drkthunder02/w4rpservices
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

composeer update

Browse Source
This commit is contained in:
drkthunder02
2019-06-23 11:49:01 +00:00
parent fc2380d68c
commit e9efe70112
327 changed files with 5194 additions and 2278 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
vendor/opis/closure/CHANGELOG.md vendored
View File

@@ -1,6 +1,13 @@
CHANGELOG
---------
### v3.3.0, 2019.05.31
- Fixed a bug that prevented signed closures to properly work when the serialized string
contains invalid UTF-8 chars. Starting with this version `json_encode` is no longer used
when signing a closure. Backward compatibility is maintained and all closures that were
previously signed using the old method will continue to work.
### v3.2.0, 2019.05.05
- Since an unsigned closure can be unserialized when no security provider is set,

2
vendor/opis/closure/README.md vendored
View File

@@ -61,7 +61,7 @@ Or you could directly reference it into your `composer.json` file as a dependenc
```json
{
"require": {
"opis/closure": "^3.2"
"opis/closure": "^3.3"
}
}
```

4
vendor/opis/closure/composer.json vendored
View File

@@ -19,7 +19,7 @@
},
"require-dev": {
"jeremeamia/superclosure": "^2.0",
"phpunit/phpunit": "^4.0|^5.0|^6.0|^7.0"
"phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0"
},
"autoload": {
"psr-4": {
@@ -34,7 +34,7 @@
},
"extra": {
"branch-alias": {
"dev-master": "3.2.x-dev"
"dev-master": "3.3.x-dev"
}
}
}

35
vendor/opis/closure/src/SerializableClosure.php vendored
View File

@@ -155,8 +155,9 @@ class SerializableClosure implements Serializable
'self' => $this->reference,
));
if(static::$securityProvider !== null){
$ret = '@' . json_encode(static::$securityProvider->sign($ret));
if (static::$securityProvider !== null) {
$data = static::$securityProvider->sign($ret);
$ret = '@' . $data['hash'] . '.' . $data['closure'];
}
if (!--$this->scope->serializations && !--$this->scope->toserialize) {
@@ -193,7 +194,20 @@ class SerializableClosure implements Serializable
"Make sure you use a security provider for both serialization and unserialization.");
}
$data = json_decode(substr($data, 1), true);
if ($data[1] !== '{') {
$separator = strpos($data, '.');
if ($separator === false) {
throw new SecurityException('Invalid signed closure');
}
$hash = substr($data, 1, $separator - 1);
$closure = substr($data, $separator + 1);
$data = ['hash' => $hash, 'closure' => $closure];
unset($hash, $closure);
} else {
$data = json_decode(substr($data, 1), true);
}
if (!is_array($data) || !static::$securityProvider->verify($data)) {
throw new SecurityException("Your serialized closure might have been modified and it's unsafe to be unserialized. " .
@@ -203,7 +217,20 @@ class SerializableClosure implements Serializable
$data = $data['closure'];
} elseif ($data[0] === '@') {
$data = json_decode(substr($data, 1), true);
if ($data[1] !== '{') {
$separator = strpos($data, '.');
if ($separator === false) {
throw new SecurityException('Invalid signed closure');
}
$hash = substr($data, 1, $separator - 1);
$closure = substr($data, $separator + 1);
$data = ['hash' => $hash, 'closure' => $closure];
unset($hash, $closure);
} else {
$data = json_decode(substr($data, 1), true);
}
if (!is_array($data) || !isset($data['closure']) || !isset($data['hash'])) {
throw new SecurityException('Invalid signed closure');