Upgrade to Pro — share decks privately, control downloads, hide ads and more …

My Journey To The Center Of PHP - Northeast PHP 2017

Sammy Kaye Powers
August 10, 2017
Programming
0
1.2k

My Journey To The Center Of PHP - Northeast PHP 2017

Talk given at Northeast PHP 2017 on August 10, 2017.

"I don't know C!", is probably one of the most common excuses that us PHP nerds give for not contributing to PHP source. And top it off with all the overly-publicized drama surrounding the PHP internals mailing list, most user-land PHP developers don't want to touch PHP source with a ten foot pole.

In this talk I tell my story of how a plain-old user-land PHP nerd who, "doesn't know C," found himself drawn to PHP internals like a bug to a light. I was meet with a lovely helpful community of individuals who mentored me the whole way to making PHP better. This talk will encourage and inspire you to join me on an epic journey to the center of PHP.

Sammy Kaye Powers

August 10, 2017
Tweet

More Decks by Sammy Kaye Powers

See All by Sammy Kaye Powers
Going Bare - Writing The Web Without A Framework - Longhorn PHP 2019
sammyk
1
1k
Going bare - writing the web without a framework - php[world] 2018
sammyk
0
550
The Debug Dance - An Intro To Step Debugging - php[world] 2018
sammyk
0
1.1k
Let's get random: Under the hood of PHP 7's CSPRNG - ZendCon & OpenEnterprise 2018
sammyk
0
1.2k
The debug dance: An intro to step debugging - ZendCon & OpenEnterprise 2018
sammyk
1
360
Going Bare - Writing the web without a framework - Cascadia PHP 2018
sammyk
0
440
Let's Get Random - Under The Hood of PHP 7's CSPRNG - php[tek] 2018
sammyk
0
240
Writing Tests For PHP Source - ZendCon 2017
sammyk
1
1.3k
Going Bare - Writing the web without a framework - ZendCon 2017
sammyk
2
390

Other Decks in Programming

See All in Programming
Komplexe Oberflächen mit SVG und der Web Animation API
joergneumann
0
660
Goのmultiple errorsについて (2024年4月版)
syumai
1
250
スキーマ駆動開発による品質とスピードの両立 - 私達は何故、スキーマを書くのか
kentaroutakeda
0
160
DMMプラットフォームがTiDB Cloudを採用した背景
pospome
8
3.9k
ゆるい個人開発のススメ
kuroppe1819
10
970
PHPの次期バージョンはこの時期どうなっているのか - Internalsの開発体制について - PHPカンファレンス小田原
youkidearitai
PRO
1
190
R言語の環境構築と基礎 Tokyo.R 112
bob3bob3
0
250
二郎系ラーメンのコールで学ぶ AST 解析
memory1994
PRO
7
1.7k
MicrosoftのPlatform Engineeringガイドを読んで実際になにかやってみた
ymd65536
1
180
Site Reliability Engineering for GMO
pyama86
7
1k
Git Rebase
bkuhlmann
11
1.6k
はてなにおける CSS Modules、及び CSS Modules に足りないもの / CSS Modules in Hatena, and CSS Modules missing parts
mizdra
6
870

Featured

See All Featured
How to name files
jennybc
64
93k
Rebuilding a faster, lazier Slack
samanthasiow
72
8.2k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
15
1.4k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
4.4k
BBQ
matthewcrist
80
8.8k
A Modern Web Designer's Workflow
chriscoyier
688
190k
Clear Off the Table
cherdarchuk
83
310k
The MySQL Ecosystem @ GitHub 2015
samlambert
242
12k
RailsConf 2023
tenderlove
2
530
Mobile First: as difficult as doing things right
swwweet
216
8.6k
Building Your Own Lightsaber
phodgson
98
5.7k
Product Roadmaps are Hard
iamctodd
43
9.7k

Transcript

  1. A U G U S T 1 0 T H

    , 2 0 1 7 JOURNEY MY CENTER TO THE OF S A M M Y K A Y E P O W E R S @SammyK #nephp17 joind.in/talk/8e1b4

  2. @SammyK #nephp17 joind.in/talk/8e1b4 SLIDES GET THE joind.in/talk/8e1b4

  3. SCARY! INTERNALS IS http://saint-max.deviantart.com

  4. I don’t know C! Internals is scary! I don’t know

    what I’m doing!

