Upgrade to Pro — share decks privately, control downloads, hide ads and more …

My Journey To The Center Of PHP - Northeast PHP...

Sammy Kaye Powers
August 10, 2017
Programming
0
1.3k

My Journey To The Center Of PHP - Northeast PHP 2017

Talk given at Northeast PHP 2017 on August 10, 2017.

"I don't know C!", is probably one of the most common excuses that us PHP nerds give for not contributing to PHP source. And top it off with all the overly-publicized drama surrounding the PHP internals mailing list, most user-land PHP developers don't want to touch PHP source with a ten foot pole.

In this talk I tell my story of how a plain-old user-land PHP nerd who, "doesn't know C," found himself drawn to PHP internals like a bug to a light. I was meet with a lovely helpful community of individuals who mentored me the whole way to making PHP better. This talk will encourage and inspire you to join me on an epic journey to the center of PHP.

Sammy Kaye Powers

August 10, 2017
Tweet

More Decks by Sammy Kaye Powers

See All by Sammy Kaye Powers
Going Bare - Writing The Web Without A Framework - Longhorn PHP 2019
sammyk
1
1.1k
Going bare - writing the web without a framework - php[world] 2018
sammyk
0
640
The Debug Dance - An Intro To Step Debugging - php[world] 2018
sammyk
0
1.3k
Let's get random: Under the hood of PHP 7's CSPRNG - ZendCon & OpenEnterprise 2018
sammyk
0
1.4k
The debug dance: An intro to step debugging - ZendCon & OpenEnterprise 2018
sammyk
1
430
Going Bare - Writing the web without a framework - Cascadia PHP 2018
sammyk
0
560
Let's Get Random - Under The Hood of PHP 7's CSPRNG - php[tek] 2018
sammyk
0
250
Writing Tests For PHP Source - ZendCon 2017
sammyk
1
1.5k
Going Bare - Writing the web without a framework - ZendCon 2017
sammyk
2
450

Other Decks in Programming

See All in Programming
GitHub Actionsのキャッシュと手を挙げることの大切さとそれに必要なこと
satoshi256kbyte
5
420
どうして僕の作ったクラスが手続き型と言われなきゃいけないんですか
akikogoto
1
100
Why Jakarta EE Matters to Spring - and Vice Versa
ivargrimstad
0
810
What’s New in Compose Multiplatform - A Live Tour (droidcon London 2024)
zsmb
1
460
WebフロントエンドにおけるGraphQL(あるいはバックエンドのAPI)との向き合い方 / #241106_plk_frontend
izumin5210
4
1.3k
Streams APIとTCPフロー制御 / Web Streams API and TCP flow control
tasshi
2
340
카카오페이는 어떻게 수천만 결제를 처리할까? 우아한 결제 분산락 노하우
kakao
PRO
0
110
Quine, Polyglot, 良いコード
qnighy
4
630
RubyLSPのマルチバイト文字対応
notfounds
0
100
Duckdb-Wasmでローカルダッシュボードを作ってみた
nkforwork
0
110
初めてDefinitelyTypedにPRを出した話
syumai
0
250
Webの技術スタックで マルチプラットフォームアプリ開発を可能にするElixirDesktopの紹介
thehaigo
2
1k

Featured

See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
109
49k
Mobile First: as difficult as doing things right
swwweet
222
8.9k
Writing Fast Ruby
sferik
627
61k
YesSQL, Process and Tooling at Scale
rocio
168
14k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
665
120k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Building Adaptive Systems
keathley
38
2.3k
Code Reviewing Like a Champion
maltzj
520
39k

Transcript

  1. A U G U S T 1 0 T H

    , 2 0 1 7 JOURNEY MY CENTER TO THE OF S A M M Y K A Y E P O W E R S @SammyK #nephp17 joind.in/talk/8e1b4

  2. @SammyK #nephp17 joind.in/talk/8e1b4 SLIDES GET THE joind.in/talk/8e1b4

  3. SCARY! INTERNALS IS http://saint-max.deviantart.com

  4. I don’t know C! Internals is scary! I don’t know

    what I’m doing!

