Upgrade to Pro — share decks privately, control downloads, hide ads and more …

My Journey To The Center Of PHP - Northeast PHP...

Sammy Kaye Powers
August 10, 2017
Programming
0
1.3k

My Journey To The Center Of PHP - Northeast PHP 2017

Talk given at Northeast PHP 2017 on August 10, 2017.

"I don't know C!", is probably one of the most common excuses that us PHP nerds give for not contributing to PHP source. And top it off with all the overly-publicized drama surrounding the PHP internals mailing list, most user-land PHP developers don't want to touch PHP source with a ten foot pole.

In this talk I tell my story of how a plain-old user-land PHP nerd who, "doesn't know C," found himself drawn to PHP internals like a bug to a light. I was meet with a lovely helpful community of individuals who mentored me the whole way to making PHP better. This talk will encourage and inspire you to join me on an epic journey to the center of PHP.

Sammy Kaye Powers

August 10, 2017
Tweet

More Decks by Sammy Kaye Powers

See All by Sammy Kaye Powers
Going Bare - Writing The Web Without A Framework - Longhorn PHP 2019
sammyk
1
1.2k
Going bare - writing the web without a framework - php[world] 2018
sammyk
0
670
The Debug Dance - An Intro To Step Debugging - php[world] 2018
sammyk
0
1.4k
Let's get random: Under the hood of PHP 7's CSPRNG - ZendCon & OpenEnterprise 2018
sammyk
0
1.5k
The debug dance: An intro to step debugging - ZendCon & OpenEnterprise 2018
sammyk
1
450
Going Bare - Writing the web without a framework - Cascadia PHP 2018
sammyk
0
670
Let's Get Random - Under The Hood of PHP 7's CSPRNG - php[tek] 2018
sammyk
0
270
Writing Tests For PHP Source - ZendCon 2017
sammyk
1
1.6k
Going Bare - Writing the web without a framework - ZendCon 2017
sammyk
2
480

Other Decks in Programming

See All in Programming
SwiftUI API Design Lessons
niw
1
270
The Weight of Data: Rethinking Cloud-Native Systems for the Age of AI
hollycummins
0
270
Empowering Developers with HTML-Aware ERB Tooling @ RubyKaigi 2025, Matsuyama, Ehime
marcoroth
1
250
地域ITコミュニティの活性化とAWSに移行してみた話
yuukis
0
230
Develop Faster With FrankenPHP
dunglas
2
3.2k
Boost Your Performance and Developer Productivity with Jakarta EE 11
ivargrimstad
0
1.3k
MCP世界への招待: AIエンジニアが創る次世代エージェント連携の世界
gunta
4
890
生成AIを使ったQAアプリケーションの作成 - ハンズオン補足資料
oracle4engineer
PRO
3
200
DomainException と Result 型で作る型安全なエラーハンドリング
karszawa
0
890
スモールスタートで始めるためのLambda×モノリス(Lambdalith)
akihisaikeda
2
240
AIコーディングワークフローの試行 〜AIエージェント×ワークフローでの自動化を目指して〜
rkaga
2
3.5k
MCP調べてみました! / Exploring MCP
uhzz
2
2.2k

Featured

See All Featured
Music & Morning Musume
bryan
47
6.5k
Designing Experiences People Love
moore
141
24k
Adopting Sorbet at Scale
ufuk
76
9.3k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
52
2.4k
Java REST API Framework Comparison - PWX 2021
mraible
30
8.5k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
60k
Faster Mobile Websites
deanohume
306
31k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
47
2.5k
Being A Developer After 40
akosma
91
590k
Code Review Best Practice
trishagee
67
18k
Done Done
chrislema
183
16k

Transcript

  1. A U G U S T 1 0 T H

    , 2 0 1 7 JOURNEY MY CENTER TO THE OF S A M M Y K A Y E P O W E R S @SammyK #nephp17 joind.in/talk/8e1b4

  2. @SammyK #nephp17 joind.in/talk/8e1b4 SLIDES GET THE joind.in/talk/8e1b4

  3. SCARY! INTERNALS IS http://saint-max.deviantart.com

  4. I don’t know C! Internals is scary! I don’t know

    what I’m doing!

  5. @SammyK #nephp17 joind.in/talk/8e1b4 BOOKS ON PHP 7 INTERNALS: THIS PAGE

    INTENTIONALLY LEFT BLANK

  6. @SammyK #nephp17 joind.in/talk/8e1b4 WEBSITES ON PHP 7 INTERNALS: PHPINTERNALSBOOK.COM

  7. @SammyK #nephp17 joind.in/talk/8e1b4 BUBBLE MY 1998-2013

  8. @SammyK #nephp17 joind.in/talk/8e1b4 LARACON 2014 NEW YORK PHP|TEK CHICAGO

  9. @SammyK #nephp17 joind.in/talk/8e1b4 PHP|TEK HACK-A-THON CONTRIBUTE TO PHP

  10. @SammyK #nephp17 joind.in/talk/8e1b4 I don’t know what I’m doing!

