20 changed files with 1214 additions and 6892 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/php-8.0.30.tar.xz
+SOURCES/php-8.2.25.tar.xz
--- a/.php.metadata
+++ b/.php.metadata
@ -1 +1 @@
-f6d5137d6ce3e52b6d8a582e2990913f2807add4 SOURCES/php-8.0.30.tar.xz
+39d38455c9060697fb2dd2e0b99e96b1a7608fb6 SOURCES/php-8.2.25.tar.xz
--- a/SOURCES/10-opcache.ini
+++ b/SOURCES/10-opcache.ini
@ -115,7 +115,12 @@ opcache.blacklist_filename=/etc/php.d/opcache*.blacklist
 ;opcache.file_cache_fallback=1
 ; Enables or disables copying of PHP code (text segment) into HUGE PAGES.
-; This should improve performance, but requires appropriate OS configuration.
+; Under certain circumstances (if only a single global PHP process is
 ; started from which all others fork), this can increase performance
 ; by a tiny amount because TLB misses are reduced.  On the other hand, this
 ; delays PHP startup, increases memory usage and degrades performance
 ; under memory pressure - use with care.
 ; Requires appropriate OS configuration.
 opcache.huge_code_pages=0
 ; Validate cached file permissions.
@ -136,12 +141,12 @@ opcache.huge_code_pages=0
 ; Specifies a PHP script that is going to be compiled and executed at server
 ; start-up.
-; http://php.net/opcache.preload
+; https://php.net/opcache.preload
 ;opcache.preload=
 ; Preloading code as root is not allowed for security reasons. This directive
 ; facilitates to let the preloading to be run as another user.
-; http://php.net/opcache.preload_user
+; https://php.net/opcache.preload_user
 ;opcache.preload_user=
 ; Prevents caching files that are less than this number of seconds old. It
--- a/SOURCES/macros.php
+++ b/SOURCES/macros.php
@ -18,4 +18,10 @@
 %__php         %{_bindir}/php
 %__ztsphp      %{_bindir}/zts-php
 %__phpize      %{_bindir}/phpize
 %__ztsphpize   %{_bindir}/zts-phpize
 %__phpconfig    %{_bindir}/php-config
 %__ztsphpconfig %{_bindir}/zts-php-config
 %pecl_xmldir   %{_sharedstatedir}/php/peclxml
--- a/SOURCES/php-8.0.0-phpinfo.patch
+++ b/SOURCES/php-8.0.0-phpinfo.patch
@ -1,118 +0,0 @@
 Drop "Configure Command" from phpinfo as it doesn't
 provide any useful information.
 The available extensions are not related to this command.
 Replace full GCC name by gcc in php -v output
 Also apply
 From 9bf43c45908433d382f0499d529849172d0d8206 Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@remirepo.net>
 Date: Mon, 28 Dec 2020 08:33:09 +0100
 Subject: [PATCH] rename COMPILER and ARCHITECTURE macro (too generic)
 ---
 configure.ac             |  4 ++--
 ext/standard/info.c      |  8 ++++----
 sapi/cli/php_cli.c       |  8 ++++----
 win32/build/confutils.js | 10 +++++-----
 4 files changed, 15 insertions(+), 15 deletions(-)
 diff --git a/configure.ac b/configure.ac
 index 9d9c8b155b07..143dc061346b 100644
 --- a/configure.ac
 +++ b/configure.ac
@@ -1289,10 +1289,10 @@ if test -n "${PHP_BUILD_PROVIDER}"; then
   AC_DEFINE_UNQUOTED(PHP_BUILD_PROVIDER,"$PHP_BUILD_PROVIDER",[build provider])
 fi
 if test -n "${PHP_BUILD_COMPILER}"; then
 -  AC_DEFINE_UNQUOTED(COMPILER,"$PHP_BUILD_COMPILER",[used compiler for build])
 +  AC_DEFINE_UNQUOTED(PHP_BUILD_COMPILER,"$PHP_BUILD_COMPILER",[used compiler for build])
 fi
 if test -n "${PHP_BUILD_ARCH}"; then
 -  AC_DEFINE_UNQUOTED(ARCHITECTURE,"$PHP_BUILD_ARCH",[build architecture])
 +  AC_DEFINE_UNQUOTED(PHP_BUILD_ARCH,"$PHP_BUILD_ARCH",[build architecture])
 fi
 PHP_SUBST_OLD(PHP_INSTALLED_SAPIS)
 diff --git a/ext/standard/info.c b/ext/standard/info.c
 index 153cb6cde014..8ceef31d9fe4 100644
 --- a/ext/standard/info.c
 +++ b/ext/standard/info.c
@@ -798,11 +798,11 @@ PHPAPI ZEND_COLD void php_print_info(int flag)
 #ifdef PHP_BUILD_PROVIDER
 		php_info_print_table_row(2, "Build Provider", PHP_BUILD_PROVIDER);
 #endif
 -#ifdef COMPILER
 -		php_info_print_table_row(2, "Compiler", COMPILER);
 +#ifdef PHP_BUILD_COMPILER
 +		php_info_print_table_row(2, "Compiler", PHP_BUILD_COMPILER);
 #endif
 -#ifdef ARCHITECTURE
 -		php_info_print_table_row(2, "Architecture", ARCHITECTURE);
 +#ifdef PHP_BUILD_ARCH
 +		php_info_print_table_row(2, "Architecture", PHP_BUILD_ARCH);
 #endif
 #ifdef CONFIGURE_COMMAND
 		php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
 diff --git a/sapi/cli/php_cli.c b/sapi/cli/php_cli.c
 index 5092fb0ffd68..9d296acec631 100644
 --- a/sapi/cli/php_cli.c
 +++ b/sapi/cli/php_cli.c
@@ -640,12 +640,12 @@ static int do_cli(int argc, char **argv) /* {{{ */
 #else
 					"NTS "
 #endif
 -#ifdef COMPILER
 -					COMPILER
 +#ifdef PHP_BUILD_COMPILER
 +					PHP_BUILD_COMPILER
 					" "
 #endif
 -#ifdef ARCHITECTURE
 -					ARCHITECTURE
 +#ifdef PHP_BUILD_ARCH
 +					PHP_BUILD_ARCH
 					" "
 #endif
 #if ZEND_DEBUG
 diff -up ./ext/standard/info.c.phpinfo ./ext/standard/info.c
 --- ./ext/standard/info.c.phpinfo	2020-07-21 10:49:31.000000000 +0200
 +++ ./ext/standard/info.c	2020-07-21 11:41:56.295633523 +0200
@@ -804,9 +804,6 @@ PHPAPI ZEND_COLD void php_print_info(int
 #ifdef PHP_BUILD_ARCH
 		php_info_print_table_row(2, "Architecture", PHP_BUILD_ARCH);
 #endif
 -#ifdef CONFIGURE_COMMAND
 -		php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
 -#endif
 		if (sapi_module.pretty_name) {
 			php_info_print_table_row(2, "Server API", sapi_module.pretty_name );
 diff -up ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo ./ext/standard/tests/general_functions/phpinfo.phpt
 --- ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo	2020-07-21 10:49:31.000000000 +0200
 +++ ./ext/standard/tests/general_functions/phpinfo.phpt	2020-07-21 11:41:56.296633522 +0200
@@ -17,7 +17,6 @@ PHP Version => %s
 System => %s
 Build Date => %s%a
 -Configure Command => %s
 Server API => Command Line Interface
 Virtual Directory Support => %s
 Configuration File (php.ini) Path => %s
 diff -up ./sapi/cli/php_cli.c.phpinfo ./sapi/cli/php_cli.c
 --- ./sapi/cli/php_cli.c.phpinfo	2020-07-21 11:43:38.812475300 +0200
 +++ ./sapi/cli/php_cli.c	2020-07-21 11:43:45.783464540 +0200
@@ -641,8 +641,7 @@ static int do_cli(int argc, char **argv)
 					"NTS "
 #endif
 #ifdef PHP_BUILD_COMPILER
 -					PHP_BUILD_COMPILER
 -					" "
 +					"gcc "
 #endif
 #ifdef PHP_BUILD_ARCH
 					PHP_BUILD_ARCH
--- a/SOURCES/php-8.0.10-phar-sha.patch
+++ b/SOURCES/php-8.0.10-phar-sha.patch
@ -1,515 +0,0 @@
 Backported for 8.0 from
 From 8bb0c74e24359a11216824117ac3adf3d5ef7b71 Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@remirepo.net>
 Date: Thu, 5 Aug 2021 11:10:15 +0200
 Subject: [PATCH] switch phar to use sha256 signature by default
 ---
 ext/phar/phar/pharcommand.inc                  | 2 +-
 ext/phar/tests/create_new_and_modify.phpt      | 4 ++--
 ext/phar/tests/create_new_phar_c.phpt          | 4 ++--
 ext/phar/tests/phar_setsignaturealgo2.phpt     | 2 +-
 ext/phar/tests/tar/phar_setsignaturealgo2.phpt | 2 +-
 ext/phar/tests/zip/phar_setsignaturealgo2.phpt | 2 +-
 ext/phar/util.c                                | 6 +++---
 ext/phar/zip.c                                 | 2 +-
 8 files changed, 12 insertions(+), 12 deletions(-)
 diff --git a/ext/phar/phar/pharcommand.inc b/ext/phar/phar/pharcommand.inc
 index a31290eee75fe..5f698b4bec26b 100644
 --- a/ext/phar/phar/pharcommand.inc
 +++ b/ext/phar/phar/pharcommand.inc
@@ -92,7 +92,7 @@ class PharCommand extends CLICommand
                 'typ' => 'select',
                 'val' => NULL,
                 'inf' => '<method> Selects the hash algorithm.',
 -                'select' => array('md5' => 'MD5','sha1' => 'SHA1')
 +                'select' => array('md5' => 'MD5','sha1' => 'SHA1', 'sha256' => 'SHA256', 'sha512' => 'SHA512', 'openssl' => 'OPENSSL')
             ),
             'i' => array(
                 'typ' => 'regex',
 diff --git a/ext/phar/tests/create_new_and_modify.phpt b/ext/phar/tests/create_new_and_modify.phpt
 index 02e36c6cea2fe..32defcae8a639 100644
 --- a/ext/phar/tests/create_new_and_modify.phpt
 +++ b/ext/phar/tests/create_new_and_modify.phpt
@@ -49,8 +49,8 @@ include $pname . '/b.php';
 <?php unlink(__DIR__ . '/' . basename(__FILE__, '.clean.php') . '.phar.php'); ?>
 --EXPECTF--
 brand new!
 -string(40) "%s"
 -string(40) "%s"
 +string(%d) "%s"
 +string(%d) "%s"
 bool(true)
 modified!
 another!
