ptr;
 
            if (alias && alias_len) {
                zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), alias, alias_len, fd);
            }
 
            efree(my_realpath);
 
            PHAR_G(last_phar) = fd;
            PHAR_G(last_phar_name) = fd->fname;
            PHAR_G(last_phar_name_len) = fd->fname_len;
            PHAR_G(last_alias) = fd->alias;
            PHAR_G(last_alias_len) = fd->alias_len;
 
            return SUCCESS;
        }
 
        if (PHAR_G(manifest_cached) && NULL != (fd_ptr = zend_hash_str_find_ptr(&cached_phars, fname, fname_len))) {
            goto realpath_success;
        }
 
        efree(my_realpath);
    }
 
    return FAILURE;
}
/* }}} */

char * phar_compress_filter(phar_entry_info * entry, int return_unknown) /* {{{ */
{
    switch (entry->flags & PHAR_ENT_COMPRESSION_MASK) {
    case PHAR_ENT_COMPRESSED_GZ:
        return "zlib.deflate";
    case PHAR_ENT_COMPRESSED_BZ2:
        return "bzip2.compress";
    default:
        return return_unknown ? "unknown" : NULL;
    }
}
/* }}} */

char * phar_decompress_filter(phar_entry_info * entry, int return_unknown) /* {{{ */
{
    uint32_t flags;
 
    if (entry->is_modified) {
        flags = entry->old_flags;
    } else {
        flags = entry->flags;
    }
 
    switch (flags & PHAR_ENT_COMPRESSION_MASK) {
        case PHAR_ENT_COMPRESSED_GZ:
            return "zlib.inflate";
        case PHAR_ENT_COMPRESSED_BZ2:
            return "bzip2.decompress";
        default:
            return return_unknown ? "unknown" : NULL;
    }
}
/* }}} */

phar_entry_info *phar_get_entry_info(phar_archive_data *phar, char *path, size_t path_len, char **error, int security) /* {{{ */
{
    return phar_get_entry_info_dir(phar, path, path_len, 0, error, security);
}
/* }}} */
phar_entry_info *phar_get_entry_info_dir(phar_archive_data *phar, char *path, size_t path_len, char dir, char **error, int security) /* {{{ */
{
    const char *pcr_error;
    phar_entry_info *entry;
    int is_dir;
 
#ifdef PHP_WIN32
    phar_unixify_path_separators(path, path_len);
#endif
 
    is_dir = (path_len && (path[path_len - 1] == '/')) ? 1 : 0;
 
    if (error) {
        *error = NULL;
    }
 
    if (security && path_len >= sizeof(".phar")-1 && !memcmp(path, ".phar", sizeof(".phar")-1)) {
        if (error) {
            spprintf(error, 4096, "phar error: cannot directly access magic \".phar\" directory or files within it");
        }
        return NULL;
    }
 
    if (!path_len && !dir) {
        if (error) {
            spprintf(error, 4096, "phar error: invalid path \"%s\" must not be empty", path);
        }
        return NULL;
    }
 
    if (phar_path_check(&path, &path_len, &pcr_error) > pcr_is_ok) {
        if (error) {
            spprintf(error, 4096, "phar error: invalid path \"%s\" contains %s", path, pcr_error);
        }
        return NULL;
    }
 
    if (!HT_IS_INITIALIZED(&phar->manifest)) {
        return NULL;
    }
 
    if (is_dir) {
        if (path_len <= 1) {
            return NULL;
        }
        path_len--;
    }
 
    if (NULL != (entry = zend_hash_str_find_ptr(&phar->manifest, path, path_len))) {
        if (entry->is_deleted) {
            /* entry is deleted, but has not been flushed to disk yet */
            return NULL;
        }
        if (entry->is_dir && !dir) {
            if (error) {
                spprintf(error, 4096, "phar error: path \"%s\" is a directory", path);
            }
            return NULL;
        }
        if (!entry->is_dir && dir == 2) {
            /* user requested a directory, we must return one */
            if (error) {
                spprintf(error, 4096, "phar error: path \"%s\" exists and is a not a directory", path);
            }
            return NULL;
        }
        return entry;
    }
 