  5. @SammyK #nephp17 joind.in/talk/8e1b4 BOOKS ON PHP 7 INTERNALS: THIS PAGE

    INTENTIONALLY LEFT BLANK

  6. @SammyK #nephp17 joind.in/talk/8e1b4 WEBSITES ON PHP 7 INTERNALS: PHPINTERNALSBOOK.COM

  7. @SammyK #nephp17 joind.in/talk/8e1b4 BUBBLE MY 1998-2013

  8. @SammyK #nephp17 joind.in/talk/8e1b4 LARACON 2014 NEW YORK PHP|TEK CHICAGO

  9. @SammyK #nephp17 joind.in/talk/8e1b4 PHP|TEK HACK-A-THON CONTRIBUTE TO PHP

  10. @SammyK #nephp17 joind.in/talk/8e1b4 I don’t know what I’m doing!

  11. ELIZABETH SMITH DERICK RETHANS

  12. None

  13. ANTHONY FERRARA

  14. CONTRIBUTION MY FIRST

  15. @SammyK #nephp17 joind.in/talk/8e1b4 this is a table…

  16. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

  17. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

  18. @SammyK #nephp17 joind.in/talk/8e1b4 TABS SPACES VS

  19. @SammyK #nephp17 joind.in/talk/8e1b4 CLOSER TO INTERNALS PUSHED ME

  20. @SammyK #nephp17 joind.in/talk/8e1b4 OPEN SOURCE

  21. PHP SDK FACEBOOK

  22. @SammyK #nephp17 joind.in/talk/8e1b4 FOSCO MAROTTO

  23. @SammyK #nephp17 joind.in/talk/8e1b4 HQ FACEBOOK

  24. None

  25. @SammyK #nephp17 joind.in/talk/8e1b4 CHANGED IT ALL THE PR THAT

  26. None
  27. None

  28. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT ARCISZEWSKI (AR - SIZ - ZU

    - SKI)

  29. @SammyK #nephp17 joind.in/talk/8e1b4

  30. None

  31. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT’S PR INFOSEC FALLOUT ==

  32. @SammyK #nephp17 joind.in/talk/8e1b4 I HAD A CHOICE OR

  33. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG WUT?

  34. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG WUT?

  35. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG mt_rand($min, $max); rand($min, $max); lcg_value();

  36. CSPRNG echo mt_rand(0, 42); 11

  37. CSPRNG echo mt_rand(0, 42); 7

  38. echo mt_rand(0, 42); 39 CSPRNG

  39. CSPRNG mt_srand(10); echo mt_rand(0, 42);

  40. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  41. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  42. mt_srand(10); echo mt_rand(0, 42); 21 CSPRNG

  43. @SammyK #nephp17 joind.in/talk/8e1b4 mt_rand(); AUTO SEEDING USING TIMESTAMP + A

    FEW OTHER VARIABLES CSPRNG

  44. @SammyK #nephp17 joind.in/talk/8e1b4

  45. None

  46. @SammyK #nephp17 joind.in/talk/8e1b4

  47. None

  48. @SammyK #nephp17 joind.in/talk/8e1b4 AUTO SEEDING USING TIMESTAMP + A FEW

    OTHER VARIABLES
  49. None

  50. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG’S USE BETTER SEEDS

  51. None

  52. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  53. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  54. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Since the UNIX fork() system call duplicates the

    entire process state, a random number generator which does not take this issue into account will produce the same sequence of random numbers in both the parent and the child […], leading to cryptographic disaster… “

  55. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety OpenSSL cannot fix the fork- safety problem because

    its not in a position to do so. However, there are [solutions] available and they are listed below. “

  56. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Don't use RAND_bytes “

  57. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Instead, you can read directly from /dev/random, /dev/urandom

    or /dev/srandom; or use CryptGenRandom on Windows systems. “

  58. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  59. mcrypt_create_iv()

  60. @SammyK #nephp17 joind.in/talk/8e1b4 mcrypt_create_iv()

  61. @SammyK #nephp17 joind.in/talk/8e1b4 mcrypt_create_iv()

  62. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  63. @SammyK #nephp17 joind.in/talk/8e1b4 /dev/*random

  64. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  65. Why is CSPRNG so hard in PHP?

  66. @SammyK #nephp17 joind.in/talk/8e1b4 SUNSHINE PHP 2015

  67. Why is CSPRNG so hard in PHP?

  68. Because no one’s made it easy.

  69. CSPRNG MAKE EASY

  70. I have NO idea what I’m doing!

  71. Start with user-land implementation

  72. github.com/SammyK/php-src-csprng

  73. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_int($min, $max) random_bytes($bytes)

    random_hex($bytes)

  74. Vetted by infosec nerds. including…

  75. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT

  76. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max)

  77. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max) two

  78. @SammyK #nephp17 joind.in/talk/8e1b4 ADD NEW FUNCTIONS bin2hex(random_bytes($bytes)) === THREE two

    random_hex($bytes)

  79. @SammyK #nephp17 joind.in/talk/8e1b4 IMPLEMENTATION THE ACTUAL

  80. None

  81. google!

  82. COPY I DON’T ALWAYS PASTE & BUT WHEN I DO…

  83. github.com/php/php-src/pull/191/files

  84. /ext/standard/basic_functions.c

  85. /ext/standard/base64.c

  86. @SammyK #nephp17 joind.in/talk/8e1b4 COPY PASTE

  87. @SammyK #nephp17 joind.in/talk/8e1b4 COMPILE TEST

  88. @SammyK #nephp17 joind.in/talk/8e1b4 random bytes int min max ?? ??

    ? ??!!

  89. @SammyK #nephp17 joind.in/talk/8e1b4 ROOM 11

  90. segfault

  91. I have NO idea what I’m doing! random bytes int

    min max

  92. @SammyK #nephp17 joind.in/talk/8e1b4 LEIGH LAST NAME?

  93. None

  94. @SammyK #nephp17 joind.in/talk/8e1b4 THE P R O C E S

    S (REQUEST FOR COMMENTS)

  95. @SammyK #nephp17 joind.in/talk/8e1b4 [email protected]

  96. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA

  97. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA wiki.php.net

  98. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA [email protected]

  99. @SammyK #nephp17 joind.in/talk/8e1b4 YOUR RFC CREATE wiki.php.net/rfc/howto

  100. @SammyK #nephp17 joind.in/talk/8e1b4 YOUR RFC ANNOUNCE [email protected]

  101. @SammyK #nephp17 joind.in/talk/8e1b4 FOR 2 WEEKS WAIT

  102. @SammyK #nephp17 joind.in/talk/8e1b4 UNDER DISCUSSION

  103. @SammyK #nephp17 joind.in/talk/8e1b4 ANNOUNCE THE VOTING PHASE [email protected]

  104. @SammyK #nephp17 joind.in/talk/8e1b4 USUALLY 2 WEEKS

  105. @SammyK #nephp17 joind.in/talk/8e1b4

  106. @SammyK #nephp17 joind.in/talk/8e1b4 sammyk.me/how-to-contribute-to-php-documentation

  107. @SammyK #nephp17 joind.in/talk/8e1b4 THE PROCESS FIN

  108. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

  109. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

  110. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

    ✓ ✓

  111. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

    ✓ ✓ x

  112. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ x

    PHP internals is scawy!

  113. Everyone is smarter than me - I’ll be a laughingstock!

    Everyone is mean - look at scalar type- hints drama!

  114. Let’s do this sh… stuff!

  115. None
  116. None

  117. LATER …TWO WEEKS

  118. None
  119. None

  120. @SammyK #nephp17 joind.in/talk/8e1b4

  121. @SammyK #nephp17 joind.in/talk/8e1b4

  122. @SammyK #nephp17 joind.in/talk/8e1b4 JOURNEY MY CENTER TO THE OF IT’S

    LIKE EATING

  123. LEARNED WHAT I I don’t know what I’m doing! HOW

    FEATURES ARE ADDED TO PHP THE CULTURE OF PHP INTERNALS BETTER AT C & C++ DEEPER UNDERSTANDING OF CSPRNG’S BINARY AND HEXADECIMAL NUMBER SYSTEMS HOW TO CONTRIBUTE TO THE PHP DOCS AND TONS MORE!

  124. I STILL have no idea what I’m doing!

  125. SCARY! INTERNALS IS http://saint-max.deviantart.com

  126. SCARY! INTERNALS IS http://saint-max.deviantart.com not ^

  127. @SammyK #nephp17 joind.in/talk/8e1b4 COMMUNITY LOVING

  128. @SammyK #nephp17 joind.in/talk/8e1b4 I N T E R N A

    L S N E E D S YOU SOURCE BUGS WEBSITE TESTS

  129. For PHP Source Writing Tests Tomorrow @ 9AM Richmond Room

    #SHAMELESSPLUG

  130. @SammyK #nephp17 joind.in/talk/8e1b4 TABS INTERNALS USES

  131. THANKS! SAMMY KAYE POWERS @SammyK SammyK.me Host of @PHPRoundtable @ChiPHPUG

    West Coast Swing /talk/8e1b4 I have stickers!