 diff --git a/ext/phar/tests/create_new_phar_c.phpt b/ext/phar/tests/create_new_phar_c.phpt
 index 566d3c4d5f8ad..bf6d740fd1d10 100644
 --- a/ext/phar/tests/create_new_phar_c.phpt
 +++ b/ext/phar/tests/create_new_phar_c.phpt
@@ -20,7 +20,7 @@ var_dump($phar->getSignature());
 --EXPECTF--
 array(2) {
   ["hash"]=>
 -  string(40) "%s"
 +  string(64) "%s"
   ["hash_type"]=>
 -  string(5) "SHA-1"
 +  string(7) "SHA-256"
 }
 diff --git a/ext/phar/tests/phar_setsignaturealgo2.phpt b/ext/phar/tests/phar_setsignaturealgo2.phpt
 index 293d3196713d8..4f31836fbbbcc 100644
 --- a/ext/phar/tests/phar_setsignaturealgo2.phpt
 +++ b/ext/phar/tests/phar_setsignaturealgo2.phpt
@@ -52,7 +52,7 @@ array(2) {
   ["hash"]=>
   string(%d) "%s"
   ["hash_type"]=>
 -  string(5) "SHA-1"
 +  string(7) "SHA-256"
 }
 array(2) {
   ["hash"]=>
 diff --git a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
 index 9923ac5c88476..cc10a241d739b 100644
 --- a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
 +++ b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
@@ -51,7 +51,7 @@ array(2) {
   ["hash"]=>
   string(%d) "%s"
   ["hash_type"]=>
 -  string(5) "SHA-1"
 +  string(7) "SHA-256"
 }
 array(2) {
   ["hash"]=>
 diff --git a/ext/phar/tests/zip/phar_setsignaturealgo2.phpt b/ext/phar/tests/zip/phar_setsignaturealgo2.phpt
 index 8de77479d7825..60fec578ee894 100644
 --- a/ext/phar/tests/zip/phar_setsignaturealgo2.phpt
 +++ b/ext/phar/tests/zip/phar_setsignaturealgo2.phpt
@@ -78,7 +78,7 @@ array(2) {
   ["hash"]=>
   string(%d) "%s"
   ["hash_type"]=>
 -  string(5) "SHA-1"
 +  string(7) "SHA-256"
 }
 array(2) {
   ["hash"]=>
 diff --git a/ext/phar/util.c b/ext/phar/util.c
 index 314acfe81a788..8d2db03b69601 100644
 --- a/ext/phar/util.c
 +++ b/ext/phar/util.c
@@ -1798,6 +1798,8 @@ int phar_create_signature(phar_archive_d
 			*signature_length = 64;
 			break;
 		}
 +		default:
 +			phar->sig_flags = PHAR_SIG_SHA256;
 		case PHAR_SIG_SHA256: {
 			unsigned char digest[32];
 			PHP_SHA256_CTX  context;
@@ -1894,8 +1896,6 @@ int phar_create_signature(phar_archive_d
 			*signature_length = siglen;
 		}
 		break;
 -		default:
 -			phar->sig_flags = PHAR_SIG_SHA1;
 		case PHAR_SIG_SHA1: {
 			unsigned char digest[20];
 			PHP_SHA1_CTX  context;
 diff --git a/ext/phar/zip.c b/ext/phar/zip.c
 index 31d4bd2998215..c5e38cabf7b87 100644
 --- a/ext/phar/zip.c
 +++ b/ext/phar/zip.c
@@ -1423,7 +1423,7 @@ int phar_zip_flush(phar_archive_data *phar, char *user_stub, zend_long len, int
 	memcpy(eocd.signature, "PK\5\6", 4);
 	if (!phar->is_data && !phar->sig_flags) {
 -		phar->sig_flags = PHAR_SIG_SHA1;
 +		phar->sig_flags = PHAR_SIG_SHA256;
 	}
 	if (phar->sig_flags) {
 		PHAR_SET_16(eocd.counthere, zend_hash_num_elements(&phar->manifest) + 1);
 From c51af22fef988c1b2f92b7b9e3a9d745f7084815 Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@remirepo.net>
 Date: Thu, 5 Aug 2021 16:49:48 +0200
 Subject: [PATCH] implement openssl_256 and openssl_512 for phar singatures
 ---
 ext/openssl/openssl.c                         |   1 +
 ext/phar/phar.1.in                            |  10 +++-
 ext/phar/phar.c                               |   8 +++-
 ext/phar/phar/pharcommand.inc                 |  14 +++++-
 ext/phar/phar_internal.h                      |   2 +
 ext/phar/phar_object.c                        |  24 ++++++++--
 ext/phar/tests/files/openssl256.phar          | Bin 0 -> 7129 bytes
 ext/phar/tests/files/openssl256.phar.pubkey   |   6 +++
 ext/phar/tests/files/openssl512.phar          | Bin 0 -> 7129 bytes
 ext/phar/tests/files/openssl512.phar.pubkey   |   6 +++
 .../phar_get_supported_signatures_002a.phpt   |   6 ++-
 .../tests/tar/phar_setsignaturealgo2.phpt     |  16 +++++++
 ext/phar/tests/test_signaturealgos.phpt       |   8 ++++
 ext/phar/util.c                               |  45 ++++++++++++++----
 14 files changed, 128 insertions(+), 18 deletions(-)
 create mode 100644 ext/phar/tests/files/openssl256.phar
 create mode 100644 ext/phar/tests/files/openssl256.phar.pubkey
 create mode 100644 ext/phar/tests/files/openssl512.phar
 create mode 100644 ext/phar/tests/files/openssl512.phar.pubkey
 diff --git a/ext/phar/phar.1.in b/ext/phar/phar.1.in
 index 77912b241dfd5..323e77b0e2a3b 100644
 --- a/ext/phar/phar.1.in
 +++ b/ext/phar/phar.1.in
@@ -475,7 +475,15 @@ SHA512
 .TP
 .PD
 .B openssl
 -OpenSSL
 +OpenSSL using SHA-1
 +.TP
 +.PD
 +.B openssl_sha256
 +OpenSSL using SHA-256
 +.TP
 +.PD
 +.B openssl_sha512
 +OpenSSL using SHA-512
 .SH SEE ALSO
 For a more or less complete description of PHAR look here:
 diff --git a/ext/phar/phar.c b/ext/phar/phar.c
 index 77f21cef9da53..bc08e4edde05d 100644
 --- a/ext/phar/phar.c
 +++ b/ext/phar/phar.c
@@ -869,6 +869,8 @@ static int phar_parse_pharfile(php_stream *fp, char *fname, size_t fname_len, ch
 		PHAR_GET_32(sig_ptr, sig_flags);
 		switch(sig_flags) {
 +			case PHAR_SIG_OPENSSL_SHA512:
 +			case PHAR_SIG_OPENSSL_SHA256:
 			case PHAR_SIG_OPENSSL: {
 				uint32_t signature_len;
 				char *sig;
@@ -903,7 +905,7 @@ static int phar_parse_pharfile(php_stream *fp, char *fname, size_t fname_len, ch
 					return FAILURE;
 				}
 -				if (FAILURE == phar_verify_signature(fp, end_of_phar, PHAR_SIG_OPENSSL, sig, signature_len, fname, &signature, &sig_len, error)) {
 +				if (FAILURE == phar_verify_signature(fp, end_of_phar, sig_flags, sig, signature_len, fname, &signature, &sig_len, error)) {
 					efree(savebuf);
 					efree(sig);
 					php_stream_close(fp);
@@ -3162,7 +3164,9 @@ int phar_flush(phar_archive_data *phar, char *user_stub, zend_long len, int conv
 				php_stream_write(newfile, digest, digest_len);
 				efree(digest);
 -				if (phar->sig_flags == PHAR_SIG_OPENSSL) {
 +				if (phar->sig_flags == PHAR_SIG_OPENSSL ||
 +					phar->sig_flags == PHAR_SIG_OPENSSL_SHA256 ||
 +					phar->sig_flags == PHAR_SIG_OPENSSL_SHA512) {
 					phar_set_32(sig_buf, digest_len);
 					php_stream_write(newfile, sig_buf, 4);
 				}
 diff --git a/ext/phar/phar/pharcommand.inc b/ext/phar/phar/pharcommand.inc
 index 5f698b4bec26b..1b1eeca59c560 100644
 --- a/ext/phar/phar/pharcommand.inc
 +++ b/ext/phar/phar/pharcommand.inc
@@ -92,7 +92,7 @@ class PharCommand extends CLICommand
                 'typ' => 'select',
                 'val' => NULL,
                 'inf' => '<method> Selects the hash algorithm.',
 -                'select' => array('md5' => 'MD5','sha1' => 'SHA1', 'sha256' => 'SHA256', 'sha512' => 'SHA512', 'openssl' => 'OPENSSL')
 +                'select' => ['md5' => 'MD5','sha1' => 'SHA1', 'sha256' => 'SHA256', 'sha512' => 'SHA512', 'openssl' => 'OPENSSL', 'openssl_sha256' => 'OPENSSL_SHA256', 'openssl_sha512' => 'OPENSSL_SHA512']
             ),
             'i' => array(
                 'typ' => 'regex',
@@ -156,6 +156,8 @@ class PharCommand extends CLICommand
         $hash_avail = Phar::getSupportedSignatures();
         $hash_optional = array('SHA-256' => 'SHA256',
                                'SHA-512' => 'SHA512',
 +                               'OpenSSL_sha256' => 'OpenSSL_SHA256',
 +                               'OpenSSL_sha512' => 'OpenSSL_SHA512',
                                'OpenSSL' => 'OpenSSL');
         if (!in_array('OpenSSL', $hash_avail)) {
             unset($phar_args['y']);
@@ -429,6 +431,16 @@ class PharCommand extends CLICommand
                     self::error("Cannot use OpenSSL signing without key.\n");
                 }
                 return Phar::OPENSSL;
 +            case 'openssl_sha256':
 +                if (!$privkey) {
 +                    self::error("Cannot use OpenSSL signing without key.\n");
 +                }
 +                return Phar::OPENSSL_SHA256;
 +            case 'openssl_sha512':
 +                if (!$privkey) {
 +                    self::error("Cannot use OpenSSL signing without key.\n");
 +                }
 +                return Phar::OPENSSL_SHA512;
         }
     }
     // }}}
 diff --git a/ext/phar/phar_internal.h b/ext/phar/phar_internal.h
 index a9f81e2ab994a..30b408a8c4462 100644
 --- a/ext/phar/phar_internal.h
 +++ b/ext/phar/phar_internal.h
@@ -88,6 +88,8 @@
 #define PHAR_SIG_SHA256           0x0003
 #define PHAR_SIG_SHA512           0x0004
 #define PHAR_SIG_OPENSSL          0x0010
 +#define PHAR_SIG_OPENSSL_SHA256   0x0011
 +#define PHAR_SIG_OPENSSL_SHA512   0x0012
 /* flags byte for each file adheres to these bitmasks.
    All unused values are reserved */
 diff --git a/ext/phar/phar_object.c b/ext/phar/phar_object.c
 index 9c1e5f2fa1eef..c05970e657f18 100644
 --- a/ext/phar/phar_object.c
 +++ b/ext/phar/phar_object.c
@@ -1246,9 +1246,13 @@ PHP_METHOD(Phar, getSupportedSignatures)
 	add_next_index_stringl(return_value, "SHA-512", 7);
 #ifdef PHAR_HAVE_OPENSSL
 	add_next_index_stringl(return_value, "OpenSSL", 7);
 +	add_next_index_stringl(return_value, "OpenSSL_SHA256", 14);
 +	add_next_index_stringl(return_value, "OpenSSL_SHA512", 14);
 #else
 	if (zend_hash_str_exists(&module_registry, "openssl", sizeof("openssl")-1)) {
 		add_next_index_stringl(return_value, "OpenSSL", 7);
 +		add_next_index_stringl(return_value, "OpenSSL_SHA256", 14);
 +		add_next_index_stringl(return_value, "OpenSSL_SHA512", 14);
 	}
 #endif
 }
@@ -3028,6 +3032,8 @@ PHP_METHOD(Phar, setSignatureAlgorithm)
 		case PHAR_SIG_MD5:
 		case PHAR_SIG_SHA1:
 		case PHAR_SIG_OPENSSL:
 +		case PHAR_SIG_OPENSSL_SHA256:
 +		case PHAR_SIG_OPENSSL_SHA512:
 			if (phar_obj->archive->is_persistent && FAILURE == phar_copy_on_write(&(phar_obj->archive))) {
 				zend_throw_exception_ex(phar_ce_PharException, 0, "phar \"%s\" is persistent, unable to copy on write", phar_obj->archive->fname);
 				RETURN_THROWS();
@@ -3066,19 +3072,25 @@ PHP_METHOD(Phar, getSignature)
 		add_assoc_stringl(return_value, "hash", phar_obj->archive->signature, phar_obj->archive->sig_len);