    if (dir) {
        if (zend_hash_str_exists(&phar->virtual_dirs, path, path_len)) {
            /* a file or directory exists in a sub-directory of this path */
            entry = (phar_entry_info *) ecalloc(1, sizeof(phar_entry_info));
            /* this next line tells PharFileInfo->__destruct() to efree the filename */
            entry->is_temp_dir = entry->is_dir = 1;
            entry->filename = (char *) estrndup(path, path_len + 1);
            entry->filename_len = path_len;
            entry->phar = phar;
            return entry;
        }
    }
 
    if (HT_IS_INITIALIZED(&phar->mounted_dirs) && zend_hash_num_elements(&phar->mounted_dirs)) {
        zend_string *str_key;
 
        ZEND_HASH_MAP_FOREACH_STR_KEY(&phar->mounted_dirs, str_key) {
            if (ZSTR_LEN(str_key) >= path_len || strncmp(ZSTR_VAL(str_key), path, ZSTR_LEN(str_key))) {
                continue;
            } else {
                char *test;
                size_t test_len;
                php_stream_statbuf ssb;
 
                if (NULL == (entry = zend_hash_find_ptr(&phar->manifest, str_key))) {
                    if (error) {
                        spprintf(error, 4096, "phar internal error: mounted path \"%s\" could not be retrieved from manifest", ZSTR_VAL(str_key));
                    }
                    return NULL;
                }
 
                if (!entry->tmp || !entry->is_mounted) {
                    if (error) {
                        spprintf(error, 4096, "phar internal error: mounted path \"%s\" is not properly initialized as a mounted path", ZSTR_VAL(str_key));
                    }
                    return NULL;
                }
 
                test_len = spprintf(&test, MAXPATHLEN, "%s%s", entry->tmp, path + ZSTR_LEN(str_key));
 
                if (SUCCESS != php_stream_stat_path(test, &ssb)) {
                    efree(test);
                    return NULL;
                }
 
                if ((ssb.sb.st_mode & S_IFDIR) && !dir) {
                    efree(test);
                    if (error) {
                        spprintf(error, 4096, "phar error: path \"%s\" is a directory", path);
                    }
                    return NULL;
                }
 
                if ((ssb.sb.st_mode & S_IFDIR) == 0 && dir) {
                    efree(test);
                    /* user requested a directory, we must return one */
                    if (error) {
                        spprintf(error, 4096, "phar error: path \"%s\" exists and is a not a directory", path);
                    }
                    return NULL;
                }
 
                /* mount the file just in time */
                if (SUCCESS != phar_mount_entry(phar, test, test_len, path, path_len)) {
                    efree(test);
                    if (error) {
                        spprintf(error, 4096, "phar error: path \"%s\" exists as file \"%s\" and could not be mounted", path, test);
                    }
                    return NULL;
                }
 
                efree(test);
 
                if (NULL == (entry = zend_hash_str_find_ptr(&phar->manifest, path, path_len))) {
                    if (error) {
                        spprintf(error, 4096, "phar error: path \"%s\" exists as file \"%s\" and could not be retrieved after being mounted", path, test);
                    }
                    return NULL;
                }
                return entry;
            }
        } ZEND_HASH_FOREACH_END();
    }
 
    return NULL;
}
/* }}} */
 
static const char hexChars[] = "0123456789ABCDEF";
 
static int phar_hex_str(const char *digest, size_t digest_len, char **signature) /* {{{ */
{
    int pos = -1;
    size_t len = 0;
 
    *signature = (char*)safe_pemalloc(digest_len, 2, 1, PHAR_G(persist));
 
    for (; len < digest_len; ++len) {
        (*signature)[++pos] = hexChars[((const unsigned char *)digest)[len] >> 4];
        (*signature)[++pos] = hexChars[((const unsigned char *)digest)[len] & 0x0F];
    }
    (*signature)[++pos] = '\0';
    return pos;
}
/* }}} */
 
#ifndef PHAR_HAVE_OPENSSL
static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len, uint32_t sig_type) /* {{{ */
{
    zend_fcall_info fci;
    zend_fcall_info_cache fcc;
    zval retval, zp[4], openssl;
    zend_string *str;
 
    ZVAL_STRINGL(&openssl, is_sign ? "openssl_sign" : "openssl_verify", is_sign ? sizeof("openssl_sign")-1 : sizeof("openssl_verify")-1);
    if (*signature_len) {
        ZVAL_STRINGL(&zp[1], *signature, *signature_len);
    } else {
        ZVAL_EMPTY_STRING(&zp[1]);
    }
    ZVAL_STRINGL(&zp[2], key, key_len);
    php_stream_rewind(fp);
    str = php_stream_copy_to_mem(fp, (size_t) end, 0);
    if (str) {
        ZVAL_STR(&zp[0], str);
    } else {
        ZVAL_EMPTY_STRING(&zp[0]);
    }
    if (sig_type == PHAR_SIG_OPENSSL_SHA512) {
        ZVAL_LONG(&zp[3], 9); /* value from openssl.c #define OPENSSL_ALGO_SHA512 9 */
    } else if (sig_type == PHAR_SIG_OPENSSL_SHA256) {
        ZVAL_LONG(&zp[3], 7); /* value from openssl.c #define OPENSSL_ALGO_SHA256 7 */
    } else {
        /* don't rely on default value which may change in the future */
        ZVAL_LONG(&zp[3], 1); /* value from openssl.c #define OPENSSL_ALGO_SHA1   1 */
    }
 
    if ((size_t)end != Z_STRLEN(zp[0])) {
        zval_ptr_dtor_str(&zp[0]);
        zval_ptr_dtor_str(&zp[1]);
        zval_ptr_dtor_str(&zp[2]);
        zval_ptr_dtor_str(&openssl);
        return FAILURE;
    }
 
    if (FAILURE == zend_fcall_info_init(&openssl, 0, &fci, &fcc, NULL, NULL)) {
        zval_ptr_dtor_str(&zp[0]);
        zval_ptr_dtor_str(&zp[1]);
        zval_ptr_dtor_str(&zp[2]);
        zval_ptr_dtor_str(&openssl);
        return FAILURE;
    }
 
    fci.param_count = 4;
    fci.params = zp;
    Z_ADDREF(zp[0]);
    if (is_sign) {
        ZVAL_NEW_REF(&zp[1], &zp[1]);
    } else {
        Z_ADDREF(zp[1]);
    }
    Z_ADDREF(zp[2]);
 
    fci.retval = &retval;
 
    if (FAILURE == zend_call_function(&fci, &fcc)) {
        zval_ptr_dtor_str(&zp[0]);
        zval_ptr_dtor(&zp[1]);
        zval_ptr_dtor_str(&zp[2]);
        zval_ptr_dtor_str(&openssl);
        return FAILURE;
    }
 
    zval_ptr_dtor_str(&openssl);
    Z_DELREF(zp[0]);
 
    if (is_sign) {
        ZVAL_UNREF(&zp[1]);
    } else {
        Z_DELREF(zp[1]);
    }
    Z_DELREF(zp[2]);
 
    zval_ptr_dtor_str(&zp[0]);
    zval_ptr_dtor_str(&zp[2]);
 