  11. ELIZABETH SMITH DERICK RETHANS

  12. None

  13. ANTHONY FERRARA

  14. CONTRIBUTION MY FIRST

  15. @SammyK #nephp17 joind.in/talk/8e1b4 this is a table…

  16. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

  17. I love tabs! this is a table… Spaces is where

    it’s at! I’m trying to upgrade bison I added array_column() Have you used Docker? Licensing in FOSS is important Let’s have a PGP key signing party! JavaScript is weird

  18. @SammyK #nephp17 joind.in/talk/8e1b4 TABS SPACES VS

  19. @SammyK #nephp17 joind.in/talk/8e1b4 CLOSER TO INTERNALS PUSHED ME

  20. @SammyK #nephp17 joind.in/talk/8e1b4 OPEN SOURCE

  21. PHP SDK FACEBOOK

  22. @SammyK #nephp17 joind.in/talk/8e1b4 FOSCO MAROTTO

  23. @SammyK #nephp17 joind.in/talk/8e1b4 HQ FACEBOOK

  24. None

  25. @SammyK #nephp17 joind.in/talk/8e1b4 CHANGED IT ALL THE PR THAT

  26. None
  27. None

  28. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT ARCISZEWSKI (AR - SIZ - ZU

    - SKI)

  29. @SammyK #nephp17 joind.in/talk/8e1b4

  30. None

  31. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT’S PR INFOSEC FALLOUT ==

  32. @SammyK #nephp17 joind.in/talk/8e1b4 I HAD A CHOICE OR

  33. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG WUT?

  34. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG WUT?

  35. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG mt_rand($min, $max); rand($min, $max); lcg_value();

  36. CSPRNG echo mt_rand(0, 42); 11

  37. CSPRNG echo mt_rand(0, 42); 7

  38. echo mt_rand(0, 42); 39 CSPRNG

  39. CSPRNG mt_srand(10); echo mt_rand(0, 42);

  40. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  41. CSPRNG mt_srand(10); echo mt_rand(0, 42); 21

  42. mt_srand(10); echo mt_rand(0, 42); 21 CSPRNG

  43. @SammyK #nephp17 joind.in/talk/8e1b4 mt_rand(); AUTO SEEDING USING TIMESTAMP + A

    FEW OTHER VARIABLES CSPRNG

  44. @SammyK #nephp17 joind.in/talk/8e1b4

  45. None

  46. @SammyK #nephp17 joind.in/talk/8e1b4

  47. None

  48. @SammyK #nephp17 joind.in/talk/8e1b4 AUTO SEEDING USING TIMESTAMP + A FEW

    OTHER VARIABLES
  49. None

  50. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG’S USE BETTER SEEDS

  51. None

  52. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  53. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  54. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Since the UNIX fork() system call duplicates the

    entire process state, a random number generator which does not take this issue into account will produce the same sequence of random numbers in both the parent and the child […], leading to cryptographic disaster… “

  55. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety OpenSSL cannot fix the fork- safety problem because

    its not in a position to do so. However, there are [solutions] available and they are listed below. “

  56. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Don't use RAND_bytes “

  57. openssl_random_pseudo_bytes() https://wiki.openssl.org/index.php/Random_fork-safety Instead, you can read directly from /dev/random, /dev/urandom

    or /dev/srandom; or use CryptGenRandom on Windows systems. “

  58. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  59. mcrypt_create_iv()

  60. @SammyK #nephp17 joind.in/talk/8e1b4 mcrypt_create_iv()

  61. @SammyK #nephp17 joind.in/talk/8e1b4 mcrypt_create_iv()

  62. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  63. @SammyK #nephp17 joind.in/talk/8e1b4 /dev/*random

  64. @SammyK #nephp17 joind.in/talk/8e1b4 CSPRNG OPTIONS IN 5.x openssl_random_pseudo_bytes() mcrypt_create_iv() /dev/*random

  65. Why is CSPRNG so hard in PHP?

  66. @SammyK #nephp17 joind.in/talk/8e1b4 SUNSHINE PHP 2015

  67. Why is CSPRNG so hard in PHP?

  68. Because no one’s made it easy.

  69. CSPRNG MAKE EASY

  70. I have NO idea what I’m doing!

  71. Start with user-land implementation

  72. github.com/SammyK/php-src-csprng

  73. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_int($min, $max) random_bytes($bytes)

    random_hex($bytes)

  74. Vetted by infosec nerds. including…

  75. @SammyK #nephp17 joind.in/talk/8e1b4 SCOTT

  76. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max)

  77. @SammyK #nephp17 joind.in/talk/8e1b4 THREE ADD NEW FUNCTIONS random_bytes($bytes) random_hex($bytes) random_int($min,

    $max) two

  78. @SammyK #nephp17 joind.in/talk/8e1b4 ADD NEW FUNCTIONS bin2hex(random_bytes($bytes)) === THREE two

    random_hex($bytes)

  79. @SammyK #nephp17 joind.in/talk/8e1b4 IMPLEMENTATION THE ACTUAL

  80. None

  81. google!