 		switch(phar_obj->archive->sig_flags) {
 			case PHAR_SIG_MD5:
 -				add_assoc_stringl(return_value, "hash_type", "MD5", 3);
 +				add_assoc_string(return_value, "hash_type", "MD5");
 				break;
 			case PHAR_SIG_SHA1:
 -				add_assoc_stringl(return_value, "hash_type", "SHA-1", 5);
 +				add_assoc_string(return_value, "hash_type", "SHA-1");
 				break;
 			case PHAR_SIG_SHA256:
 -				add_assoc_stringl(return_value, "hash_type", "SHA-256", 7);
 +				add_assoc_string(return_value, "hash_type", "SHA-256");
 				break;
 			case PHAR_SIG_SHA512:
 -				add_assoc_stringl(return_value, "hash_type", "SHA-512", 7);
 +				add_assoc_string(return_value, "hash_type", "SHA-512");
 				break;
 			case PHAR_SIG_OPENSSL:
 -				add_assoc_stringl(return_value, "hash_type", "OpenSSL", 7);
 +				add_assoc_string(return_value, "hash_type", "OpenSSL");
 +				break;
 +			case PHAR_SIG_OPENSSL_SHA256:
 +				add_assoc_string(return_value, "hash_type", "OpenSSL_SHA256");
 +				break;
 +			case PHAR_SIG_OPENSSL_SHA512:
 +				add_assoc_string(return_value, "hash_type", "OpenSSL_SHA512");
 				break;
 			default:
 				unknown = strpprintf(0, "Unknown (%u)", phar_obj->archive->sig_flags);
@@ -5103,6 +5115,8 @@ void phar_object_init(void) /* {{{ */
 	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "PHPS", PHAR_MIME_PHPS)
 	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "MD5", PHAR_SIG_MD5)
 	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL", PHAR_SIG_OPENSSL)
 +	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL_SHA256", PHAR_SIG_OPENSSL_SHA256)
 +	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "OPENSSL_SHA512", PHAR_SIG_OPENSSL_SHA512)
 	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA1", PHAR_SIG_SHA1)
 	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA256", PHAR_SIG_SHA256)
 	REGISTER_PHAR_CLASS_CONST_LONG(phar_ce_archive, "SHA512", PHAR_SIG_SHA512)
 diff --git a/ext/phar/tests/phar_get_supported_signatures_002a.phpt b/ext/phar/tests/phar_get_supported_signatures_002a.phpt
 index 06d811f2c35c2..639143b3d2c90 100644
 --- a/ext/phar/tests/phar_get_supported_signatures_002a.phpt
 +++ b/ext/phar/tests/phar_get_supported_signatures_002a.phpt
@@ -14,7 +14,7 @@ phar.readonly=0
 var_dump(Phar::getSupportedSignatures());
 ?>
 --EXPECT--
 -array(5) {
 +array(7) {
   [0]=>
   string(3) "MD5"
   [1]=>
@@ -25,4 +25,8 @@ array(5) {
   string(7) "SHA-512"
   [4]=>
   string(7) "OpenSSL"
 +  [5]=>
 +  string(14) "OpenSSL_SHA256"
 +  [6]=>
 +  string(14) "OpenSSL_SHA512"
 }
 diff --git a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
 index cc10a241d739b..c2eb5d77a5bf0 100644
 --- a/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
 +++ b/ext/phar/tests/tar/phar_setsignaturealgo2.phpt
@@ -38,6 +38,10 @@ $pkey = '';
 openssl_pkey_export($private, $pkey, NULL, $config_arg);
 $p->setSignatureAlgorithm(Phar::OPENSSL, $pkey);
 var_dump($p->getSignature());
 +$p->setSignatureAlgorithm(Phar::OPENSSL_SHA512, $pkey);
 +var_dump($p->getSignature());
 +$p->setSignatureAlgorithm(Phar::OPENSSL_SHA256, $pkey);
 +var_dump($p->getSignature());
 } catch (Exception $e) {
 echo $e->getMessage();
 }
@@ -83,3 +87,15 @@ array(2) {
   ["hash_type"]=>
   string(7) "OpenSSL"
 }
 +array(2) {
 +  ["hash"]=>
 +  string(%d) "%s"
 +  ["hash_type"]=>
 +  string(14) "OpenSSL_SHA512"
 +}
 +array(2) {
 +  ["hash"]=>
 +  string(%d) "%s"
 +  ["hash_type"]=>
 +  string(14) "OpenSSL_SHA256"
 +}
 diff --git a/ext/phar/util.c b/ext/phar/util.c
 index 8d2db03b69601..515830bf2c70a 100644
 --- a/ext/phar/util.c
 +++ b/ext/phar/util.c
@@ -34,7 +34,7 @@
 #include <openssl/ssl.h>
 #include <openssl/pkcs12.h>
 #else
 -static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len);
 +static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len, php_uint32 sig_type);
 #endif
 /* for links to relative location, prepend cwd of the entry */
@@ -1381,11 +1381,11 @@ static int phar_hex_str(const char *digest, size_t digest_len, char **signature)
 /* }}} */
 #ifndef PHAR_HAVE_OPENSSL
 -static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len) /* {{{ */
 +static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t end, char *key, size_t key_len, char **signature, size_t *signature_len, php_uint32 sig_type) /* {{{ */
 {
 	zend_fcall_info fci;
 	zend_fcall_info_cache fcc;
 -	zval retval, zp[3], openssl;
 +	zval retval, zp[4], openssl;
 	zend_string *str;
 	ZVAL_STRINGL(&openssl, is_sign ? "openssl_sign" : "openssl_verify", is_sign ? sizeof("openssl_sign")-1 : sizeof("openssl_verify")-1);
@@ -1402,6 +1402,14 @@ static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t
 	} else {
 		ZVAL_EMPTY_STRING(&zp[0]);
 	}
 +	if (sig_type == PHAR_SIG_OPENSSL_SHA512) {
 +		ZVAL_LONG(&zp[3], 9); /* value from openssl.c #define OPENSSL_ALGO_SHA512 9 */
 +	} else if (sig_type == PHAR_SIG_OPENSSL_SHA256) {
 +		ZVAL_LONG(&zp[3], 7); /* value from openssl.c #define OPENSSL_ALGO_SHA256 7 */
 +	} else {
 +		/* don't rely on default value which may change in the future */
 +		ZVAL_LONG(&zp[3], 1); /* value from openssl.c #define OPENSSL_ALGO_SHA1   1 */
 +	}
 	if ((size_t)end != Z_STRLEN(zp[0])) {
 		zval_ptr_dtor_str(&zp[0]);
@@ -1419,7 +1427,7 @@ static int phar_call_openssl_signverify(int is_sign, php_stream *fp, zend_off_t
 		return FAILURE;
 	}
 -	fci.param_count = 3;
 +	fci.param_count = 4;
 	fci.params = zp;
 	Z_ADDREF(zp[0]);
 	if (is_sign) {
@@ -1482,12 +1490,22 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
 	php_stream_rewind(fp);
 	switch (sig_type) {
 +		case PHAR_SIG_OPENSSL_SHA512:
 +		case PHAR_SIG_OPENSSL_SHA256:
 		case PHAR_SIG_OPENSSL: {
 #ifdef PHAR_HAVE_OPENSSL
 			BIO *in;
 			EVP_PKEY *key;
 -			EVP_MD *mdtype = (EVP_MD *) EVP_sha1();
 +			const EVP_MD *mdtype;
 			EVP_MD_CTX *md_ctx;
 +
 +			if (sig_type == PHAR_SIG_OPENSSL_SHA512) {
 +				mdtype = EVP_sha512();
 +			} else if (sig_type == PHAR_SIG_OPENSSL_SHA256) {
 +				mdtype = EVP_sha256();
 +			} else {
 +				mdtype = EVP_sha1();
 +			}
 #else
 			size_t tempsig;
 #endif
@@ -1521,7 +1539,7 @@ int phar_verify_signature(php_stream *fp, size_t end_of_phar, uint32_t sig_type,
 #ifndef PHAR_HAVE_OPENSSL
 			tempsig = sig_len;
 -			if (FAILURE == phar_call_openssl_signverify(0, fp, end_of_phar, pubkey ? ZSTR_VAL(pubkey) : NULL, pubkey ? ZSTR_LEN(pubkey) : 0, &sig, &tempsig)) {
 +			if (FAILURE == phar_call_openssl_signverify(0, fp, end_of_phar, pubkey ? ZSTR_VAL(pubkey) : NULL, pubkey ? ZSTR_LEN(pubkey) : 0, &sig, &tempsig, sig_type)) {
 				if (pubkey) {
 					zend_string_release_ex(pubkey, 0);
 				}
@@ -1815,6 +1833,8 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 			*signature_length = 32;
 			break;
 		}
 +		case PHAR_SIG_OPENSSL_SHA512:
 +		case PHAR_SIG_OPENSSL_SHA256:
 		case PHAR_SIG_OPENSSL: {
 			unsigned char *sigbuf;
 #ifdef PHAR_HAVE_OPENSSL
@@ -1822,6 +1842,15 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 			BIO *in;
 			EVP_PKEY *key;
 			EVP_MD_CTX *md_ctx;
 +			const EVP_MD *mdtype;
 +
 +			if (phar->sig_flags == PHAR_SIG_OPENSSL_SHA512) {
 +				mdtype = EVP_sha512();
 +			} else if (phar->sig_flags == PHAR_SIG_OPENSSL_SHA256) {
 +				mdtype = EVP_sha256();
 +			} else {
 +				mdtype = EVP_sha1();
 +			}
 			in = BIO_new_mem_buf(PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len));
@@ -1847,7 +1876,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 			siglen = EVP_PKEY_size(key);
 			sigbuf = emalloc(siglen + 1);
 -			if (!EVP_SignInit(md_ctx, EVP_sha1())) {
 +			if (!EVP_SignInit(md_ctx, mdtype)) {
 				EVP_PKEY_free(key);
 				efree(sigbuf);
 				if (error) {
@@ -1885,7 +1914,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat
 			siglen = 0;
 			php_stream_seek(fp, 0, SEEK_END);
 -			if (FAILURE == phar_call_openssl_signverify(1, fp, php_stream_tell(fp), PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len), (char **)&sigbuf, &siglen)) {
 +			if (FAILURE == phar_call_openssl_signverify(1, fp, php_stream_tell(fp), PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len), (char **)&sigbuf, &siglen, phar->sig_flags)) {
 				if (error) {
 					spprintf(error, 0, "unable to write phar \"%s\" with requested openssl signature", phar->fname);
 				}
--- a/SOURCES/php-8.0.10-snmp-sha.patch
+++ b/SOURCES/php-8.0.10-snmp-sha.patch
@ -1,143 +0,0 @@
 Backported for 8.0 from
 From 718e91343fddb8817a004f96f111c424843bf746 Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@php.net>
 Date: Wed, 11 Aug 2021 13:02:18 +0200
 Subject: [PATCH] add SHA256 and SHA512 for security protocol
 ---
 ext/snmp/config.m4                            | 18 +++++++++-
 ext/snmp/snmp.c                               | 33 ++++++++++++++++++-
 .../tests/snmp-object-setSecurity_error.phpt  |  2 +-
 ext/snmp/tests/snmp3-error.phpt               |  2 +-
 4 files changed, 51 insertions(+), 4 deletions(-)
 diff --git a/ext/snmp/config.m4 b/ext/snmp/config.m4
 index 1475ddfe2b7f0..f285a572de9cb 100644
 --- a/ext/snmp/config.m4
 +++ b/ext/snmp/config.m4
@@ -30,7 +30,7 @@ if test "$PHP_SNMP" != "no"; then
         AC_MSG_ERROR([Could not find the required paths. Please check your net-snmp installation.])
       fi
     else
 -      AC_MSG_ERROR([Net-SNMP version 5.3 or greater reqired (detected $snmp_full_version).])
 +      AC_MSG_ERROR([Net-SNMP version 5.3 or greater required (detected $snmp_full_version).])
     fi
   else
     AC_MSG_ERROR([Could not find net-snmp-config binary. Please check your net-snmp installation.])
@@ -54,6 +54,22 @@ if test "$PHP_SNMP" != "no"; then
     $SNMP_SHARED_LIBADD
   ])
 +  dnl Check whether usmHMAC192SHA256AuthProtocol exists.
 +  PHP_CHECK_LIBRARY($SNMP_LIBNAME, usmHMAC192SHA256AuthProtocol,
 +  [
 +    AC_DEFINE(HAVE_SNMP_SHA256, 1, [ ])
 +  ], [], [
 +    $SNMP_SHARED_LIBADD
 +  ])
 +
 +  dnl Check whether usmHMAC384SHA512AuthProtocol exists.