    switch (Z_TYPE(retval)) {
        default:
        case IS_LONG:
            zval_ptr_dtor(&zp[1]);
            if (1 == Z_LVAL(retval)) {
                return SUCCESS;
            }
            return FAILURE;
        case IS_TRUE:
            *signature = estrndup(Z_STRVAL(zp[1]), Z_STRLEN(zp[1]));
            *signature_len = Z_STRLEN(zp[1]);
            zval_ptr_dtor(&zp[1]);
            return SUCCESS;
        case IS_FALSE:
            zval_ptr_dtor(&zp[1]);
            return FAILURE;
    }
}
/* }}} */
#endif /* #ifndef PHAR_HAVE_OPENSSL */
 
zend_result phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type, char *sig, size_t sig_len, char *fname, char **signature, size_t *signature_len, char **error) /* {{{ */
{
    size_t read_size, len;
    zend_off_t read_len;
    unsigned char buf[1024];
 
    php_stream_rewind(fp);
 
    switch (sig_type) {
        case PHAR_SIG_OPENSSL_SHA512:
        case PHAR_SIG_OPENSSL_SHA256:
        case PHAR_SIG_OPENSSL: {
#ifdef PHAR_HAVE_OPENSSL
            BIO *in;
            EVP_PKEY *key;
            const EVP_MD *mdtype;
            EVP_MD_CTX *md_ctx;
 
            if (sig_type == PHAR_SIG_OPENSSL_SHA512) {
                mdtype = EVP_sha512();
            } else if (sig_type == PHAR_SIG_OPENSSL_SHA256) {
                mdtype = EVP_sha256();
            } else {
                mdtype = EVP_sha1();
            }
#else
            size_t tempsig;
#endif
            zend_string *pubkey = NULL;
            char *pfile;
            php_stream *pfp;
#ifndef PHAR_HAVE_OPENSSL
            if (!zend_hash_str_exists(&module_registry, "openssl", sizeof("openssl")-1)) {
                if (error) {
                    spprintf(error, 0, "openssl not loaded");
                }
                return FAILURE;
            }
#endif
            /* use __FILE__ . '.pubkey' for public key file */
            spprintf(&pfile, 0, "%s.pubkey", fname);
            pfp = php_stream_open_wrapper(pfile, "rb", 0, NULL);
            efree(pfile);
 
            if (!pfp || !(pubkey = php_stream_copy_to_mem(pfp, PHP_STREAM_COPY_ALL, 0)) || !ZSTR_LEN(pubkey)) {
                if (pfp) {
                    php_stream_close(pfp);
                }
                if (error) {
                    spprintf(error, 0, "openssl public key could not be read");
                }
                return FAILURE;
            }
 
            php_stream_close(pfp);
#ifndef PHAR_HAVE_OPENSSL
            tempsig = sig_len;
 
            if (FAILURE == phar_call_openssl_signverify(0, fp, end_of_phar, ZSTR_VAL(pubkey), ZSTR_LEN(pubkey), &sig, &tempsig, sig_type)) {
                zend_string_release_ex(pubkey, 0);
 
                if (error) {
                    spprintf(error, 0, "openssl signature could not be verified");
                }
 
                return FAILURE;
            }
 
            zend_string_release_ex(pubkey, 0);
 
            sig_len = tempsig;
#else
            in = BIO_new_mem_buf(ZSTR_VAL(pubkey), ZSTR_LEN(pubkey));
 
            if (NULL == in) {
                zend_string_release_ex(pubkey, 0);
                if (error) {
                    spprintf(error, 0, "openssl signature could not be processed");
                }
                return FAILURE;
            }
 
            key = PEM_read_bio_PUBKEY(in, NULL, NULL, NULL);
            BIO_free(in);
            zend_string_release_ex(pubkey, 0);
 
            if (NULL == key) {
                if (error) {
                    spprintf(error, 0, "openssl signature could not be processed");
                }
                return FAILURE;
            }
 
            md_ctx = EVP_MD_CTX_create();
            if (!md_ctx || !EVP_VerifyInit(md_ctx, mdtype)) {
                if (md_ctx) {
                    EVP_MD_CTX_destroy(md_ctx);
                }
                if (error) {
                    spprintf(error, 0, "openssl signature could not be verified");
                }
                return FAILURE;
            }
            read_len = end_of_phar;
 
            if ((size_t)read_len > sizeof(buf)) {
                read_size = sizeof(buf);
            } else {
                read_size = (size_t)read_len;
            }
 
            php_stream_seek(fp, 0, SEEK_SET);
 
            while (read_size && (len = php_stream_read(fp, (char*)buf, read_size)) > 0) {
                if (UNEXPECTED(EVP_VerifyUpdate (md_ctx, buf, len) == 0)) {
                    goto failure;
                }
                read_len -= (zend_off_t)len;
 
                if (read_len < read_size) {
                    read_size = (size_t)read_len;
                }
            }
 
            if (EVP_VerifyFinal(md_ctx, (unsigned char *)sig, sig_len, key) != 1) {
                failure:
                /* 1: signature verified, 0: signature does not match, -1: failed signature operation */
                EVP_PKEY_free(key);
                EVP_MD_CTX_destroy(md_ctx);
 
                if (error) {
                    spprintf(error, 0, "broken openssl signature");
                }
 
                return FAILURE;
            }
 
            EVP_PKEY_free(key);
            EVP_MD_CTX_destroy(md_ctx);
#endif
 
            *signature_len = phar_hex_str((const char*)sig, sig_len, signature);
        }
        break;
        case PHAR_SIG_SHA512: {
            unsigned char digest[64];
            PHP_SHA512_CTX context;
 
            if (sig_len < sizeof(digest)) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            PHP_SHA512Init(&context);
            read_len = end_of_phar;
 
            if ((size_t)read_len > sizeof(buf)) {
                read_size = sizeof(buf);
            } else {
                read_size = (size_t)read_len;
            }
 
            while ((len = php_stream_read(fp, (char*)buf, read_size)) > 0) {
                PHP_SHA512Update(&context, buf, len);
                read_len -= (zend_off_t)len;
                if ((size_t)read_len < read_size) {
                    read_size = (size_t)read_len;
                }
            }
 
            PHP_SHA512Final(digest, &context);
 
            if (memcmp(digest, sig, sizeof(digest))) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            *signature_len = phar_hex_str((const char*)digest, sizeof(digest), signature);
            break;
        }
        case PHAR_SIG_SHA256: {
            unsigned char digest[32];
            PHP_SHA256_CTX context;
 
            if (sig_len < sizeof(digest)) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            PHP_SHA256Init(&context);
            read_len = end_of_phar;
 
            if ((size_t)read_len > sizeof(buf)) {
                read_size = sizeof(buf);
            } else {
                read_size = (size_t)read_len;
            }
 
            while ((len = php_stream_read(fp, (char*)buf, read_size)) > 0) {
                PHP_SHA256Update(&context, buf, len);
                read_len -= (zend_off_t)len;
                if ((size_t)read_len < read_size) {
                    read_size = (size_t)read_len;
                }
            }
 
            PHP_SHA256Final(digest, &context);
 
            if (memcmp(digest, sig, sizeof(digest))) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            *signature_len = phar_hex_str((const char*)digest, sizeof(digest), signature);
            break;
        }
        case PHAR_SIG_SHA1: {
            unsigned char digest[20];
            PHP_SHA1_CTX  context;
 
            if (sig_len < sizeof(digest)) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            PHP_SHA1Init(&context);
            read_len = end_of_phar;
 
            if ((size_t)read_len > sizeof(buf)) {
                read_size = sizeof(buf);
            } else {
                read_size = (size_t)read_len;
            }
 
            while ((len = php_stream_read(fp, (char*)buf, read_size)) > 0) {
                PHP_SHA1Update(&context, buf, len);
                read_len -= (zend_off_t)len;
                if ((size_t)read_len < read_size) {
                    read_size = (size_t)read_len;
                }
            }
 
            PHP_SHA1Final(digest, &context);
 
            if (memcmp(digest, sig, sizeof(digest))) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            *signature_len = phar_hex_str((const char*)digest, sizeof(digest), signature);
            break;
        }
        case PHAR_SIG_MD5: {
            unsigned char digest[16];
            PHP_MD5_CTX   context;
 
            if (sig_len < sizeof(digest)) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            PHP_MD5Init(&context);
            read_len = end_of_phar;
 
            if ((size_t)read_len > sizeof(buf)) {
                read_size = sizeof(buf);
            } else {
                read_size = (size_t)read_len;
            }
 
            while ((len = php_stream_read(fp, (char*)buf, read_size)) > 0) {
                PHP_MD5Update(&context, buf, len);
                read_len -= (zend_off_t)len;
                if ((size_t)read_len < read_size) {
                    read_size = (size_t)read_len;
                }
            }
 
            PHP_MD5Final(digest, &context);
 
            if (memcmp(digest, sig, sizeof(digest))) {
                if (error) {
                    spprintf(error, 0, "broken signature");
                }
                return FAILURE;
            }
 
            *signature_len = phar_hex_str((const char*)digest, sizeof(digest), signature);
            break;
        }
        default:
            if (error) {
                spprintf(error, 0, "broken or unsupported signature");
            }
            return FAILURE;
    }
    return SUCCESS;
}
/* }}} */
 
zend_result phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signature, size_t *signature_length, char **error) /* {{{ */
{
    unsigned char buf[1024];
    size_t sig_len;
 
    php_stream_rewind(fp);
 
    if (phar->signature) {
        efree(phar->signature);
        phar->signature = NULL;
    }
 
    switch(phar->sig_flags) {
        case PHAR_SIG_SHA512: {
            unsigned char digest[64];
            PHP_SHA512_CTX context;
 
            PHP_SHA512Init(&context);
 
            while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
                PHP_SHA512Update(&context, buf, sig_len);
            }
 
            PHP_SHA512Final(digest, &context);
            *signature = estrndup((char *) digest, 64);
            *signature_length = 64;
            break;
        }
        default:
            phar->sig_flags = PHAR_SIG_SHA256;
            ZEND_FALLTHROUGH;
        case PHAR_SIG_SHA256: {
            unsigned char digest[32];
            PHP_SHA256_CTX  context;
 
            PHP_SHA256Init(&context);
 
            while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
                PHP_SHA256Update(&context, buf, sig_len);
            }
 
            PHP_SHA256Final(digest, &context);
            *signature = estrndup((char *) digest, 32);
            *signature_length = 32;
            break;
        }
        case PHAR_SIG_OPENSSL_SHA512:
        case PHAR_SIG_OPENSSL_SHA256:
        case PHAR_SIG_OPENSSL: {
            unsigned char *sigbuf;
#ifdef PHAR_HAVE_OPENSSL
            unsigned int siglen;
            BIO *in;
            EVP_PKEY *key;
            EVP_MD_CTX *md_ctx;
            const EVP_MD *mdtype;
 
            if (phar->sig_flags == PHAR_SIG_OPENSSL_SHA512) {
                mdtype = EVP_sha512();
            } else if (phar->sig_flags == PHAR_SIG_OPENSSL_SHA256) {
                mdtype = EVP_sha256();
            } else {
                mdtype = EVP_sha1();
            }
 
            in = BIO_new_mem_buf(PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len));
 
            if (in == NULL) {
                if (error) {
                    spprintf(error, 0, "unable to write to phar \"%s\" with requested openssl signature", phar->fname);
                }
                return FAILURE;
            }
 
            key = PEM_read_bio_PrivateKey(in, NULL,NULL, "");
            BIO_free(in);
 
            if (!key) {
                if (error) {
                    spprintf(error, 0, "unable to process private key");
                }
                return FAILURE;
            }
 
            md_ctx = EVP_MD_CTX_create();
            if (md_ctx == NULL) {
                EVP_PKEY_free(key);
                if (error) {
                    spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname);
                }
                return FAILURE;
            }
 
            siglen = EVP_PKEY_size(key);
            sigbuf = emalloc(siglen + 1);
 
            if (!EVP_SignInit(md_ctx, mdtype)) {
                EVP_PKEY_free(key);
                efree(sigbuf);
                if (error) {
                    spprintf(error, 0, "unable to initialize openssl signature for phar \"%s\"", phar->fname);
                }
                return FAILURE;
            }
 
            while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
                if (!EVP_SignUpdate(md_ctx, buf, sig_len)) {
                    EVP_PKEY_free(key);
                    efree(sigbuf);
                    if (error) {
                        spprintf(error, 0, "unable to update the openssl signature for phar \"%s\"", phar->fname);
                    }
                    return FAILURE;
                }
            }
 
            if (!EVP_SignFinal (md_ctx, sigbuf, &siglen, key)) {
                EVP_PKEY_free(key);
                efree(sigbuf);
                if (error) {
                    spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname);
                }
                return FAILURE;
            }
 
            sigbuf[siglen] = '\0';
            EVP_PKEY_free(key);
            EVP_MD_CTX_destroy(md_ctx);
#else
            size_t siglen;
            sigbuf = NULL;
            siglen = 0;
            php_stream_seek(fp, 0, SEEK_END);
 
            if (FAILURE == phar_call_openssl_signverify(1, fp, php_stream_tell(fp), PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len), (char **)&sigbuf, &siglen, phar->sig_flags)) {
                if (error) {
                    spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname);
                }
                return FAILURE;
            }
#endif
            *signature = (char *) sigbuf;
            *signature_length = siglen;
        }
        break;
        case PHAR_SIG_SHA1: {
            unsigned char digest[20];
            PHP_SHA1_CTX  context;
 
            PHP_SHA1Init(&context);
 
            while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
                PHP_SHA1Update(&context, buf, sig_len);
            }
 
            PHP_SHA1Final(digest, &context);
            *signature = estrndup((char *) digest, 20);
            *signature_length = 20;
            break;
        }
        case PHAR_SIG_MD5: {
            unsigned char digest[16];
            PHP_MD5_CTX   context;
 
            PHP_MD5Init(&context);
 
            while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) > 0) {
                PHP_MD5Update(&context, buf, sig_len);
            }
 
            PHP_MD5Final(digest, &context);
            *signature = estrndup((char *) digest, 16);
            *signature_length = 16;
            break;
        }
    }
 
    phar->sig_len = phar_hex_str((const char *)*signature, *signature_length, &phar->signature);
    return SUCCESS;
}
/* }}} */
 
void phar_add_virtual_dirs(phar_archive_data *phar, char *filename, size_t filename_len) /* {{{ */
{
    const char *s;
    zend_string *str;
    zval *ret;
 
    while ((s = zend_memrchr(filename, '/', filename_len))) {
        filename_len = s - filename;
        if (!filename_len) {
            break;
        }
        if (GC_FLAGS(&phar->virtual_dirs) & GC_PERSISTENT) {
            str = zend_string_init_interned(filename, filename_len, 1);
        } else {
            str = zend_string_init(filename, filename_len, 0);
        }
        ret = zend_hash_add_empty_element(&phar->virtual_dirs, str);
        zend_string_release(str);
        if (ret == NULL) {
            break;
        }
    }
}
/* }}} */
 
static int phar_update_cached_entry(zval *data, void *argument) /* {{{ */
{
    phar_entry_info *entry = (phar_entry_info *)Z_PTR_P(data);
 
    entry->phar = (phar_archive_data *)argument;
 
    if (entry->link) {
        entry->link = estrdup(entry->link);
    }
 
    if (entry->tmp) {
        entry->tmp = estrdup(entry->tmp);
    }
 
    entry->filename = estrndup(entry->filename, entry->filename_len);
    entry->is_persistent = 0;
 