  82. COPY I DON’T ALWAYS PASTE & BUT WHEN I DO…

  83. github.com/php/php-src/pull/191/files

  84. /ext/standard/basic_functions.c

  85. /ext/standard/base64.c

  86. @SammyK #nephp17 joind.in/talk/8e1b4 COPY PASTE

  87. @SammyK #nephp17 joind.in/talk/8e1b4 COMPILE TEST

  88. @SammyK #nephp17 joind.in/talk/8e1b4 random bytes int min max ?? ??

    ? ??!!

  89. @SammyK #nephp17 joind.in/talk/8e1b4 ROOM 11

  90. segfault

  91. I have NO idea what I’m doing! random bytes int

    min max

  92. @SammyK #nephp17 joind.in/talk/8e1b4 LEIGH LAST NAME?

  93. None

  94. @SammyK #nephp17 joind.in/talk/8e1b4 THE P R O C E S

    S (REQUEST FOR COMMENTS)

  95. @SammyK #nephp17 joind.in/talk/8e1b4 [email protected]

  96. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA

  97. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA wiki.php.net

  98. @SammyK #nephp17 joind.in/talk/8e1b4 GET YOU SOME WIKI KARMA [email protected]

  99. @SammyK #nephp17 joind.in/talk/8e1b4 YOUR RFC CREATE wiki.php.net/rfc/howto

  100. @SammyK #nephp17 joind.in/talk/8e1b4 YOUR RFC ANNOUNCE [email protected]

  101. @SammyK #nephp17 joind.in/talk/8e1b4 FOR 2 WEEKS WAIT

  102. @SammyK #nephp17 joind.in/talk/8e1b4 UNDER DISCUSSION

  103. @SammyK #nephp17 joind.in/talk/8e1b4 ANNOUNCE THE VOTING PHASE [email protected]

  104. @SammyK #nephp17 joind.in/talk/8e1b4 USUALLY 2 WEEKS

  105. @SammyK #nephp17 joind.in/talk/8e1b4

  106. @SammyK #nephp17 joind.in/talk/8e1b4 sammyk.me/how-to-contribute-to-php-documentation

  107. @SammyK #nephp17 joind.in/talk/8e1b4 THE PROCESS FIN

  108. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

  109. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

  110. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

    ✓ ✓

  111. @SammyK #nephp17 joind.in/talk/8e1b4 RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST

    ✓ ✓ x

  112. RFC WORKING IMPLEMENTATION ANNOUNCE TO INTERNALS CHECKLIST ✓ ✓ x

    PHP internals is scawy!

  113. Everyone is smarter than me - I’ll be a laughingstock!

    Everyone is mean - look at scalar type- hints drama!

  114. Let’s do this sh… stuff!

  115. None
  116. None

  117. LATER …TWO WEEKS

  118. None
  119. None

  120. @SammyK #nephp17 joind.in/talk/8e1b4

  121. @SammyK #nephp17 joind.in/talk/8e1b4

  122. @SammyK #nephp17 joind.in/talk/8e1b4 JOURNEY MY CENTER TO THE OF IT’S

    LIKE EATING

  123. LEARNED WHAT I I don’t know what I’m doing! HOW

    FEATURES ARE ADDED TO PHP THE CULTURE OF PHP INTERNALS BETTER AT C & C++ DEEPER UNDERSTANDING OF CSPRNG’S BINARY AND HEXADECIMAL NUMBER SYSTEMS HOW TO CONTRIBUTE TO THE PHP DOCS AND TONS MORE!

  124. I STILL have no idea what I’m doing!

  125. SCARY! INTERNALS IS http://saint-max.deviantart.com

  126. SCARY! INTERNALS IS http://saint-max.deviantart.com not ^

  127. @SammyK #nephp17 joind.in/talk/8e1b4 COMMUNITY LOVING

  128. @SammyK #nephp17 joind.in/talk/8e1b4 I N T E R N A

    L S N E E D S YOU SOURCE BUGS WEBSITE TESTS

  129. For PHP Source Writing Tests Tomorrow @ 9AM Richmond Room

    #SHAMELESSPLUG

  130. @SammyK #nephp17 joind.in/talk/8e1b4 TABS INTERNALS USES

  131. THANKS! SAMMY KAYE POWERS @SammyK SammyK.me Host of @PHPRoundtable @ChiPHPUG

    West Coast Swing /talk/8e1b4 I have stickers!