 +  PHP_CHECK_LIBRARY($SNMP_LIBNAME, usmHMAC384SHA512AuthProtocol,
 +  [
 +    AC_DEFINE(HAVE_SNMP_SHA512, 1, [ ])
 +  ], [], [
 +    $SNMP_SHARED_LIBADD
 +  ])
 +
   PHP_NEW_EXTENSION(snmp, snmp.c, $ext_shared)
   PHP_SUBST(SNMP_SHARED_LIBADD)
 fi
 diff --git a/ext/snmp/snmp.c b/ext/snmp/snmp.c
 index 69d6549405b17..f0917501751f5 100644
 --- a/ext/snmp/snmp.c
 +++ b/ext/snmp/snmp.c
@@ -29,6 +29,7 @@
 #include "php_snmp.h"
 #include "zend_exceptions.h"
 +#include "zend_smart_string.h"
 #include "ext/spl/spl_exceptions.h"
 #include "snmp_arginfo.h"
@@ -938,16 +939,48 @@ static int netsnmp_session_set_auth_protocol(struct snmp_session *s, char *prot)
 	if (!strcasecmp(prot, "MD5")) {
 		s->securityAuthProto = usmHMACMD5AuthProtocol;
 		s->securityAuthProtoLen = USM_AUTH_PROTO_MD5_LEN;
 -	} else
 +		return 0;
 +	}
 #endif
 +
 	if (!strcasecmp(prot, "SHA")) {
 		s->securityAuthProto = usmHMACSHA1AuthProtocol;
 		s->securityAuthProtoLen = USM_AUTH_PROTO_SHA_LEN;
 -	} else {
 -		zend_value_error("Authentication protocol must be either \"MD5\" or \"SHA\"");
 -		return (-1);
 +		return 0;
 	}
 -	return (0);
 +
 +#ifdef HAVE_SNMP_SHA256
 +	if (!strcasecmp(prot, "SHA256")) {
 +		s->securityAuthProto = usmHMAC192SHA256AuthProtocol;
 +		s->securityAuthProtoLen = sizeof(usmHMAC192SHA256AuthProtocol) / sizeof(oid);
 +		return 0;
 +	}
 +#endif
 +
 +#ifdef HAVE_SNMP_SHA512
 +	if (!strcasecmp(prot, "SHA512")) {
 +		s->securityAuthProto = usmHMAC384SHA512AuthProtocol;
 +		s->securityAuthProtoLen = sizeof(usmHMAC384SHA512AuthProtocol) / sizeof(oid);
 +		return 0;
 +	}
 +#endif
 +
 +	smart_string err = {0};
 +
 +	smart_string_appends(&err, "Authentication protocol must be \"SHA\"");
 +#ifdef HAVE_SNMP_SHA256
 +	smart_string_appends(&err, " or \"SHA256\"");
 +#endif
 +#ifdef HAVE_SNMP_SHA512
 +	smart_string_appends(&err, " or \"SHA512\"");
 +#endif
 +#ifndef DISABLE_MD5
 +	smart_string_appends(&err, " or \"MD5\"");
 +#endif
 +	smart_string_0(&err);
 +	zend_value_error("%s", err.c);
 +	smart_string_free(&err);
 +	return -1;
 }
 /* }}} */
 diff --git a/ext/snmp/tests/snmp-object-setSecurity_error.phpt b/ext/snmp/tests/snmp-object-setSecurity_error.phpt
 index f8de846492a75..cf4f928837773 100644
 --- a/ext/snmp/tests/snmp-object-setSecurity_error.phpt
 +++ b/ext/snmp/tests/snmp-object-setSecurity_error.phpt
@@ -59,7 +59,7 @@ var_dump($session->close());
 --EXPECTF--
 Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
 Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
 -Authentication protocol must be either "MD5" or "SHA"
 +Authentication protocol must be %s
 Warning: SNMP::setSecurity(): Error generating a key for authentication pass phrase '': Generic error (The supplied password length is too short.) in %s on line %d
 bool(false)
 diff --git a/ext/snmp/tests/snmp3-error.phpt b/ext/snmp/tests/snmp3-error.phpt
 index 849e363b45058..389800dad6b28 100644
 --- a/ext/snmp/tests/snmp3-error.phpt
 +++ b/ext/snmp/tests/snmp3-error.phpt
@@ -58,7 +58,7 @@ try {
 Checking error handling
 Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
 Security level must be one of "noAuthNoPriv", "authNoPriv", or "authPriv"
 -Authentication protocol must be either "MD5" or "SHA"
 +Authentication protocol must be %s
 Warning: snmp3_get(): Error generating a key for authentication pass phrase '': Generic error (The supplied password length is too short.) in %s on line %d
 bool(false)
--- a/SOURCES/php-8.0.13-crypt.patch
+++ b/SOURCES/php-8.0.13-crypt.patch
@ -1,45 +0,0 @@
 From fc4e31467c352032ee709ac55d3c67bc22abcd8d Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@remirepo.net>
 Date: Fri, 15 Oct 2021 17:11:12 +0200
 Subject: [PATCH] add --with-external-libcrypt build option display an error
 message if some algo not available in external libcrypt
 ---
 ext/standard/config.m4 | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)
 diff --git a/ext/standard/config.m4 b/ext/standard/config.m4
 index 58b9c5e658a4..3ec18be4d7df 100644
 --- a/ext/standard/config.m4
 +++ b/ext/standard/config.m4
@@ -267,14 +267,25 @@ int main() {
 ])])
 +PHP_ARG_WITH([external-libcrypt],
 +  [for external libcrypt or libxcrypt],
 +  [AS_HELP_STRING([--with-external-libcrypt],
 +    [Use external libcrypt or libxcrypt])],
 +  [no],
 +  [no])
 +
 dnl
 dnl If one of them is missing, use our own implementation, portable code is then possible
 dnl
 -dnl TODO This is currently always enabled
 -if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" || test "$ac_cv_crypt_ext_des" = "no" || test "$ac_cv_crypt_md5" = "no" || test "$ac_cv_crypt_sha512" = "no" || test "$ac_cv_crypt_sha256" = "no" || test "$ac_cv_func_crypt_r" != "yes" || true; then
 -  AC_DEFINE_UNQUOTED(PHP_USE_PHP_CRYPT_R, 1, [Whether PHP has to use its own crypt_r for blowfish, des, ext des and md5])
 -
 -  PHP_ADD_SOURCES(PHP_EXT_DIR(standard), crypt_freesec.c crypt_blowfish.c crypt_sha512.c crypt_sha256.c php_crypt_r.c)
 +dnl This is currently enabled by default
 +if test "$ac_cv_crypt_blowfish" = "no" || test "$ac_cv_crypt_des" = "no" || test "$ac_cv_crypt_ext_des" = "no" || test "$ac_cv_crypt_md5" = "no" || test "$ac_cv_crypt_sha512" = "no" || test "$ac_cv_crypt_sha256" = "no" || test "$ac_cv_func_crypt_r" != "yes" || test "$PHP_EXTERNAL_LIBCRYPT" = "no"; then
 +  if test "$PHP_EXTERNAL_LIBCRYPT" = "no"; then
 +    AC_DEFINE_UNQUOTED(PHP_USE_PHP_CRYPT_R, 1, [Whether PHP has to use its own crypt_r for blowfish, des, ext des and md5])
 +
 +    PHP_ADD_SOURCES(PHP_EXT_DIR(standard), crypt_freesec.c crypt_blowfish.c crypt_sha512.c crypt_sha256.c php_crypt_r.c)
 +   else
 +    AC_MSG_ERROR([Cannot use external libcrypt as some algo are missing])
 +   fi
 else
   AC_DEFINE_UNQUOTED(PHP_USE_PHP_CRYPT_R, 0, [Whether PHP has to use its own crypt_r for blowfish, des and ext des])
 fi
--- a/SOURCES/php-8.0.21-openssl3.patch
+++ b/SOURCES/php-8.0.21-openssl3.patch
--- a/SOURCES/php-8.0.30.tar.xz.asc
+++ b/SOURCES/php-8.0.30.tar.xz.asc
@ -1,16 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmTL4VIACgkQ+cOdwLlp
 hUQzrQ//cGopLQ71fiXCM+IYoT7RITJWWeh81fuDpL7bqZblaLRjpoI5I7iUoD10
 seJMLrzRxh72A3yY5GoF+LVBFc8J4MsOTJLXpIVWYheOY+BVLDhQHOFSZpT3JDN5
 UH6q21WS6wobwj3fFzJzHSSo8GDeSQ60D1Vq5t5ZVWb6uvmzf/cctcjlWB/Zp/X+
 hFS6HzrxqM/LBd1IocnTJoLJ2SFCyOS6n9yRJGOW4M3bSqtaTwv1Rd4kTybO0cnF
 7bJ71+RAQJZIRG9sOHF3ZtPx08kR5NKR3Ev/9YmlrBWMXMOZs3NvM1UB7zcJ8Qok
 CbYrVsyoEk8La8oCV6Jm2jjD73XY7QIWKBuZMerTP9Y+FTP2m699gXeoamuizriY
 vWF3j0to67mUY9wWq+4ahfVFdX043mWs2pzvjYTcFcKX0MxFOKMILnAN70a7dKGh
 D45B0PdCezJvRjsbO9ynfBmCuBzWGWeQDIM9UlJatu8ND4dS+dWp6FPqgZY8wQke
 8/P6FZlZ9wBsKvfWyA/xLr3fN71u+C3CLgTIOzYhI12FDyb6Cbxy8cq8ruGF4D5x
 CaSvaOSAXKIPmOhtLgwk2V5jcLlj45cNyFm9PTvqLo3urJFSDXdLJ2Rns5+xjMX9
 tMiJS4N8UvvhhVDSJr2/qvmh6inhsTRHuUdR8dacapnW0AgsN88=
 =Gqmv
 -----END PGP SIGNATURE-----
--- a/SOURCES/php-8.0.6-deprecated.patch
+++ b/SOURCES/php-8.0.6-deprecated.patch
@ -1,400 +0,0 @@
 From 4dc8b3c0efaae25b08c8f59b068f17c97c59d0ae Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@remirepo.net>
 Date: Wed, 5 May 2021 15:41:00 +0200
 Subject: [PATCH] get rid of inet_aton and inet_ntoa use inet_ntop iand
 inet_pton where available standardize buffer size
 ---
 ext/sockets/sockaddr_conv.c |  4 ++++
 ext/sockets/sockets.c       | 48 +++++++++++++++++++++++++------------
 ext/standard/dns.c          | 16 ++++++++++++-
 main/network.c              | 20 ++++++++++++++--
 4 files changed, 70 insertions(+), 18 deletions(-)
 diff --git a/ext/sockets/sockaddr_conv.c b/ext/sockets/sockaddr_conv.c
 index 57996612d2d7e..65c8418fb3a6f 100644
 --- a/ext/sockets/sockaddr_conv.c
 +++ b/ext/sockets/sockaddr_conv.c
@@ -87,7 +87,11 @@ int php_set_inet_addr(struct sockaddr_in *sin, char *string, php_socket *php_soc
 	struct in_addr tmp;
 	struct hostent *host_entry;
 +#ifdef HAVE_INET_PTON
 +	if (inet_pton(AF_INET, string, &tmp)) {
 +#else
 	if (inet_aton(string, &tmp)) {
 +#endif
 		sin->sin_addr.s_addr = tmp.s_addr;
 	} else {
 		if (strlen(string) > MAXFQDNLEN || ! (host_entry = php_network_gethostbyname(string))) {
 diff --git a/ext/sockets/sockets.c b/ext/sockets/sockets.c
 index 16ad3e8013a4c..85c938d1b97b1 100644
 --- a/ext/sockets/sockets.c
 +++ b/ext/sockets/sockets.c
@@ -220,8 +220,10 @@ zend_module_entry sockets_module_entry = {
 ZEND_GET_MODULE(sockets)
 #endif
 +#ifndef HAVE_INET_NTOP
 /* inet_ntop should be used instead of inet_ntoa */
 int inet_ntoa_lock = 0;
 +#endif
 static int php_open_listen_sock(php_socket *sock, int port, int backlog) /* {{{ */
 {
@@ -1082,10 +1084,12 @@ PHP_FUNCTION(socket_getsockname)
 	struct sockaddr_in		*sin;
 #if HAVE_IPV6
 	struct sockaddr_in6		*sin6;
 -	char					addr6[INET6_ADDRSTRLEN+1];
 +#endif
 +#ifdef HAVE_INET_NTOP
 +	char					addrbuf[INET6_ADDRSTRLEN];
 #endif
 	struct sockaddr_un		*s_un;
 -	char					*addr_string;
 +	const char				*addr_string;
 	socklen_t				salen = sizeof(php_sockaddr_storage);
 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "Oz|z", &arg1, socket_ce, &addr, &port) == FAILURE) {
@@ -1106,8 +1110,8 @@ PHP_FUNCTION(socket_getsockname)
 #if HAVE_IPV6
 		case AF_INET6:
 			sin6 = (struct sockaddr_in6 *) sa;
 -			inet_ntop(AF_INET6, &sin6->sin6_addr, addr6, INET6_ADDRSTRLEN);
 -			ZEND_TRY_ASSIGN_REF_STRING(addr, addr6);
 +			inet_ntop(AF_INET6, &sin6->sin6_addr,  addrbuf, sizeof(addrbuf));
 +			ZEND_TRY_ASSIGN_REF_STRING(addr, addrbuf);
 			if (port != NULL) {
 				ZEND_TRY_ASSIGN_REF_LONG(port, htons(sin6->sin6_port));
@@ -1117,11 +1121,14 @@ PHP_FUNCTION(socket_getsockname)
 #endif
 		case AF_INET:
 			sin = (struct sockaddr_in *) sa;
 +#ifdef HAVE_INET_NTOP
 +			addr_string = inet_ntop(AF_INET, &sin->sin_addr, addrbuf, sizeof(addrbuf));
 +#else
 			while (inet_ntoa_lock == 1);
 			inet_ntoa_lock = 1;
 			addr_string = inet_ntoa(sin->sin_addr);
 			inet_ntoa_lock = 0;
 -
 +#endif
 			ZEND_TRY_ASSIGN_REF_STRING(addr, addr_string);
 			if (port != NULL) {
@@ -1154,10 +1161,12 @@ PHP_FUNCTION(socket_getpeername)
 	struct sockaddr_in		*sin;
 #if HAVE_IPV6
 	struct sockaddr_in6		*sin6;
 -	char					addr6[INET6_ADDRSTRLEN+1];
 +#endif
 +#ifdef HAVE_INET_NTOP
 +	char					addrbuf[INET6_ADDRSTRLEN];
 #endif
 	struct sockaddr_un		*s_un;
 -	char					*addr_string;
 +	const char				*addr_string;
 	socklen_t				salen = sizeof(php_sockaddr_storage);
 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "Oz|z", &arg1, socket_ce, &arg2, &arg3) == FAILURE) {
@@ -1178,9 +1187,9 @@ PHP_FUNCTION(socket_getpeername)
 #if HAVE_IPV6
 		case AF_INET6:
 			sin6 = (struct sockaddr_in6 *) sa;
 -			inet_ntop(AF_INET6, &sin6->sin6_addr, addr6, INET6_ADDRSTRLEN);
 +			inet_ntop(AF_INET6, &sin6->sin6_addr, addrbuf, sizeof(addrbuf));
 -			ZEND_TRY_ASSIGN_REF_STRING(arg2, addr6);
 +			ZEND_TRY_ASSIGN_REF_STRING(arg2, addrbuf);
 			if (arg3 != NULL) {
 				ZEND_TRY_ASSIGN_REF_LONG(arg3, htons(sin6->sin6_port));
@@ -1191,11 +1200,14 @@ PHP_FUNCTION(socket_getpeername)
 #endif
 		case AF_INET:
 			sin = (struct sockaddr_in *) sa;
 +#ifdef HAVE_INET_NTOP
 +			addr_string = inet_ntop(AF_INET, &sin->sin_addr, addrbuf, sizeof(addrbuf));
 +#else
 			while (inet_ntoa_lock == 1);
 			inet_ntoa_lock = 1;
 			addr_string = inet_ntoa(sin->sin_addr);
 			inet_ntoa_lock = 0;
 -
 +#endif
 			ZEND_TRY_ASSIGN_REF_STRING(arg2, addr_string);
 			if (arg3 != NULL) {
@@ -1527,12 +1539,14 @@ PHP_FUNCTION(socket_recvfrom)
 	struct sockaddr_in	sin;
 #if HAVE_IPV6
 	struct sockaddr_in6	sin6;
 -	char				addr6[INET6_ADDRSTRLEN];
 +#endif
 +#ifdef HAVE_INET_NTOP
 +	char				addrbuf[INET6_ADDRSTRLEN];
 #endif
 	socklen_t			slen;
 	int					retval;
 	zend_long				arg3, arg4;
 -	char				*address;
 +	const char			*address;
 	zend_string			*recv_buf;
 	if (zend_parse_parameters(ZEND_NUM_ARGS(), "Ozllz|z", &arg1, socket_ce, &arg2, &arg3, &arg4, &arg5, &arg6) == FAILURE) {
@@ -1590,7 +1604,11 @@ PHP_FUNCTION(socket_recvfrom)
 			ZSTR_LEN(recv_buf) = retval;
 			ZSTR_VAL(recv_buf)[ZSTR_LEN(recv_buf)] = '\0';
 +#ifdef HAVE_INET_NTOP
 +			address = inet_ntop(AF_INET, &sin.sin_addr, addrbuf, sizeof(addrbuf));
 +#else
 			address = inet_ntoa(sin.sin_addr);
 +#endif
 			ZEND_TRY_ASSIGN_REF_NEW_STR(arg2, recv_buf);
 			ZEND_TRY_ASSIGN_REF_STRING(arg5, address ? address : "0.0.0.0");
@@ -1617,11 +1635,11 @@ PHP_FUNCTION(socket_recvfrom)
 			ZSTR_LEN(recv_buf) = retval;
 			ZSTR_VAL(recv_buf)[ZSTR_LEN(recv_buf)] = '\0';
 -			memset(addr6, 0, INET6_ADDRSTRLEN);
 -			inet_ntop(AF_INET6, &sin6.sin6_addr, addr6, INET6_ADDRSTRLEN);
 +			memset(addrbuf, 0, INET6_ADDRSTRLEN);
 +			inet_ntop(AF_INET6, &sin6.sin6_addr,  addrbuf, sizeof(addrbuf));
 			ZEND_TRY_ASSIGN_REF_NEW_STR(arg2, recv_buf);
 -			ZEND_TRY_ASSIGN_REF_STRING(arg5, addr6[0] ? addr6 : "::");
 +			ZEND_TRY_ASSIGN_REF_STRING(arg5, addrbuf[0] ? addrbuf : "::");
 			ZEND_TRY_ASSIGN_REF_LONG(arg6, ntohs(sin6.sin6_port));
 			break;
 #endif
 diff --git a/ext/standard/dns.c b/ext/standard/dns.c
 index 41b98424edb60..6efdbbe894b46 100644
 --- a/ext/standard/dns.c
 +++ b/ext/standard/dns.c
@@ -228,6 +228,9 @@ PHP_FUNCTION(gethostbynamel)
 	struct hostent *hp;
 	struct in_addr in;
 	int i;
 +#ifdef HAVE_INET_NTOP
 +	char addr4[INET_ADDRSTRLEN];
 +#endif
 	ZEND_PARSE_PARAMETERS_START(1, 1)
 		Z_PARAM_PATH(hostname, hostname_len)
@@ -255,7 +258,11 @@ PHP_FUNCTION(gethostbynamel)
 		}
 		in = *h_addr_entry;
 +#ifdef HAVE_INET_NTOP
 +		add_next_index_string(return_value, inet_ntop(AF_INET, &in, addr4, INET_ADDRSTRLEN));
 +#else
 		add_next_index_string(return_value, inet_ntoa(in));
 +#endif
 	}
 }
 /* }}} */
@@ -266,7 +273,10 @@ static zend_string *php_gethostbyname(char *name)
 	struct hostent *hp;
 	struct in_addr *h_addr_0; /* Don't call this h_addr, it's a macro! */
 	struct in_addr in;
 -	char *address;
 +#ifdef HAVE_INET_NTOP
 +	char addr4[INET_ADDRSTRLEN];
 +#endif
 +	const char *address;
 	hp = php_network_gethostbyname(name);
 	if (!hp) {
@@ -281,7 +291,11 @@ static zend_string *php_gethostbyname(char *name)
 	memcpy(&in.s_addr, h_addr_0, sizeof(in.s_addr));
 +#ifdef HAVE_INET_NTOP
 +	address = inet_ntop(AF_INET, &in, addr4, INET_ADDRSTRLEN);
 +#else
 	address = inet_ntoa(in);
 +#endif
 	return zend_string_init(address, strlen(address), 0);
 }
 /* }}} */
 diff --git a/main/network.c b/main/network.c
 index 2c504952b2dd1..7f2f714ec42df 100644
 --- a/main/network.c
 +++ b/main/network.c
@@ -236,8 +236,12 @@ PHPAPI int php_network_getaddresses(const char *host, int socktype, struct socka
 	} while ((sai = sai->ai_next) != NULL);
 	freeaddrinfo(res);
 +#else
 +#ifdef HAVE_INET_PTON
 +	if (!inet_pton(AF_INET, host, &in)) {
 #else
 	if (!inet_aton(host, &in)) {
 +#endif
 		if(strlen(host) > MAXFQDNLEN) {
 			host_info = NULL;
 			errno = E2BIG;
@@ -555,7 +559,11 @@ PHPAPI int php_network_parse_network_address_with_port(const char *addr, zend_lo
 		goto out;
 	}
 #endif
 +#ifdef HAVE_INET_PTON
 +	if (inet_pton(AF_INET, tmp, &in4->sin_addr) > 0) {
 +#else
 	if (inet_aton(tmp, &in4->sin_addr) > 0) {
 +#endif
 		in4->sin_port = htons(port);
 		in4->sin_family = AF_INET;
 		*sl = sizeof(struct sockaddr_in);
@@ -617,15 +625,19 @@ PHPAPI void php_network_populate_name_from_sockaddr(
 	}
 	if (textaddr) {
 -#if HAVE_IPV6 && HAVE_INET_NTOP
 +#ifdef HAVE_INET_NTOP
 		char abuf[256];
 #endif
 -		char *buf = NULL;
 +		const char *buf = NULL;
 		switch (sa->sa_family) {
 			case AF_INET:
 				/* generally not thread safe, but it *is* thread safe under win32 */
 +#ifdef HAVE_INET_NTOP
 +				buf = inet_ntop(AF_INET, &((struct sockaddr_in*)sa)->sin_addr, (char *)&abuf, sizeof(abuf));
 +#else
 				buf = inet_ntoa(((struct sockaddr_in*)sa)->sin_addr);
 +#endif
 				if (buf) {
 					*textaddr = strpprintf(0, "%s:%d",
 						buf, ntohs(((struct sockaddr_in*)sa)->sin_port));
@@ -862,7 +874,11 @@ php_socket_t php_network_connect_socket_to_host(const char *host, unsigned short
 					in4->sin_family = sa->sa_family;
 					in4->sin_port = htons(bindport);
 +#ifdef HAVE_INET_PTON
 +					if (!inet_pton(AF_INET, bindto, &in4->sin_addr)) {
 +#else
 					if (!inet_aton(bindto, &in4->sin_addr)) {
 +#endif
 						php_error_docref(NULL, E_WARNING, "Invalid IP Address: %s", bindto);
 						goto skip_bind;
 					}
 From e5b6f43ec7813392d83ea586b7902e0396a1f792 Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@remirepo.net>
 Date: Thu, 6 May 2021 14:21:29 +0200
 Subject: [PATCH] get rid of inet_addr usage
 ---
 main/fastcgi.c            | 4 ++++
 sapi/litespeed/lsapilib.c | 4 ++++
 2 files changed, 8 insertions(+)
 diff --git a/main/fastcgi.c b/main/fastcgi.c
 index 071f69d3a7f0..c936d42405de 100644
 --- a/main/fastcgi.c
 +++ b/main/fastcgi.c
@@ -688,8 +688,12 @@ int fcgi_listen(const char *path, int backlog)
 		if (!*host || !strncmp(host, "*", sizeof("*")-1)) {
 			sa.sa_inet.sin_addr.s_addr = htonl(INADDR_ANY);
 		} else {
 +#ifdef HAVE_INET_PTON
 +			if (!inet_pton(AF_INET, host, &sa.sa_inet.sin_addr)) {
 +#else
 			sa.sa_inet.sin_addr.s_addr = inet_addr(host);
 			if (sa.sa_inet.sin_addr.s_addr == INADDR_NONE) {
 +#endif
 				struct hostent *hep;
 				if(strlen(host) > MAXFQDNLEN) {
 diff --git a/sapi/litespeed/lsapilib.c b/sapi/litespeed/lsapilib.c
 index a72b5dc1b988..305f3326a682 100644
 --- a/sapi/litespeed/lsapilib.c
 +++ b/sapi/litespeed/lsapilib.c
@@ -2672,8 +2672,12 @@ int LSAPI_ParseSockAddr( const char * pBind, struct sockaddr * pAddr )
             ((struct sockaddr_in *)pAddr)->sin_addr.s_addr = htonl( INADDR_LOOPBACK );
         else
         {
 +#ifdef HAVE_INET_PTON
 +            if (!inet_pton(AF_INET, p, &((struct sockaddr_in *)pAddr)->sin_addr))
 +#else
             ((struct sockaddr_in *)pAddr)->sin_addr.s_addr = inet_addr( p );
             if ( ((struct sockaddr_in *)pAddr)->sin_addr.s_addr == INADDR_BROADCAST)
 +#endif
             {
                 doAddrInfo = 1;
             }
 From 99d67d121acd4c324738509679d23acaf759d065 Mon Sep 17 00:00:00 2001
 From: Remi Collet <remi@remirepo.net>
 Date: Thu, 6 May 2021 16:35:48 +0200
 Subject: [PATCH] use getnameinfo instead of gethostbyaddr
 ---
 ext/standard/dns.c | 34 ++++++++++++++++++++++------------
 1 file changed, 22 insertions(+), 12 deletions(-)
 diff --git a/ext/standard/dns.c b/ext/standard/dns.c
 index edd9a4549f5c..540c777faaba 100644
 --- a/ext/standard/dns.c
 +++ b/ext/standard/dns.c
@@ -169,20 +169,30 @@ PHP_FUNCTION(gethostbyaddr)
 static zend_string *php_gethostbyaddr(char *ip)
 {
 #if HAVE_IPV6 && HAVE_INET_PTON
 -	struct in6_addr addr6;
 -#endif
 -	struct in_addr addr;
 -	struct hostent *hp;
 +	struct sockaddr_in sa4;
 +	struct sockaddr_in6 sa6;
 +	char out[NI_MAXHOST];
 -#if HAVE_IPV6 && HAVE_INET_PTON
 -	if (inet_pton(AF_INET6, ip, &addr6)) {
 -		hp = gethostbyaddr((char *) &addr6, sizeof(addr6), AF_INET6);
 -	} else if (inet_pton(AF_INET, ip, &addr)) {
 -		hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET);
 -	} else {
 -		return NULL;
 +	if (inet_pton(AF_INET6, ip, &sa6.sin6_addr)) {
 +		sa6.sin6_family = AF_INET6;
 +
 +		if (getnameinfo((struct sockaddr *)&sa6, sizeof(sa6), out, sizeof(out), NULL, 0, NI_NAMEREQD) < 0) {
 +			return zend_string_init(ip, strlen(ip), 0);
 +		}
 +		return zend_string_init(out, strlen(out), 0);
 +	} else if (inet_pton(AF_INET, ip, &sa4.sin_addr)) {
 +		sa4.sin_family = AF_INET;
 +
 +		if (getnameinfo((struct sockaddr *)&sa4, sizeof(sa4), out, sizeof(out), NULL, 0, NI_NAMEREQD) < 0) {
 +			return zend_string_init(ip, strlen(ip), 0);
 +		}
 +		return zend_string_init(out, strlen(out), 0);
 	}
 +	return NULL; /* not a valid IP */
 #else
 +	struct in_addr addr;
 +	struct hostent *hp;
 +
 	addr.s_addr = inet_addr(ip);
 	if (addr.s_addr == -1) {
@@ -190,13 +200,13 @@ static zend_string *php_gethostbyaddr(char *ip)
 	}
 	hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET);
 -#endif
 	if (!hp || hp->h_name == NULL || hp->h_name[0] == '\0') {
 		return zend_string_init(ip, strlen(ip), 0);
 	}
 	return zend_string_init(hp->h_name, strlen(hp->h_name), 0);
 +#endif
 }
 /* }}} */
--- a/SOURCES/php-8.1.0-libdb.patch
+++ b/SOURCES/php-8.1.0-libdb.patch
@ -79,7 +79,7 @@ diff -up ./ext/dba/dba.c.libdb ./ext/dba/dba.c
 PHP_MINIT_FUNCTION(dba);
 PHP_MSHUTDOWN_FUNCTION(dba);
 PHP_MINFO_FUNCTION(dba);
-@@ -459,6 +463,10 @@ PHP_MINFO_FUNCTION(dba)
+@@ -452,6 +456,10 @@ PHP_MINFO_FUNCTION(dba)
 	php_info_print_table_start();
 	php_info_print_table_row(2, "DBA support", "enabled");
--- a/SOURCES/php-8.0.19-parser.patch
+++ b/SOURCES/php-8.0.19-parser.patch
@ -1,7 +1,7 @@
 diff -up ./build/gen_stub.php.syslib ./build/gen_stub.php
 --- ./build/gen_stub.php.syslib	2020-06-25 08:11:51.782046813 +0200
 +++ ./build/gen_stub.php	2020-06-25 08:13:11.188860368 +0200
-@@ -1075,6 +1075,12 @@ function initPhpParser() {
+@@ -3265,6 +3265,12 @@ function initPhpParser() {
     }
     $isInitialized = true;
@ -11,6 +11,6 @@ diff -up ./build/gen_stub.php.syslib ./build/gen_stub.php
 +        return;
 +    }
 +
-     $version = "4.13.0";
+     $version = "4.15.1";
     $phpParserDir = __DIR__ . "/PHP-Parser-$version";
     if (!is_dir($phpParserDir)) {
--- a/SOURCES/php-8.2.23-systzdata-v24.patch
+++ b/SOURCES/php-8.2.23-systzdata-v24.patch
@ -5,8 +5,10 @@ Add support for use of the system timezone database, rather
 than embedding a copy.  Discussed upstream but was not desired.
