Validate PHP_ARG_ENABLE and PHP_ARG_WITH configure options

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Fixed
    • Priority: Unknown
    • 1.17.0
    • Affects Version/s: None
    • Component/s: None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      If an empty string is passed to a configure option, it is assigned as-is to the destination variable. This can lead to undefined behavior, since the build scripts vary in their use of "no" and "yes" comparisons.

      For example:

      $ ./configure --with-mongodb-client-side-encryption= --with-mongodb-ssl=
      
      ...
      checking which crypto library to use for libmongocrypt... 
      configure: error: Need an SSL library to compile with libmongocrypt. Please specify it using the --with-mongodb-ssl option
      

      In config.m4, libmongocrypt is enabled if "$PHP_MONGODB_CLIENT_SIDE_ENCRYPTION" != "no", but CheckSSL.m4 compares $PHP_MONGODB_SSL with "yes" and "auto" when deciding to enable OpenSSL.

      Some possible improvements:

      • Add validation after parsing configure options (i.e. calls to PHP_ARG_WITH()) and eagerly error if an unsupported string value is assigned
      • Standardize comparison logic for option values. For example, we can always be defensively pessimistic and rely on an explicit positive value (e.g. "auto" or "yes") and otherwise default to "no".

      This came up while researching how PECL's --configureoptions option works for mongodb/mongo-php-driver#1420.

            Assignee:
            Jeremy Mikola
            Reporter:
            Jeremy Mikola
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: