update docs to current CVS

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@261168 c90b9560-bf6c-de11-be94-00142212c4b1
2025-03-15 16:38:54 +00:00 · 2008-06-13 22:11:39 +00:00 · 2008-06-13 22:11:39 +00:00 · d8c4e6e84a
commit d8c4e6e84a
parent 2305da6e51
6 changed files with 100 additions and 40 deletions
--- a/reference/phar/Phar/setSignatureAlgorithm.xml
+++ b/reference/phar/Phar/setSignatureAlgorithm.xml
@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- $Revision: 1.2 $ -->
+<!-- $Revision: 1.3 $ -->
 <refentry xml:id="phar.setsignaturealgorithm" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
 <refnamediv>
  <refname>Phar::setSignatureAlgorithm</refname>
-  <refpurpose>set the signature algorithm for a phar and apply it.  The</refpurpose>
+  <refpurpose>set the signature algorithm for a phar and apply it.</refpurpose>
 </refnamediv>

 <refsect1 role="description">
@ -11,6 +11,7 @@
  <methodsynopsis>
   <type>array</type><methodname>Phar::setSignatureAlgorithm</methodname>
   <methodparam><type>int</type><parameter>sigtype</parameter></methodparam>
+   <methodparam choice="opt"><type>string</type><parameter>privatekey</parameter></methodparam>
  </methodsynopsis>
  &phar.write;

@ -18,8 +19,14 @@
   set the signature algorithm for a phar and apply it.  The
   signature algorithm must be one of <literal>Phar::MD5</literal>,
   <literal>Phar::SHA1</literal>, <literal>Phar::SHA256</literal>,
-   <literal>Phar::SHA512</literal>, or <literal>Phar::PGP</literal>
-   (pgp not yet supported and falls back to SHA-1).
+   <literal>Phar::SHA512</literal>, or <literal>Phar::OPENSSL</literal>.
+  </para>
+  <para>
+   Note that all phar-based and tar-based phar archives have a signature created
+   automatically, <literal>SHA1</literal> by default.  data tar-based archives
+   (archives created with the <classname>PharData</classname> class) must have
+   their signature created and set explicitly via
+   <function>Phar::setSignatureAlgorithm</function>.
  </para>
 </refsect1>

@ -33,7 +40,26 @@
      <para>
       One of <literal>Phar::MD5</literal>,
   <literal>Phar::SHA1</literal>, <literal>Phar::SHA256</literal>,
-   <literal>Phar::SHA512</literal>, or <literal>Phar::PGP</literal>
+   <literal>Phar::SHA512</literal>, or <literal>Phar::OPENSSL</literal>
+      </para>
+     </listitem>
+    </varlistentry>
+    <varlistentry>
+     <term><parameter>privatekey</parameter></term>
+     <listitem>
+      <para>
+       The contents of an OpenSSL private key, as extracted from a certificate or
+       OpenSSL key file:
+       <programlisting role="php">
+        <![CDATA[
+$private = openssl_get_privatekey(file_get_contents('private.pem'));
+$pkey = '';
+openssl_pkey_export($private, $pkey);
+$p->setSignatureAlgorithm(Phar::OPENSSL, $pkey);
+        ]]>
+       </programlisting>
+       See <link linkend="phar.using">phar introduction</link> for instructions on
+       naming and placement of the public key file.
      </para>
     </listitem>
    </varlistentry>
@ -51,8 +77,8 @@
  &reftitle.errors;
  <para>
   Throws <classname>UnexpectedValueException</classname> for many errors,
-   <classname>BadMethodCallException</classname> if called for a zip- or
-   a tar-based phar archive, and a <classname>PharException</classname>
+   <classname>BadMethodCallException</classname> if called for a zip-based phar
+   archive, and a <classname>PharException</classname>
   if any problems occur flushing changes to disk.
  </para>
 </refsect1>
--- a/reference/phar/constants.xml
+++ b/reference/phar/constants.xml
@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- $Revision: 1.4 $ -->
+<!-- $Revision: 1.5 $ -->