 History:
-r22: fix possible buffer overflow
+f24: add internal UTC if tzdata is missing
-r21: retrieve tzdata version from /usr/share/zoneinfo/tzdata.zi
+r23: fix possible buffer overflow
 r22: retrieve tzdata version from /usr/share/zoneinfo/tzdata.zi
 r21: adapt for timelib 2021.03 (in 8.1.0)
 r20: adapt for timelib 2020.03 (in 8.0.10RC1)
 r19: adapt for timelib 2020.02 (in 8.0.0beta2)
 r18: adapt for autotool change in 7.3.3RC1
@ -33,11 +35,12 @@ r3: fix a crash if /usr/share/zoneinfo doesn't exist (Raphael Geissert)
 r2: add filesystem trawl to set up name alias index
 r1: initial revision
 diff --git a/ext/date/config0.m4 b/ext/date/config0.m4
-index 20e4164aaa..a61243646d 100644
+index 6b803bf33e..53c3cdb3f4 100644
 --- a/ext/date/config0.m4
 +++ b/ext/date/config0.m4
-@@ -4,6 +4,19 @@ AC_CHECK_HEADERS([io.h])
+@@ -4,6 +4,19 @@
 dnl Check for strtoll, atoll
 AC_CHECK_FUNCS(strtoll atoll)
@ -54,14 +57,14 @@ index 20e4164aaa..a61243646d 100644
 +   fi
 +fi
 +
- PHP_DATE_CFLAGS="-I@ext_builddir@/lib -DZEND_ENABLE_STATIC_TSRMLS_CACHE=1 -DHAVE_TIMELIB_CONFIG_H=1"
+ AX_CHECK_COMPILE_FLAG([-Wno-implicit-fallthrough],
- timelib_sources="lib/astro.c lib/dow.c lib/parse_date.c lib/parse_tz.c
+   [PHP_DATE_CFLAGS="$PHP_DATE_CFLAGS -Wno-implicit-fallthrough"],,
-                  lib/timelib.c lib/tm2unixtime.c lib/unixtime2tm.c lib/parse_iso_intervals.c lib/interval.c"
+   [-Werror])
 diff --git a/ext/date/lib/parse_tz.c b/ext/date/lib/parse_tz.c
-index e9bd0f136d..c04ff01adc 100644
+index c7f93580d7..ec196a98b6 100644
 --- a/ext/date/lib/parse_tz.c
 +++ b/ext/date/lib/parse_tz.c
-@@ -26,8 +26,21 @@
+@@ -26,9 +26,33 @@
 #include "timelib.h"
 #include "timelib_private.h"
@ -74,8 +77,20 @@ index e9bd0f136d..c04ff01adc 100644
 +
 +#include "php_scandir.h"
 +
 +static const unsigned char internal_utc[] = {
 +        0x54, 0x5a, 0x69, 0x66, 0x32, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 +        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 +        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00,
 +        0x00, 0x00, 0x55, 0x54, 0x43, 0x00, 0x54, 0x5a, 0x69, 0x66, 0x32, 0x00, 0x00, 0x00, 0x00, 0x00,
 +        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
 +        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00,
 +        0x00, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x55, 0x54, 0x43, 0x00, 0x0a, 0x55, 0x54, 0x43,
 +        0x30, 0x0a
 +};
 +
 +#else
 #define TIMELIB_SUPPORTS_V2DATA
 #define TIMELIB_SUPPORT_SLIM_FILE
 #include "timezonedb.h"
 +#endif
 +
@ -83,7 +98,7 @@ index e9bd0f136d..c04ff01adc 100644
 #if (defined(__APPLE__) || defined(__APPLE_CC__)) && (defined(__BIG_ENDIAN__) || defined(__LITTLE_ENDIAN__))
 # if defined(__LITTLE_ENDIAN__)
-@@ -94,6 +107,11 @@ static int read_php_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
+@@ -95,6 +119,11 @@ static int read_php_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
 {
 	uint32_t version;
@ -95,7 +110,7 @@ index e9bd0f136d..c04ff01adc 100644
 	/* read ID */
 	version = (*tzf)[3] - '0';
 	*tzf += 4;
-@@ -435,7 +453,467 @@ void timelib_dump_tzinfo(timelib_tzinfo *tz)
+@@ -577,7 +606,475 @@ void timelib_dump_tzinfo(timelib_tzinfo *tz)
 	}
 }
@ -325,7 +340,6 @@ index e9bd0f136d..c04ff01adc 100644
 +        return timelib_strcasecmp(alpha->id, beta->id);
 +}
 +
 +
 +/* Retrieve tzdata version. */
 +static void retrieve_zone_version(timelib_tzdb *db)
 +{
@ -364,6 +378,7 @@ index e9bd0f136d..c04ff01adc 100644
 +    }
 +}
 +
 +
 +/* Create the zone identifier index by trawling the filesystem. */
 +static void create_zone_index(timelib_tzdb *db)
 +{
@ -439,6 +454,9 @@ index e9bd0f136d..c04ff01adc 100644
 +
 +        qsort(db_index, index_next, sizeof *db_index, sysdbcmp);
 +
 +	if (!index_next) {
 +		db_index[index_next++].id = strdup("UTC");
 +	}
 +	db->index = db_index;
 +	db->index_size = index_next;
 +
@ -545,7 +563,12 @@ index e9bd0f136d..c04ff01adc 100644
 +
 +	fd = open(fname, O_RDONLY);
 +	if (fd == -1) {
 +		if (strcmp(timezone, "UTC")) {
 +			return NULL;
 +		} else {
 +			*length = sizeof(internal_utc);
 +			return internal_utc;
 +		}
 +	} else if (fstat(fd, &st) != 0 || !is_valid_tzfile(&st, fd)) {
 +		close(fd);
 +		return NULL;
@ -564,7 +587,7 @@ index e9bd0f136d..c04ff01adc 100644
 {
 	int left = 0, right = tzdb->index_size - 1;
-@@ -461,9 +939,49 @@ static int seek_to_tz_position(const unsigned char **tzf, const char *timezone,
+@@ -603,9 +1100,49 @@ static int seek_to_tz_position(const unsigned char **tzf, const char *timezone,
 	return 0;
 }
@ -598,7 +621,7 @@ index e9bd0f136d..c04ff01adc 100644
 +	if (timezonedb_system == NULL) {
 +		timelib_tzdb *tmp = malloc(sizeof *tmp);
 +
-+		tmp->version = "0.system";
+		tmp->version = "0";
 +		tmp->data = NULL;
 +		create_zone_index(tmp);
 +		retrieve_zone_version(tmp);
@ -614,7 +637,7 @@ index e9bd0f136d..c04ff01adc 100644
 }
 const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_tzdb *tzdb, int *count)
-@@ -475,7 +993,30 @@ const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_
+@@ -617,7 +1154,32 @@ const timelib_tzdb_index_entry *timelib_timezone_identifiers_list(const timelib_
 int timelib_timezone_id_is_valid(const char *timezone, const timelib_tzdb *tzdb)
 {
 	const unsigned char *tzf;
@ -628,7 +651,9 @@ index e9bd0f136d..c04ff01adc 100644
 +		if (timezone[0] == '\0' || strstr(timezone, "..") != NULL) {
 +			return 0;
 +		}
-+
+		if (!strcmp(timezone, "UTC")) {
 +			return 1;
 +		}
 +		if (system_location_table) {
 +			if (find_zone_info(system_location_table, timezone) != NULL) {
 +				/* found in cache */
@ -646,7 +671,7 @@ index e9bd0f136d..c04ff01adc 100644
 }
 static int skip_64bit_preamble(const unsigned char **tzf, timelib_tzinfo *tz)
-@@ -517,6 +1058,8 @@ static timelib_tzinfo* timelib_tzinfo_ctor(const char *name)
+@@ -662,6 +1224,8 @@ static timelib_tzinfo* timelib_tzinfo_ctor(const char *name)
 timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *tzdb, int *error_code)
 {
 	const unsigned char *tzf;
@ -655,7 +680,7 @@ index e9bd0f136d..c04ff01adc 100644
 	timelib_tzinfo *tmp;
 	int version;
 	int transitions_result, types_result;
-@@ -524,7 +1067,7 @@ timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *t
+@@ -669,7 +1233,7 @@ timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *t
 	*error_code = TIMELIB_ERROR_NO_ERROR;
@ -664,9 +689,9 @@ index e9bd0f136d..c04ff01adc 100644
 		tmp = timelib_tzinfo_ctor(timezone);
 		version = read_preamble(&tzf, tmp, &type);
-@@ -563,11 +1106,36 @@ timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *t
+@@ -712,11 +1276,38 @@ timelib_tzinfo *timelib_parse_tzfile(const char *timezone, const timelib_tzdb *t
 			return NULL;
 		}
 		skip_posix_string(&tzf, tmp);
 +#ifdef HAVE_SYSTEM_TZDATA
 +		if (memmap) {
@ -687,7 +712,9 @@ index e9bd0f136d..c04ff01adc 100644
 +			}
 +
 +			/* Now done with the mmap segment - discard it. */
 +			if (memmap != internal_utc) {
 +				munmap(memmap, maplen);
 +			}
 +		} else {
 +#endif
 		if (type == TIMELIB_TZINFO_PHP) {
@ -702,10 +729,10 @@ index e9bd0f136d..c04ff01adc 100644
 		*error_code = TIMELIB_ERROR_NO_SUCH_TIMEZONE;
 		tmp = NULL;
 diff --git a/ext/date/php_date.c b/ext/date/php_date.c
-index 2d5cffb963..389f09f313 100644
+index 48c82bf7ec..443299c089 100644
 --- a/ext/date/php_date.c
 +++ b/ext/date/php_date.c
-@@ -457,7 +457,11 @@ PHP_MINFO_FUNCTION(date)
+@@ -490,7 +490,11 @@ PHP_MINFO_FUNCTION(date)
 	php_info_print_table_row(2, "date/time support", "enabled");
 	php_info_print_table_row(2, "timelib version", TIMELIB_ASCII_VERSION);
 	php_info_print_table_row(2, "\"Olson\" Timezone Database Version", tzdb->version);
--- a/SOURCES/php-8.2.25-phpinfo.patch
+++ b/SOURCES/php-8.2.25-phpinfo.patch
@ -0,0 +1,44 @@
 Drop "Configure Command" from phpinfo as it doesn't
 provide any useful information.
 The available extensions are not related to this command.
 Replace full GCC name by gcc in php -v output
 diff -up ./ext/standard/info.c.phpinfo ./ext/standard/info.c
 --- ./ext/standard/info.c.phpinfo	2020-07-21 10:49:31.000000000 +0200
 +++ ./ext/standard/info.c	2020-07-21 11:41:56.295633523 +0200
@@ -834,9 +834,6 @@ PHPAPI ZEND_COLD void php_print_info(int
 #ifdef PHP_BUILD_ARCH
 		php_info_print_table_row(2, "Architecture", PHP_BUILD_ARCH);
 #endif
 -#ifdef CONFIGURE_COMMAND
 -		php_info_print_table_row(2, "Configure Command", CONFIGURE_COMMAND );
 -#endif
 		if (sapi_module.pretty_name) {
 			php_info_print_table_row(2, "Server API", sapi_module.pretty_name );
 diff -up ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo ./ext/standard/tests/general_functions/phpinfo.phpt
 --- ./ext/standard/tests/general_functions/phpinfo.phpt.phpinfo	2020-07-21 10:49:31.000000000 +0200
 +++ ./ext/standard/tests/general_functions/phpinfo.phpt	2020-07-21 11:41:56.296633522 +0200
@@ -17,7 +17,6 @@ PHP Version => %s
 System => %s
 Build Date => %r(.+?)%r
 -Configure Command => %s
 Server API => Command Line Interface
 Virtual Directory Support => %s
 Configuration File (php.ini) Path => %s
 diff -up ./sapi/cli/php_cli.c.phpinfo ./sapi/cli/php_cli.c
 --- ./sapi/cli/php_cli.c.phpinfo	2020-07-21 11:43:38.812475300 +0200
 +++ ./sapi/cli/php_cli.c	2020-07-21 11:43:45.783464540 +0200
@@ -644,7 +644,7 @@ static int do_cli(int argc, char **argv)
 					"NTS"
 #endif
 #ifdef PHP_BUILD_COMPILER
 -					" " PHP_BUILD_COMPILER
 +					" gcc"
 #endif
 #ifdef PHP_BUILD_ARCH
 					" " PHP_BUILD_ARCH
--- a/SOURCES/php-8.2.25.tar.xz.asc
+++ b/SOURCES/php-8.2.25.tar.xz.asc
@ -0,0 +1,16 @@
 -----BEGIN PGP SIGNATURE-----
 iQIzBAABCAAdFiEE5gkT5N8gmQfY4w2WZZqXyc8qeVoFAmcXxOsACgkQZZqXyc8q
 eVptDw/+J6heZjQl8p5tQOF0MNLdO7uqBTrByhJ9NxUI7kRAXylMnbAN1SiezpB+
 SIBmho6vOc6bikgiWX2oIQ167sEGSMKAz7uFnx4Piu0UeDgU1YE8Xu0W78WUGaFu
 Af3qI9PFigLcqEm0mh+24feunh7CdH4Sw43BdnAUCFNe66fXm+PVQn2R8UHAPQvb
 BVc2yEn6ndD3NTkklJ5WtqCimOuBs8oktM/PUI5+O96933N4abtescq/em4KMUEM
 d1vqEMNHWaIBHDsRDl2GVCMHN/SyD6htspD50OnpV32+KZB/vM9SKh1jcUca7qaR
 n7iW9Hd92TM6pYdeNmTCnLEKj6xdbhv1Qkpmpqp1jCv4iIpFV0RDpX17lZGkeh7Z
 OtEkS7mOlmHMa+dRRisPFwN4EK+m8O+VkchDr/OkUaM+4DA47UmxkLDViMgKRuc2
 bmIxK9pCwZNJmchRyqW1B7Gl1CvNYbHVNqwXvd07XMJsl6OSKBv2GrQ3eVdiiNHU
 YKGs1dMhWO/9r6hYLfuB5s7VfMXpZ6h701zwJQpwirHbUfxuwt4g0g/+uJtprx31
 tOcFbJ4EJ3f7ZLV2cFGR7f6P2JNPKBTjDih6ldJg/ens3yXM8UePb761zj9uS6Za
 edyg4pqB1yzw+ZgUa8WJnQMwvoENL+UsdfEyjIEEVa9feC9b+5E=
 =4BIp
 -----END PGP SIGNATURE-----
--- a/SOURCES/php-fpm.conf
+++ b/SOURCES/php-fpm.conf
@ -5,11 +5,6 @@
 ; All relative paths in this configuration file are relative to PHP's install
 ; prefix.
