From eb00e2c49c47a39a4406722c3e343e28d1b44511 Mon Sep 17 00:00:00 2001
From: "Alexander M. Turek" <me@derrabus.de>
Date: Tue, 6 Jan 2015 15:21:18 +0100
Subject: [PATCH 1/2] Don't destroy the session on buggy php releases.

---
 .../Session/SessionAuthenticationStrategy.php   |  5 ++++-
 .../SessionAuthenticationStrategyTest.php       | 17 +++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/src/Symfony/Component/Security/Http/Session/SessionAuthenticationStrategy.php b/src/Symfony/Component/Security/Http/Session/SessionAuthenticationStrategy.php
index dd258a086f1f0..ccfa6ba67a492 100644
--- a/src/Symfony/Component/Security/Http/Session/SessionAuthenticationStrategy.php
+++ b/src/Symfony/Component/Security/Http/Session/SessionAuthenticationStrategy.php
@@ -47,7 +47,10 @@ public function onAuthentication(Request $request, TokenInterface $token)
                 return;
 
             case self::MIGRATE:
-                $request->getSession()->migrate(true);
+                // Destroying the old session is broken in php 5.4.0 - 5.4.10
+                // See php bug #63379
+                $destroy = PHP_VERSION_ID < 50400 || PHP_VERSION_ID >= 50411;
+                $request->getSession()->migrate($destroy);
 
                 return;
 
diff --git a/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php b/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php
index d5055eb610595..b68ea394560bf 100644
--- a/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php
+++ b/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php
@@ -39,6 +39,10 @@ public function testUnsupportedStrategy()
 
     public function testSessionIsMigrated()
     {
+        if (PHP_VERSION_ID >= 50400 && PHP_VERSION_ID < 50411) {
+            $this->markTestSkipped('We must not destroy the old session on php 5.4.0 - 5.4.10.');
+        }
+
         $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface');
         $session->expects($this->once())->method('migrate')->with($this->equalTo(true));
 
@@ -46,6 +50,19 @@ public function testSessionIsMigrated()
         $strategy->onAuthentication($this->getRequest($session), $this->getToken());
     }
 
+    public function testSessionIsMigratedWithPhp54Workaround()
+    {
+        if (PHP_VERSION_ID < 50400 || PHP_VERSION_ID >= 50411) {
+            $this->markTestSkipped('This php version is not affected.');
+        }
+
+        $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface');
+        $session->expects($this->once())->method('migrate')->with($this->equalTo(false));
+
+        $strategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE);
+        $strategy->onAuthentication($this->getRequest($session), $this->getToken());
+    }
+
     public function testSessionIsInvalidated()
     {
         $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface');

From 83aaaa98c080610c9a5b4f29ad7f22dfef3ec3e6 Mon Sep 17 00:00:00 2001
From: "Alexander M. Turek" <me@derrabus.de>
Date: Wed, 7 Jan 2015 09:04:36 +0100
Subject: [PATCH 2/2] php -> PHP

---
 .../Tests/Http/Session/SessionAuthenticationStrategyTest.php  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php b/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php
index b68ea394560bf..7296afd31d1be 100644
--- a/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php
+++ b/src/Symfony/Component/Security/Tests/Http/Session/SessionAuthenticationStrategyTest.php
@@ -40,7 +40,7 @@ public function testUnsupportedStrategy()
     public function testSessionIsMigrated()
     {
         if (PHP_VERSION_ID >= 50400 && PHP_VERSION_ID < 50411) {
-            $this->markTestSkipped('We must not destroy the old session on php 5.4.0 - 5.4.10.');
+            $this->markTestSkipped('We cannot destroy the old session on PHP 5.4.0 - 5.4.10.');
         }
 
         $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface');
@@ -53,7 +53,7 @@ public function testSessionIsMigrated()
     public function testSessionIsMigratedWithPhp54Workaround()
     {
         if (PHP_VERSION_ID < 50400 || PHP_VERSION_ID >= 50411) {
-            $this->markTestSkipped('This php version is not affected.');
+            $this->markTestSkipped('This PHP version is not affected.');
         }
 
         $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface');