--- a/main/php_ini.c 2024-04-09 20:46:23.000000000 +0200 +++ b/main/php_ini.c 2024-04-16 13:25:25.036863384 +0200 @@ -806,6 +806,56 @@ } /* }}} */ + +/* {{{ php_parse_extra_ini + */ +PHPAPI int php_parse_extra_ini(const char *ini_file) +{ + int ret = FAILURE; + if (!sapi_module.php_ini_ignore && ini_file) { + zend_stat_t sb; + + if (VCWD_STAT(ini_file, &sb) == 0) { + if (S_ISREG(sb.st_mode)) { + zend_file_handle fh; + zend_stream_init_fp(&fh, VCWD_FOPEN(ini_file, "r"), ini_file); + if (fh.handle.fp) { + /* Reset active ini section */ + RESET_ACTIVE_INI_HASH(); + + /* add a fake-host section so our settings will be changed to PHP_INI_SYSTEM during merge */ + zval fakehost; + ZVAL_NEW_STR(&fakehost, zend_string_init(ZEND_STRL("HOST=\%fake\%"), 0)); + php_ini_parser_cb(&fakehost, NULL, NULL, ZEND_INI_PARSER_SECTION, &configuration_hash); + + if (zend_parse_ini_file(&fh, 1, ZEND_INI_SCANNER_NORMAL, (zend_ini_parser_cb_t) php_ini_parser_cb, &configuration_hash) == SUCCESS) { + /* add the file to the list of ini files read */ + int add_len = (int)strlen(ini_file) + 2; + + int php_ini_scanned_files_len = (php_ini_scanned_files) ? (int)strlen(php_ini_scanned_files) + 1 : 0; + php_ini_scanned_files = (char *) realloc(php_ini_scanned_files, php_ini_scanned_files_len + add_len + 1); + if (!php_ini_scanned_files_len) { + *php_ini_scanned_files = '\0'; + } + add_len += php_ini_scanned_files_len; + if (php_ini_scanned_files_len) { + php_ini_scanned_files[php_ini_scanned_files_len - 2] = '\0'; + strlcat(php_ini_scanned_files, ",\n", add_len); + } + strlcat(php_ini_scanned_files, ini_file, add_len); + strlcat(php_ini_scanned_files, "\n", add_len); + ret = SUCCESS; + } + } + zend_destroy_file_handle(&fh); + } + } + } + return ret; +} +/* }}} */ + + /* {{{ php_ini_activate_config */ PHPAPI void php_ini_activate_config(HashTable *source_hash, int modify_type, int stage) { --- a/main/php_ini.h 2024-04-09 20:46:23.000000000 +0200 +++ b/main/php_ini.h 2024-04-16 13:21:34.228596349 +0200 @@ -30,6 +30,7 @@ PHPAPI int cfg_get_double(const char *varname, double *result); PHPAPI int cfg_get_string(const char *varname, char **result); PHPAPI int php_parse_user_ini_file(const char *dirname, const char *ini_filename, HashTable *target_hash); +PHPAPI int php_parse_extra_ini(const char *ini_file); PHPAPI void php_ini_activate_config(HashTable *source_hash, int modify_type, int stage); PHPAPI int php_ini_has_per_dir_config(void); PHPAPI int php_ini_has_per_host_config(void); --- a/sapi/cgi/cgi_main.c 2024-04-16 13:20:31.370068331 +0200 +++ b/sapi/cgi/cgi_main.c 2024-04-16 13:23:47.506595653 +0200 @@ -867,6 +867,9 @@ if (php_ini_has_per_host_config()) { char *server_name; + /* activate our fake host entries. lowercase string required! */ + php_ini_activate_per_host_config(ZEND_STRL("\%fake\%")); + /* Activate per-host-system-configuration defined in php.ini and stored into configuration_hash during startup */ if (fcgi_is_fastcgi()) { fcgi_request *request = (fcgi_request*) SG(server_context); @@ -967,7 +970,11 @@ static int php_cgi_startup(sapi_module_struct *sapi_module) { - return php_module_startup(sapi_module, &cgi_module_entry); + int ret = php_module_startup(sapi_module, &cgi_module_entry); + if (ret == SUCCESS) { + php_parse_extra_ini(getenv("PHP_INI_EXTRA")); + } + return ret; } /* {{{ sapi_module_struct cgi_sapi_module */ --- a/sapi/cli/php_cli.c 2024-04-16 13:20:31.414068001 +0200 +++ b/sapi/cli/php_cli.c 2024-04-16 13:22:32.201161054 +0200 @@ -411,7 +411,11 @@ static int php_cli_startup(sapi_module_struct *sapi_module) /* {{{ */ { - return php_module_startup(sapi_module, NULL); + int ret = php_module_startup(sapi_module, NULL); + if (ret == SUCCESS) { + php_parse_extra_ini(getenv("PHP_INI_EXTRA")); + } + return ret; } /* }}} */ @@ -1358,6 +1362,12 @@ CG(compiler_options) |= ZEND_COMPILE_EXTENDED_INFO; } + if (php_ini_has_per_host_config()) { + /* activate our fake host entries. lowercase string required! */ + php_ini_activate_per_host_config(ZEND_STRL("\%fake\%")); + php_ini_activate_per_host_config(ZEND_STRL("\%cli\%")); + } + zend_first_try { #ifndef PHP_CLI_WIN32_NO_CONSOLE if (sapi_module == &cli_sapi_module) { --- a/sapi/fpm/fpm/fpm_conf.c 2024-04-16 13:20:31.448067745 +0200 +++ b/sapi/fpm/fpm/fpm_conf.c 2024-04-16 13:21:34.230596333 +0200 @@ -157,6 +157,7 @@ { "decorate_workers_output", &fpm_conf_set_boolean, WPO(decorate_workers_output) }, { "clear_env", &fpm_conf_set_boolean, WPO(clear_env) }, { "security.limit_extensions", &fpm_conf_set_string, WPO(security_limit_extensions) }, + { "extra_ini", &fpm_conf_set_string, WPO(extra_ini) }, #ifdef HAVE_APPARMOR { "apparmor_hat", &fpm_conf_set_string, WPO(apparmor_hat) }, #endif @@ -676,6 +677,7 @@ free(wpc->chroot); free(wpc->chdir); free(wpc->security_limit_extensions); + free(wpc->extra_ini); #ifdef HAVE_APPARMOR free(wpc->apparmor_hat); #endif @@ -1080,6 +1082,11 @@ wp->config->request_slowlog_trace_depth = 20; } + /* extra_ini */ + if (wp->config->extra_ini && *wp->config->extra_ini) { + fpm_evaluate_full_path(&wp->config->extra_ini, wp, NULL, 0); + } + /* chroot */ if (wp->config->chroot && *wp->config->chroot) { @@ -1782,6 +1789,7 @@ zlog(ZLOG_NOTICE, "\tdecorate_workers_output = %s", BOOL2STR(wp->config->decorate_workers_output)); zlog(ZLOG_NOTICE, "\tclear_env = %s", BOOL2STR(wp->config->clear_env)); zlog(ZLOG_NOTICE, "\tsecurity.limit_extensions = %s", wp->config->security_limit_extensions); + zlog(ZLOG_NOTICE, "\textra_ini = %s", STR2STR(wp->config->extra_ini)); for (kv = wp->config->env; kv; kv = kv->next) { zlog(ZLOG_NOTICE, "\tenv[%s] = %s", kv->key, kv->value); --- a/sapi/fpm/fpm/fpm_conf.h 2024-04-16 13:20:31.439067813 +0200 +++ b/sapi/fpm/fpm/fpm_conf.h 2024-04-16 13:21:34.230596333 +0200 @@ -94,6 +94,7 @@ int decorate_workers_output; int clear_env; char *security_limit_extensions; + char *extra_ini; struct key_value_s *env; struct key_value_s *php_admin_values; struct key_value_s *php_values; --- a/sapi/fpm/fpm/fpm_main.c 2024-04-16 13:20:31.389068189 +0200 +++ b/sapi/fpm/fpm/fpm_main.c 2024-04-16 13:21:34.230596333 +0200 @@ -715,6 +715,9 @@ } if (php_ini_has_per_host_config()) { + /* activate our fake host entries. lowercase string required! */ + php_ini_activate_per_host_config(ZEND_STRL("\%fake\%")); + /* Activate per-host-system-configuration defined in php.ini and stored into configuration_hash during startup */ server_name = FCGI_GETENV(request, "SERVER_NAME"); /* SERVER_NAME should also be defined at this stage..but better check it anyway */ --- a/sapi/fpm/fpm/fpm_php.c 2024-04-16 13:20:31.440067806 +0200 +++ b/sapi/fpm/fpm/fpm_php.c 2024-04-16 13:21:34.231596326 +0200 @@ -245,6 +245,8 @@ int fpm_php_init_child(struct fpm_worker_pool_s *wp) /* {{{ */ { + php_parse_extra_ini(wp->config->extra_ini); + if (0 > fpm_php_apply_defines(wp) || 0 > fpm_php_set_allowed_clients(wp)) { return -1;