 ; Include one or more files. If glob(3) exists, it is used to include a bunch of
 ; files from a glob(3) pattern. This directive can be used everywhere in the
 ; file.
 include=/etc/php-fpm.d/*.conf
 ;;;;;;;;;;;;;;;;;;
 ; Global Options ;
 ;;;;;;;;;;;;;;;;;;
@ -133,5 +128,8 @@ daemonize = yes
 ; used in logs and stats. There is no limitation on the number of pools which
 ; FPM can handle. Your system will tell you anyway :)
-; See /etc/php-fpm.d/*.conf
+; Include one or more files. If glob(3) exists, it is used to include a bunch of
 ; files from a glob(3) pattern. This directive can be used everywhere in the
 ; file.
 include=/etc/php-fpm.d/*.conf
--- a/SOURCES/php-keyring.gpg
+++ b/SOURCES/php-keyring.gpg
--- a/SOURCES/php.ini
+++ b/SOURCES/php.ini
--- a/SPECS/php.spec
+++ b/SPECS/php.spec
@ -7,8 +7,8 @@
 #
 # API/ABI check
-%global apiver      20200930
+%global apiver      20220829
-%global zendver     20200930
+%global zendver     20220829
 %global pdover      20170320
 # we don't want -z defs linker flag
@ -18,7 +18,7 @@
 %global _hardened_build 1
 # version used for php embedded library soname
-%global embed_version 8.0
+%global embed_version 8.2
 %global mysql_sock %(mysql_config --socket 2>/dev/null || echo /var/lib/mysql/mysql.sock)
@ -36,12 +36,19 @@
 %if 0%{?fedora}
 # Enabled by default on Fedora
 %bcond_without   zts
 %ifarch s390x
 # https://bugzilla.redhat.com/show_bug.cgi?id=1969393
 # firebird have ExcludeArch: s390x
 %bcond_with      firebird
 %else
 %bcond_without   firebird
 %endif
 %bcond_without   freetds
 %bcond_without   sodium
 %bcond_without   pspell
 %bcond_without   tidy
 %bcond_without   db4
 %bcond_without   qdbm
 %else
 # Disabled by default on RHEL
 %bcond_with      zts
@ -51,13 +58,13 @@
 %bcond_with      pspell
 %bcond_with      tidy
 %bcond_with      db4
 %bcond_with      qdbm
 %endif
 %bcond_with      modphp
 %bcond_with      imap
 %bcond_without   lmdb
-%global upver        8.0.30
+%global upver        8.2.25
 #global rcver        RC1
 Summary: PHP scripting language for creating dynamic web sites
 Name: php
@ -69,7 +76,8 @@ Release: 1%{?dist}
 # main/snprintf.c, main/spprintf.c and main/rfc1867.c are ASL 1.0
 # ext/date/lib is MIT
 # Zend/zend_sort is NCSA
-License: PHP and Zend and BSD and MIT and ASL 1.0 and NCSA
+# Zend/asm is Boost
 License: PHP-3.01 AND Zend-2.0 AND BSD-2-Clause AND MIT AND Apache-1.0 AND NCSA AND BSL-1.0
 URL: http://www.php.net/
 Source0: https://www.php.net/distributions/php-%{upver}%{?rcver}.tar.xz
@ -96,31 +104,20 @@ Source53: 20-ffi.ini
 Patch1: php-7.4.0-httpd.patch
 Patch5: php-7.2.0-includedir.patch
 Patch6: php-8.0.0-embed.patch
-Patch8: php-7.4.0-libdb.patch
+Patch8: php-8.1.0-libdb.patch
 # get rid of deprecated functions from 8.1
 Patch9: php-8.0.6-deprecated.patch
 # Functional changes
 # Use system nikic/php-parser
-Patch41: php-8.0.19-parser.patch
+Patch41: php-8.2.0-parser.patch
 # use system tzdata
-Patch42: php-8.0.10-systzdata-v21.patch
+Patch42: php-8.2.23-systzdata-v24.patch
 # See http://bugs.php.net/53436
 Patch43: php-7.4.0-phpize.patch
 # Use -lldap_r for OpenLDAP
 Patch45: php-7.4.0-ldap_r.patch
 # drop "Configure command" from phpinfo output
 # and only use gcc (instead of full version)
-Patch47: php-8.0.0-phpinfo.patch
+Patch47: php-8.2.25-phpinfo.patch
 # add sha256 / sha512 security protocol, from 8.1
 Patch48: php-8.0.10-snmp-sha.patch
 # switch phar to use sha256 signature by default, from 8.1
 # implement openssl_256 and openssl_512 for phar signatures, from 8.1
 Patch49: php-8.0.10-phar-sha.patch
 # compatibility with OpenSSL 3.0, from 8.1
 Patch50: php-8.0.21-openssl3.patch
 # use system libxcrypt
 Patch51: php-8.0.13-crypt.patch
 # Upstream fixes (100+)
@ -142,7 +139,7 @@ BuildRequires: httpd-filesystem
 BuildRequires: nginx-filesystem
 BuildRequires: libstdc++-devel
 # no pkgconfig to avoid compat-openssl10
-BuildRequires: openssl-devel >= 1.0.1
+BuildRequires: openssl-devel >= 1.0.2
 BuildRequires: pkgconfig(sqlite3) >= 3.7.4
 BuildRequires: pkgconfig(zlib) >= 1.2.0.4
 BuildRequires: smtpdaemon
@ -161,6 +158,7 @@ BuildRequires: libtool-ltdl-devel
 BuildRequires: systemtap-sdt-devel
 # used for tests
 BuildRequires: %{_bindir}/ps
 BuildRequires: tzdata
 %if %{with zts}
 Provides: php-zts = %{version}-%{release}
@ -214,7 +212,7 @@ running in prefork mode. This module is deprecated.
 %package cli
 Summary: Command-line interface for PHP
 # sapi/cli/ps_title.c is PostgreSQL
-License: PHP and Zend and BSD and MIT and ASL 1.0 and NCSA and PostgreSQL
+License: PHP-3.01 AND Zend-2.0 AND BSD-2-Clause AND MIT AND Apache-1.0 AND NCSA AND PostgreSQL
 Requires: php-common%{?_isa} = %{version}-%{release}
 Provides: php-cgi = %{version}-%{release}, php-cgi%{?_isa} = %{version}-%{release}
 Provides: php-pcntl, php-pcntl%{?_isa}
@ -237,6 +235,7 @@ The php-dbg package contains the interactive PHP debugger.
 Summary: PHP FastCGI Process Manager
 BuildRequires: libacl-devel
 BuildRequires: pkgconfig(libsystemd) >= 209
 BuildRequires: pkgconfig(libselinux)
 Requires: php-common%{?_isa} = %{version}-%{release}
 %{?systemd_requires}
 # To ensure correct /var/lib/php/session ownership:
@ -259,7 +258,8 @@ Summary: Common files for PHP
 # All files licensed under PHP version 3.01, except
 # fileinfo is licensed under PHP version 3.0
 # regex, libmagic are licensed under BSD
-License: PHP and BSD
+License: PHP-3.01 AND BSD-2-Clause
 Requires: tzdata
 # ABI/API check - Arch specific
 Provides: php(api) = %{apiver}-%{__isa_bits}
 Provides: php(zend-abi) = %{zendver}-%{__isa_bits}
@ -287,6 +287,7 @@ Provides: php-libxml, php-libxml%{?_isa}
 Provides: php-openssl, php-openssl%{?_isa}
 Provides: php-phar, php-phar%{?_isa}
 Provides: php-pcre, php-pcre%{?_isa}
 Provides: php-random, php-random%{?_isa}
 Provides: php-reflection, php-reflection%{?_isa}
 Provides: php-session, php-session%{?_isa}
 Provides: php-sockets, php-sockets%{?_isa}
@ -312,14 +313,14 @@ Requires: libtool
 # see "php-config --libs"
 Requires: krb5-devel%{?_isa}
 Requires: libxml2-devel%{?_isa}
-Requires: openssl-devel%{?_isa} >= 1.0.1
+Requires: openssl-devel%{?_isa} >= 1.0.2
 Requires: pcre2-devel%{?_isa}
 Requires: zlib-devel%{?_isa}
 %if %{with zts}
 Provides: php-zts-devel = %{version}-%{release}
 Provides: php-zts-devel%{?_isa} = %{version}-%{release}
 %endif
-Recommends: php-nikic-php-parser4 >= 4.13.0
+Recommends: php-nikic-php-parser4 >= 4.15.1
 %description devel
@ -329,7 +330,7 @@ need to install this package.
 %package opcache
 Summary:   The Zend OPcache
-License:   PHP
+License:   PHP-3.01
 Requires:  php-common%{?_isa} = %{version}-%{release}
 Provides:  php-pecl-zendopcache = %{version}
 Provides:  php-pecl-zendopcache%{?_isa} = %{version}
@ -347,11 +348,11 @@ bytecode optimization patterns that make code execution faster.
 %package imap
 Summary: A module for PHP applications that use IMAP
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: pkgconfig(krb5)
 BuildRequires: pkgconfig(krb5-gssapi)
-BuildRequires: openssl-devel >= 1.0.1
+BuildRequires: openssl-devel >= 1.0.2
 BuildRequires: libc-client-devel
 %description imap
@ -363,11 +364,11 @@ messages on mail servers. PHP is an HTML-embedded scripting language.
 %package ldap
 Summary: A module for PHP applications that use LDAP
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: pkgconfig(libsasl2)
 BuildRequires: openldap-devel
-BuildRequires: openssl-devel >= 1.0.1
+BuildRequires: openssl-devel >= 1.0.2
 %description ldap
 The php-ldap adds Lightweight Directory Access Protocol (LDAP)
@ -378,7 +379,7 @@ language.
 %package pdo
 Summary: A database access abstraction module for PHP applications
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 # ABI/API check - Arch specific
 Provides: php-pdo-abi  = %{pdover}-%{__isa_bits}
@ -395,7 +396,7 @@ databases.
 %package mysqlnd
 Summary: A module for PHP applications that use MySQL databases
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-pdo%{?_isa} = %{version}-%{release}
 Provides: php_database
 Provides: php-mysqli = %{version}-%{release}
@ -414,12 +415,12 @@ This package use the MySQL Native Driver
 %package pgsql
 Summary: A PostgreSQL database module for PHP
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-pdo%{?_isa} = %{version}-%{release}
 Provides: php_database
 Provides: php-pdo_pgsql, php-pdo_pgsql%{?_isa}
 BuildRequires: krb5-devel
-BuildRequires: openssl-devel >= 1.0.1
+BuildRequires: openssl-devel >= 1.0.2
 BuildRequires: libpq-devel
 %description pgsql
@ -433,7 +434,7 @@ php package.
 %package process
 Summary: Modules for PHP script using system process interfaces
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 Provides: php-posix, php-posix%{?_isa}
 Provides: php-shmop, php-shmop%{?_isa}
@ -450,7 +451,7 @@ communication.
 Summary: A module for PHP applications that use ODBC databases
 # All files licensed under PHP version 3.01, except
 # pdo_odbc is licensed under PHP version 3.0
-License: PHP
+License:  PHP-3.01
 Requires: php-pdo%{?_isa} = %{version}-%{release}
 Provides: php_database
 Provides: php-pdo_odbc, php-pdo_odbc%{?_isa}
@ -468,7 +469,7 @@ package.