  5. @SammyK #nephp17 joind.in/talk/8e1b4 BOOKS ON PHP 7 INTERNALS: THIS PAGE

    INTENTIONALLY LEFT BLANK

  6. @SammyK #nephp17 joind.in/talk/8e1b4 WEBSITES ON PHP 7 INTERNALS: PHPINTERNALSBOOK.COM

  7. @SammyK #nephp17 joind.in/talk/8e1b4 BUBBLE MY 1998-2013

  8. @SammyK #nephp17 joind.in/talk/8e1b4 LARACON 2014 NEW YORK PHP|TEK CHICAGO

  9. @SammyK #nephp17 joind.in/talk/8e1b4 PHP|TEK HACK-A-THON CONTRIBUTE TO PHP

  10. @SammyK #nephp17 joind.in/talk/8e1b4 I don’t know what I’m doing!

  11. ELIZABETH SMITH DERICK RETHANS

  12. None

  13. ANTHONY FERRARA

  14. CONTRIBUTION MY FIRST

  15. @SammyK #nephp17 joind.in/talk/8e1b4 this is a table…

  16. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

  17. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

  18. @SammyK #nephp17 joind.in/talk/8e1b4 TABS SPACES VS

  19. @SammyK #nephp17 joind.in/talk/8e1b4 CLOSER TO INTERNALS PUSHED ME

  20. @SammyK #nephp17 joind.in/talk/8e1b4 OPEN SOURCE

  21. PHP SDK FACEBOOK

  22. @SammyK #nephp17 joind.in/talk/8e1b4 FOSCO MAROTTO

  23. @SammyK #nephp17 joind.in/talk/8e1b4 HQ FACEBOOK

  24. None

  25. @SammyK #nephp17 joind.in/talk/8e1b4 CHANGED IT ALL THE PR THAT

  26. None
  27. None

  28. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT ARCISZEWSKI (AR - SIZ - ZU

    - SKI)

  29. @SammyK #nephp17 joind.in/talk/8e1b4

  30. None

  31. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT’S PR INFOSEC FALLOUT ==

  32. @SammyK #nephp17 joind.in/talk/8e1b4 I HAD A CHOICE OR

  33. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG WUT?

  34. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG WUT?

  35. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG mt_rand($min, $max); rand($min, $max); lcg_value();

  36. CSPRNG echo mt_rand(0, 42); 11

  37. CSPRNG echo mt_rand(0, 42); 7

  38. echo mt_rand(0, 42); 39 CSPRNG

  39. CSPRNG mt_srand(10); echo mt_rand(0, 42);

  40. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  41. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  42. mt_srand(10); echo mt_rand(0, 42); 21 CSPRNG

  43. @SammyK #nephp17 joind.in/talk/8e1b4 mt_rand(); AUTO SEEDING USING TIMESTAMP + A

    FEW OTHER VARIABLES CSPRNG

  44. @SammyK #nephp17 joind.in/talk/8e1b4

  45. None

  46. @SammyK #nephp17 joind.in/talk/8e1b4

  47. None

  48. @SammyK #nephp17 joind.in/talk/8e1b4 AUTO SEEDING USING TIMESTAMP + A FEW

    OTHER VARIABLES
  49. None

  50. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG’S USE BETTER SEEDS

  51. None

  52. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  53. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  54. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Since the UNIX fork() system call duplicates the

    entire process state, a random number generator which does not take this issue into account will produce the same sequence of random numbers in both the parent and the child […], leading to cryptographic disaster… “

  55. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety OpenSSL cannot fix the fork- safety problem because

    its not in a position to do so. However, there are [solutions] available and they are listed below. “

  56. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Don't use RAND_bytes “

  57. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Instead, you can read directly from /dev/random, /dev/urandom

    or /dev/srandom; or use CryptGenRandom on Windows systems. “

  58. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  59. mcrypt_create_iv()

  60. @SammyK #nephp17 joind.in/talk/8e1b4 mcrypt_create_iv()

  61. @SammyK #nephp17 joind.in/talk/8e1b4 mcrypt_create_iv()

  62. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  63. @SammyK #nephp17 joind.in/talk/8e1b4 /dev/*random

  64. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  65. Why is CSPRNG so hard in PHP?

  66. @SammyK #nephp17 joind.in/talk/8e1b4 SUNSHINE PHP 2015

  67. Why is CSPRNG so hard in PHP?

  68. Because no one’s made it easy.

  69. CSPRNG MAKE EASY

  70. I have NO idea what I’m doing!

  71. Start with user-land implementation

  72. github.com/SammyK/php-src-csprng

  73. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_int($min, $max) random_bytes($bytes)

    random_hex($bytes)

  74. Vetted by infosec nerds. including…

  75. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT

  76. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max)

  77. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max) two

  78. @SammyK #nephp17 joind.in/talk/8e1b4 ADD NEW FUNCTIONS bin2hex(random_bytes($bytes)) === THREE two

    random_hex($bytes)

  79. @SammyK #nephp17 joind.in/talk/8e1b4 IMPLEMENTATION THE ACTUAL

  80. None

  81. google!