 <appendix xml:id="phar.constants" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
 &reftitle.constants;
@ -141,11 +141,12 @@
     </row>
     <row>
      <entry>
-       <constant>Phar::PGP</constant>
+       <constant>Phar::OPENSSL</constant>
       (<type>integer</type>)
      </entry>
      <entry>0x0010</entry>
-      <entry>signature with PGP (unimplemented)</entry>
+      <entry>signature with OpenSSL public/private key pair.  This is a true,
+      asymmetric key signature.</entry>
     </row>
    </tbody>
   </tgroup>
@ -181,30 +182,6 @@
      of <function>Phar::webPhar</function> that the extension should be
      parsed as a PHP source file through <function>highlight_file</function></entry>
     </row>
-     <row>
-      <entry>
-       <constant>Phar::SHA256</constant>
-       (<type>integer</type>)
-      </entry>
-      <entry>0x0003</entry>
-      <entry>signature with sha256 hash algorithm (requires hash extension)</entry>
-     </row>
-     <row>
-      <entry>
-       <constant>Phar::SHA512</constant>
-       (<type>integer</type>)
-      </entry>
-      <entry>0x0004</entry>
-      <entry>signature with sha512 hash algorithm (requires hash extension)</entry>
-     </row>
-     <row>
-      <entry>
-       <constant>Phar::PHP</constant>
-       (<type>integer</type>)
-      </entry>
-      <entry>0x0010</entry>
-      <entry>signature with PGP (unimplemented)</entry>
-     </row>
    </tbody>
   </tgroup>
  </table>
--- a/reference/phar/fileformat.xml
+++ b/reference/phar/fileformat.xml
@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.12 $ -->
+<!-- $Revision: 1.13 $ -->
 <chapter xml:id="phar.fileformat" xmlns="http://docbook.org/ns/docbook">
 <title>What makes a phar a phar and not a tar or a zip?</title>
 <section xml:id="phar.fileformat.ingredients" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
@ -113,7 +113,7 @@ __HALT_COMPILER();
     <row>
      <entry>Whole-archive signature validation</entry>
      <entry>Yes</entry>
-      <entry>No</entry>
+      <entry>Yes</entry>
      <entry>No</entry>
     </row>
     <row>
--- a/reference/phar/ini.xml
+++ b/reference/phar/ini.xml
@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.8 $ -->
+<!-- $Revision: 1.9 $ -->
 <section xml:id="phar.configuration" xmlns="http://docbook.org/ns/docbook">
 &reftitle.runtime;
 &extension.runtime;
@ -34,6 +34,12 @@
      <entry>PHP_INI_ALL</entry>
      <entry>Available from phar 1.1.0 to 1.2.3, removed in 2.0.0.</entry>
     </row>
+     <row>
+      <entry>phar.cache_list</entry>
+      <entry>""</entry>
+      <entry>PHP_INI_SYSTEM</entry>
+      <entry>Available from phar 2.0.0.</entry>
+     </row>
    </tbody>
   </tgroup>
  </table>
@ -120,6 +126,35 @@ phar.extract_list = archive=/full/path/to/archive/,arch2=/full/path/to/arch2
 include "phar://archive/content.php";
 include "phar://arch2/foo.php";
 ?>
+]]>
+       </programlisting>
+      </example>
+     </para>
+    </listitem>
+   </varlistentry>
+
+   <varlistentry xml:id="ini.phar.cache-list">
+    <term>
+     <parameter>phar.cache_list</parameter>
+     <type>string</type>
+    </term>
+    <listitem>
+     <para>
+      This INI setting was added in phar 2.0.0
+     </para>
+     <para>
+      Allows mapping phar archives to be pre-parsed at web server startup,
+      providing a performance improvement that brings running files out of a
+      phar archive very close to the speed of running those files from a
+      traditional disk-based installation.
+      <example>
+       <title>phar.cache_list usage example</title>
+       <programlisting role="php">
+<![CDATA[
+in php.ini (windows):
+phar.cache_list =C:\path\to\phar1.phar;C:\path\to\phar2.phar
+in php.ini (unix):
+phar.cache_list =/path/to/phar1.phar:/path/to/phar2.phar
 ]]>
       </programlisting>
      </example>
--- a/reference/phar/setup.xml
+++ b/reference/phar/setup.xml
@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<!-- $Revision: 1.4 $ -->
+<!-- $Revision: 1.5 $ -->

 <chapter xml:id="phar.setup" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
 &reftitle.setup;
@ -16,7 +16,9 @@
  <para>
   You may optionally wish to enable the <link linkend="book.zlib" >zlib</link>
   and <link linkend="book.bzip2" >bzip2</link> extensions to take
-   advantage of compressed phar support.
+   advantage of compressed phar support.  In addition, to take advantage of
+   OpenSSL signing, the <link linkend="book.openssl">OpenSSL</link> extension must be
+   enabled.
  </para>
  <para>
   Note that a bug in the <link linkend="filters.compression">zlib.deflate</link> stream filter
--- a/reference/phar/using.xml
+++ b/reference/phar/using.xml
@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.12 $ -->
+<!-- $Revision: 1.13 $ -->
 <chapter xml:id="phar.using" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
 <title>Using Phar Archives</title>

@ -119,6 +119,26 @@ try {
   </programlisting>
  </informalexample>
 </para>
+ <para>
+  In addition, verification of phar file contents can be done using any of the
+  supported symmetric hash algorithms (MD5, SHA1, SHA256 and SHA512 if ext/hash is enabled)
+  and using asymmetric public/private key signing using OpenSSL (new in Phar 2.0.0).  To
+  take advantage of OpenSSL signing, you need to generate a public/private key pair, and
+  use the private key to set the signature using
+  <function>Phar::setSignatureAlgorithm</function>.  In addition, the public key
+  as extracted using this code:
+  <programlisting role="php">
+   <![CDATA[
+$public = openssl_get_publickey(file_get_contents('private.pem'));
+$pkey = '';
+openssl_pkey_export($public, $pkey);
+   ]]>
+  </programlisting>
+  must be saved adjacent to the phar archive it verifies.  If the phar archive
+  is saved as <literal>/path/to/my.phar</literal>, the public key must be saved
+  as <literal>/path/to/my.phar.pubkey</literal>, or phar will be unable to verify
+  the OpenSSL signature.
+ </para>
 <para>
  As of version 2.0.0, The <classname>Phar</classname> class also provides 3 static methods, <function>Phar::webPhar</function>,
  <function>Phar::mungServer</function> and <function>Phar::interceptFileFuncs</function> that are crucial