 %package soap
 Summary: A module for PHP applications that use the SOAP protocol
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: pkgconfig(libxml-2.0)
@ -480,7 +481,7 @@ support to PHP for using the SOAP web services protocol.
 %package pdo-firebird
 Summary: PDO driver for Interbase/Firebird databases
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 # for fb_config command
 BuildRequires:  firebird-devel
 Requires: php-pdo%{?_isa} = %{version}-%{release}
@ -495,7 +496,7 @@ Interbase/Firebird databases.
 %package snmp
 Summary: A module for PHP applications that query SNMP-managed devices
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}, net-snmp
 BuildRequires: net-snmp-devel
@ -508,7 +509,7 @@ will need to install this package and the php package.
 %package xml
 Summary: A module for PHP applications which use XML
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 Provides: php-dom, php-dom%{?_isa}
 Provides: php-domxml, php-domxml%{?_isa}
@ -530,7 +531,7 @@ Summary: A module for PHP applications which need multi-byte string handling
 # All files licensed under PHP version 3.01, except
 # libmbfl is licensed under LGPLv2
 # ucgendat is licensed under OpenLDAP
-License: PHP and LGPLv2 and OpenLDAP
+License: PHP-3.01 AND LGPL-2.1-only AND OLDAP-2.8
 BuildRequires: pkgconfig(oniguruma) >= 6.8
 Provides: bundled(libmbfl) = 1.3.2
 Requires: php-common%{?_isa} = %{version}-%{release}
@ -542,7 +543,7 @@ support for multi-byte string handling to PHP.
 %package gd
 Summary: A module for PHP applications for using the gd graphics library
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: pkgconfig(gdlib) >= 2.1.1
@ -554,7 +555,7 @@ support for using the gd graphics library to PHP.
 Summary: A module for PHP applications for using the bcmath library
 # All files licensed under PHP version 3.01, except
 # libbcmath is licensed under LGPLv2+
-License: PHP and LGPLv2+
+License:  PHP-3.01 AND LGPL-2.1-or-later
 Requires: php-common%{?_isa} = %{version}-%{release}
 %description bcmath
@ -564,7 +565,7 @@ support for using the bcmath library to PHP.
 %package gmp
 Summary: A module for PHP applications for using the GNU MP library
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 BuildRequires: gmp-devel
 Requires: php-common%{?_isa} = %{version}-%{release}
@ -575,7 +576,7 @@ using the GNU MP library.
 %package dba
 Summary: A database abstraction layer module for PHP applications
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 %if %{with db4}
 BuildRequires: libdb-devel
 %endif
@ -583,6 +584,9 @@ BuildRequires: tokyocabinet-devel
 %if %{with lmdb}
 BuildRequires: lmdb-devel
 %endif
 %if %{with qdbm}
 BuildRequires: qdbm-devel
 %endif
 Requires: php-common%{?_isa} = %{version}-%{release}
 %description dba
@ -593,7 +597,7 @@ support for using the DBA database abstraction layer to PHP.
 %package tidy
 Summary: Standard PHP module provides tidy library support
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: libtidy-devel
@ -606,7 +610,7 @@ support for using the tidy library to PHP.
 %package pdo-dblib
 Summary: PDO driver for Microsoft SQL Server and Sybase databases
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-pdo%{?_isa} = %{version}-%{release}
 BuildRequires: freetds-devel
 Provides: php-pdo_dblib, php-pdo_dblib%{?_isa}
@ -632,7 +636,7 @@ into applications to provide PHP scripting language support.
 %package pspell
 Summary: A module for PHP applications for using pspell interfaces
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: aspell-devel >= 0.50.0
@ -644,7 +648,7 @@ support for using the pspell library to PHP.
 %package intl
 Summary: Internationalization extension for PHP applications
 # All files licensed under PHP version 3.01
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: pkgconfig(icu-i18n) >= 50.1
 BuildRequires: pkgconfig(icu-io)   >= 50.1
@ -657,7 +661,7 @@ support for using the ICU library to PHP.
 %package enchant
 Summary: Enchant spelling extension for PHP applications
 # All files licensed under PHP version 3.0
-License: PHP
+License:  PHP-3.01
 Requires: php-common%{?_isa} = %{version}-%{release}
 BuildRequires: pkgconfig(enchant-2)
@ -669,7 +673,7 @@ support for using the enchant library to PHP.
 %package sodium
 Summary: Wrapper for the Sodium cryptographic library
 # All files licensed under PHP version 3.0.1
-License: PHP
+License:  PHP-3.01
 BuildRequires:  pkgconfig(libsodium) >= 1.0.9
 Requires: php-common%{?_isa} = %{version}-%{release}
@ -686,8 +690,7 @@ low-level PHP extension for the libsodium cryptographic library.
 %package ffi
 Summary: Foreign Function Interface
 # All files licensed under PHP version 3.0.1
-License: PHP
+License:  PHP-3.01
 Group: System Environment/Libraries
 BuildRequires:  pkgconfig(libffi)
 Requires: php-common%{?_isa} = %{version}-%{release}
@ -709,20 +712,12 @@ in pure PHP.
 %patch -P5 -p1 -b .includedir
 %patch -P6 -p1 -b .embed
 %patch -P8 -p1 -b .libdb
 %patch -P9 -p1 -b .deprecated
 %patch -P41 -p1 -b .syslib
 %patch -P42 -p1 -b .systzdata
 %patch -P43 -p1 -b .headers
 %if 0%{?fedora} >= 18 || 0%{?rhel} >= 7
 %patch -P45 -p1 -b .ldap_r
 %endif
 %patch -P47 -p1 -b .phpinfo
 %patch -P48 -p1 -b .sha
 %patch -P49 -p1 -b .pharsha
 %patch -P50 -p1 -b .openssl3
 rm ext/openssl/tests/p12_with_extra_certs.p12
 %patch -P51 -p1 -b .libxcrypt
 # upstream patches
@ -735,6 +730,7 @@ rm ext/openssl/tests/p12_with_extra_certs.p12
 # Prevent %%doc confusion over LICENSE files
 cp Zend/LICENSE ZEND_LICENSE
 cp TSRM/LICENSE TSRM_LICENSE
 cp Zend/asm/LICENSE BOOST_LICENSE
 cp sapi/fpm/LICENSE fpm_LICENSE
 cp ext/mbstring/libmbfl/LICENSE libmbfl_LICENSE
 cp ext/fileinfo/libmagic/LICENSE libmagic_LICENSE
@ -754,6 +750,9 @@ mkdir build-cgi build-embedded \
 # ----- Manage known as failed test -------
 # affected by systzdata patch
 rm ext/date/tests/timezone_location_get.phpt
 rm ext/date/tests/timezone_version_get.phpt
 rm ext/date/tests/timezone_version_get_basic1.phpt
 rm ext/date/tests/bug80963.phpt
 # fails sometime
 rm ext/sockets/tests/mcast_ipv?_recv.phpt
 # cause stack exhausion
@ -926,6 +925,9 @@ build --libdir=%{_libdir}/php \
                          --with-tcadb=%{_prefix} \
 %if %{with lmdb}
                          --with-lmdb=%{_prefix} \
 %endif
 %if %{with qdbm}
                          --with-qdbm=%{_prefix} \
 %endif
      --enable-exif=shared \
      --enable-ftp=shared \
@ -1013,6 +1015,7 @@ pushd build-fpm
 build --enable-fpm \
      --with-fpm-acl \
      --with-fpm-systemd \
      --with-fpm-selinux \
      --libdir=%{_libdir}/php \
      --without-mysqli \
      --disable-pdo \
@ -1020,7 +1023,7 @@ build --enable-fpm \
 popd
 # Build for inclusion as embedded script language into applications,
-# /usr/lib[64]/libphp7.so
+# /usr/lib[64]/libphp.so
 pushd build-embedded
 build --enable-embed \
      --without-mysqli --disable-pdo \
@ -1059,6 +1062,9 @@ build --includedir=%{_includedir}/php-zts \
                          --with-tcadb=%{_prefix} \
 %if %{with lmdb}
                          --with-lmdb=%{_prefix} \
 %endif
 %if %{with qdbm}
                          --with-qdbm=%{_prefix} \
 %endif
      --with-gettext=shared \
      --with-iconv=shared \
@ -1220,8 +1226,8 @@ mv $RPM_BUILD_ROOT%{_sysconfdir}/php-fpm.d/www.conf.default .
 # install systemd unit files and scripts for handling server startup
 install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/php-fpm.service.d
 install -Dm 644 %{SOURCE6}  $RPM_BUILD_ROOT%{_unitdir}/php-fpm.service
-install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_unitdir}/httpd.service.d/php-fpm.conf
+install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/httpd.service.d/php-fpm.conf
-install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_unitdir}/nginx.service.d/php-fpm.conf
+install -Dm 644 %{SOURCE12} $RPM_BUILD_ROOT%{_sysconfdir}/systemd/system/nginx.service.d/php-fpm.conf
 # LogRotate
 install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
 install -m 644 %{SOURCE7} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/php-fpm
@ -1399,7 +1405,7 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
 %files common -f files.common
 %doc EXTENSIONS NEWS UPGRADING* README.REDIST.BINS *md docs
-%license LICENSE TSRM_LICENSE ZEND_LICENSE
+%license LICENSE TSRM_LICENSE ZEND_LICENSE BOOST_LICENSE
 %license libmagic_LICENSE
 %license timelib_LICENSE
 %doc php.ini-*
@ -1458,8 +1464,8 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
 %config(noreplace) %{_sysconfdir}/nginx/conf.d/php-fpm.conf
 %config(noreplace) %{_sysconfdir}/nginx/default.d/php.conf
 %{_unitdir}/php-fpm.service
-%{_unitdir}/httpd.service.d/php-fpm.conf
+%config(noreplace) %{_sysconfdir}/systemd/system/httpd.service.d/php-fpm.conf
-%{_unitdir}/nginx.service.d/php-fpm.conf
+%config(noreplace) %{_sysconfdir}/systemd/system/nginx.service.d/php-fpm.conf
 %{_sbindir}/php-fpm
 %dir %{_sysconfdir}/systemd/system/php-fpm.service.d
 %dir %{_sysconfdir}/php-fpm.d
@ -1535,24 +1541,38 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || :
 %changelog
-* Fri Oct  6 2023 Remi Collet <rcollet@redhat.com> - 8.0.30-1
+* Thu Dec 26 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 8.2.25-1
- rebase to 8.0.30
+- Rebuilt for MSVSphere 9.5
- Resolves: RHEL-11946
+
 * Fri Nov  8 2024 Remi Collet <rcollet@redhat.com> - 8.2.25-1
 - rebase to 8.2.25 RHEL-65837
 * Fri Nov 24 2023 Remi Collet <rcollet@redhat.com> - 8.2.13-1
 - rebase to 8.2.13 RHEL-14699
 - add %%__phpize and %%__phpconfig macros
 - move httpd/nginx wants directives to config files in /etc
 - php-fpm.conf: move include directive after [global] section
  following upstream example, allowing overriding
 - use SPDX license IDs
-* Fri Jan 13 2023 Remi Collet <rcollet@redhat.com> - 8.0.27-1
+* Fri Jan 13 2023 Remi Collet <rcollet@redhat.com> - 8.1.14-1
- rebase to 8.0.27
+- rebase to 8.1.14
-* Mon Aug  1 2022 Remi Collet <rcollet@redhat.com> - 8.0.20-3
+* Wed Jul  6 2022 Remi Collet <rcollet@redhat.com> - 8.1.8-1
- snmp3 calls using authPriv or authNoPriv immediately return false #2104630
+- update to 8.1.8 #2070040
-* Mon Jun 13 2022 Remi Collet <rcollet@redhat.com> - 8.0.20-2
+* Mon Jun 13 2022 Remi Collet <rcollet@redhat.com> - 8.1.7-2
- fix patch41 not applied (use system nikic/php-parser when available)
+- clean unneeded dependency on useradd command
-* Mon Jun 13 2022 Remi Collet <rcollet@redhat.com> - 8.0.20-1
+* Thu Jun  9 2022 Remi Collet <rcollet@redhat.com> - 8.1.7-1
- rebase to 8.0.20 #2095752
+- update to 8.1.7 #2070040
- clean unneeded dependency on useradd command #2095447
+
 * Fri Jun  3 2022 Remi Collet <rcollet@redhat.com> - 8.1.6-2
 - add upstream patch to initialize pcre before mbstring
- retrieve tzdata version from /usr/share/zoneinfo/tzdata.zi
+- add upstream patch to use more sha256 in openssl tests
 * Tue May 17 2022 Remi Collet <rcollet@redhat.com> - 8.1.6-1
 - update to 8.1.6 #2070040
 * Wed Dec 15 2021 Remi Collet <rcollet@redhat.com> - 8.0.13-1
 - rebase to 8.0.13 #2032429
`@ -1 +1 @@`
	`SOURCES/php-8.0.30.tar.xz`	`SOURCES/php-8.2.25.tar.xz`
`@ -1 +1 @@`
	`f6d5137d6ce3e52b6d8a582e2990913f2807add4 SOURCES/php-8.0.30.tar.xz`	`39d38455c9060697fb2dd2e0b99e96b1a7608fb6 SOURCES/php-8.2.25.tar.xz`