  82. COPY I DON’T ALWAYS PASTE & BUT WHEN I DO…

  83. github.com/php/php-src/pull/191/files

  84. /ext/standard/basic_functions.c

  85. /ext/standard/base64.c

  86. @SammyK #nephp17 joind.in/talk/8e1b4 COPY PASTE

  87. @SammyK #nephp17 joind.in/talk/8e1b4 COMPILE TEST

  88. @SammyK #nephp17 joind.in/talk/8e1b4 random bytes int min max ?? ??

    ? ??!!

  89. @SammyK #nephp17 joind.in/talk/8e1b4 ROOM 11

  90. segfault

  91. I have NO idea what I’m doing! random bytes int

    min max

  92. @SammyK #nephp17 joind.in/talk/8e1b4 LEIGH LAST NAME?

  93. None

  94. @SammyK #nephp17 joind.in/talk/8e1b4 THE P R O C E S

    S (REQUEST FOR COMMENTS)

  95. @SammyK #nephp17 joind.in/talk/8e1b4 [email protected]

  96. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA

  97. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA wiki.php.net

  98. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA [email protected]

  99. @SammyK #nephp17 joind.in/talk/8e1b4 YOUR RFC CREATE wiki.php.net/rfc/howto

  100. @SammyK #nephp17 joind.in/talk/8e1b4 YOUR RFC ANNOUNCE [email protected]

  101. @SammyK #nephp17 joind.in/talk/8e1b4 FOR 2 WEEKS WAIT

  102. @SammyK #nephp17 joind.in/talk/8e1b4 UNDER DISCUSSION

  103. @SammyK #nephp17 joind.in/talk/8e1b4 ANNOUNCE THE VOTING PHASE [email protected]

  104. @SammyK #nephp17 joind.in/talk/8e1b4 USUALLY 2 WEEKS

  105. @SammyK #nephp17 joind.in/talk/8e1b4

  106. @SammyK #nephp17 joind.in/talk/8e1b4 sammyk.me/how-to-contribute-to-php-documentation

  107. @SammyK #nephp17 joind.in/talk/8e1b4 THE PROCESS FIN

  108. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

  109. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

  110. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

    ✓ ✓

  111. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

    ✓ ✓ x

  112. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ x

    PHP internals is scawy!

  113. Everyone is smarter than me - I’ll be a laughingstock!

    Everyone is mean - look at scalar type- hints drama!

  114. Let’s do this sh… stuff!

  115. None
  116. None

  117. LATER …TWO WEEKS

  118. None
  119. None

  120. @SammyK #nephp17 joind.in/talk/8e1b4

  121. @SammyK #nephp17 joind.in/talk/8e1b4

  122. @SammyK #nephp17 joind.in/talk/8e1b4 JOURNEY MY CENTER TO THE OF IT’S

    LIKE EATING

  123. LEARNED WHAT I I don’t know what I’m doing! HOW

    FEATURES ARE ADDED TO PHP THE CULTURE OF PHP INTERNALS BETTER AT C & C++ DEEPER UNDERSTANDING OF CSPRNG’S BINARY AND HEXADECIMAL NUMBER SYSTEMS HOW TO CONTRIBUTE TO THE PHP DOCS AND TONS MORE!

  124. I STILL have no idea what I’m doing!

  125. SCARY! INTERNALS IS http://saint-max.deviantart.com

  126. SCARY! INTERNALS IS http://saint-max.deviantart.com not ^

  127. @SammyK #nephp17 joind.in/talk/8e1b4 COMMUNITY LOVING

  128. @SammyK #nephp17 joind.in/talk/8e1b4 I N T E R N A

    L S N E E D S YOU SOURCE BUGS WEBSITE TESTS

  129. For PHP Source Writing Tests Tomorrow @ 9AM Richmond Room

    #SHAMELESSPLUG

  130. @SammyK #nephp17 joind.in/talk/8e1b4 TABS INTERNALS USES

  131. THANKS! SAMMY KAYE POWERS @SammyK SammyK.me Host of @PHPRoundtable @ChiPHPUG

    West Coast Swing /talk/8e1b4 I have stickers!