    /* Replace metadata with non-persistent clones of the metadata. */
    phar_metadata_tracker_clone(&entry->metadata_tracker);
    return ZEND_HASH_APPLY_KEEP;
}
/* }}} */
 
static void phar_manifest_copy_ctor(zval *zv) /* {{{ */
{
    phar_entry_info *info = emalloc(sizeof(phar_entry_info));
    memcpy(info, Z_PTR_P(zv), sizeof(phar_entry_info));
    Z_PTR_P(zv) = info;
}
/* }}} */
 
static void phar_copy_cached_phar(phar_archive_data **pphar) /* {{{ */
{
    phar_archive_data *phar;
    HashTable newmanifest;
    char *fname;
    phar_archive_object *objphar;
 
    phar = (phar_archive_data *) emalloc(sizeof(phar_archive_data));
    *phar = **pphar;
    phar->is_persistent = 0;
    fname = phar->fname;
    phar->fname = estrndup(phar->fname, phar->fname_len);
    phar->ext = phar->fname + (phar->ext - fname);
 
    if (phar->alias) {
        phar->alias = estrndup(phar->alias, phar->alias_len);
    }
 
    if (phar->signature) {
        phar->signature = estrdup(phar->signature);
    }
 
    phar_metadata_tracker_clone(&phar->metadata_tracker);
 
    zend_hash_init(&newmanifest, sizeof(phar_entry_info),
        zend_get_hash_value, destroy_phar_manifest_entry, 0);
    zend_hash_copy(&newmanifest, &(*pphar)->manifest, phar_manifest_copy_ctor);
    zend_hash_apply_with_argument(&newmanifest, phar_update_cached_entry, (void *)phar);
    phar->manifest = newmanifest;
    zend_hash_init(&phar->mounted_dirs, sizeof(char *),
        zend_get_hash_value, NULL, 0);
    zend_hash_init(&phar->virtual_dirs, sizeof(char *),
        zend_get_hash_value, NULL, 0);
    zend_hash_copy(&phar->virtual_dirs, &(*pphar)->virtual_dirs, NULL);
    *pphar = phar;
 
    /* now, scan the list of persistent Phar objects referencing this phar and update the pointers */
    ZEND_HASH_MAP_FOREACH_PTR(&PHAR_G(phar_persist_map), objphar) {
        if (objphar->archive->fname_len == phar->fname_len && !memcmp(objphar->archive->fname, phar->fname, phar->fname_len)) {
            objphar->archive = phar;
        }
    } ZEND_HASH_FOREACH_END();
}
/* }}} */
 
zend_result phar_copy_on_write(phar_archive_data **pphar) /* {{{ */
{
    zval zv, *pzv;
    phar_archive_data *newpphar;
 
    ZVAL_PTR(&zv, *pphar);
    if (NULL == (pzv = zend_hash_str_add(&(PHAR_G(phar_fname_map)), (*pphar)->fname, (*pphar)->fname_len, &zv))) {
        return FAILURE;
    }
 
    phar_copy_cached_phar((phar_archive_data **)&Z_PTR_P(pzv));
    newpphar = Z_PTR_P(pzv);
    /* invalidate phar cache */
    PHAR_G(last_phar) = NULL;
    PHAR_G(last_phar_name) = PHAR_G(last_alias) = NULL;
 
    if (newpphar->alias_len && NULL == zend_hash_str_add_ptr(&(PHAR_G(phar_alias_map)), newpphar->alias, newpphar->alias_len, newpphar)) {
        zend_hash_str_del(&(PHAR_G(phar_fname_map)), (*pphar)->fname, (*pphar)->fname_len);
        return FAILURE;
    }
 
    *pphar = newpphar;
    return SUCCESS;
}
/* }}} */