diff --git a/.circleci/config.yml b/.circleci/config.yml
index f5dddad093158..3009ff3e817c9 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -25,161 +25,163 @@ jobs:
       PDO_MYSQL_TEST_USER: root
       PDO_PGSQL_TEST_DSN: 'pgsql:host=127.0.0.1 port=5432 dbname=test user=postgres password=postgres'
     steps:
-      - checkout
       - run:
-          name: apt
-          command: |
-            export DEBIAN_FRONTEND=noninteractive
-            sudo apt-get update -y
-            sudo apt-get install -y \
-              gcc \
-              g++ \
-              autoconf \
-              bison \
-              re2c \
-              locales \
-              locales-all \
-              ldap-utils \
-              openssl \
-              slapd \
-              libgmp-dev \
-              libicu-dev \
-              libtidy-dev \
-              libenchant-2-dev \
-              libsasl2-dev \
-              libxpm-dev \
-              libzip-dev \
-              libbz2-dev \
-              libsqlite3-dev \
-              libwebp-dev \
-              libonig-dev \
-              libcurl4-openssl-dev \
-              libxml2-dev \
-              libxslt1-dev \
-              libpq-dev \
-              libreadline-dev \
-              libldap2-dev \
-              libsodium-dev \
-              libargon2-0-dev \
-              libmm-dev \
-              libsnmp-dev \
-              snmpd \
-              `#snmp-mibs-downloader` \
-              freetds-dev \
-              `#unixodbc-dev` \
-              dovecot-core \
-              dovecot-pop3d \
-              dovecot-imapd \
-              sendmail \
-              firebird-dev \
-              liblmdb-dev \
-              libtokyocabinet-dev \
-              libdb-dev \
-              libqdbm-dev \
-              libjpeg-dev \
-              libpng-dev \
-              libfreetype6-dev
-      - run:
-          name: ./configure
-          command: |
-            ./buildconf -f
-            ./configure \
-              --enable-debug \
-              --enable-zts \
-              --enable-option-checking=fatal \
-              --prefix=/usr \
-              --enable-phpdbg \
-              --enable-fpm \
-              --with-pdo-mysql=mysqlnd \
-              --with-mysqli=mysqlnd \
-              --with-pgsql \
-              --with-pdo-pgsql \
-              --with-pdo-sqlite \
-              --enable-intl \
-              --without-pear \
-              --enable-gd \
-              --with-jpeg \
-              --with-webp \
-              --with-freetype \
-              --with-xpm \
-              --enable-exif \
-              --with-zip \
-              --with-zlib \
-              --enable-soap \
-              --enable-xmlreader \
-              --with-xsl \
-              --with-tidy \
-              --enable-sysvsem \
-              --enable-sysvshm \
-              --enable-shmop \
-              --enable-pcntl \
-              --with-readline \
-              --enable-mbstring \
-              --with-curl \
-              --with-gettext \
-              --enable-sockets \
-              --with-bz2 \
-              --with-openssl \
-              --with-gmp \
-              --enable-bcmath \
-              --enable-calendar \
-              --enable-ftp \
-              --with-enchant=/usr \
-              --enable-sysvmsg \
-              --with-ffi \
-              --enable-zend-test \
-              --enable-dl-test=shared \
-              --with-ldap \
-              --with-ldap-sasl \
-              --with-password-argon2 \
-              --with-mhash \
-              --with-sodium \
-              --enable-dba \
-              --with-cdb \
-              --enable-flatfile \
-              --enable-inifile \
-              --with-tcadb \
-              --with-lmdb \
-              --with-qdbm \
-              --with-snmp \
-              `#--with-unixODBC` \
-              `#--with-pdo-odbc=unixODBC,/usr` \
-              --with-config-file-path=/etc \
-              --with-config-file-scan-dir=/etc/php.d \
-              --with-pdo-firebird \
-              `#--with-pdo-dblib` \
-              --disable-phpdbg \
-              `#--enable-werror`
-      - run:
-          name: make
-          no_output_timeout: 30m
-          command: make -j2 > /dev/null
-      - run:
-          name: make install
-          command: |
-            sudo make install
-            sudo mkdir -p /etc/php.d
-            sudo chmod 777 /etc/php.d
-            echo opcache.enable_cli=1 > /etc/php.d/opcache.ini
-            echo opcache.protect_memory=1 >> /etc/php.d/opcache.ini
-      - run:
-          name: Test
-          no_output_timeout: 30m
-          command: |
-            sapi/cli/php run-tests.php \
-              -d opcache.enable_cli=1 \
-              -d opcache.jit_buffer_size=64M \
-              -d opcache.jit=tracing \
-              -d zend_test.observer.enabled=1 \
-              -d zend_test.observer.show_output=0 \
-              -P -q -x -j2 \
-              -g FAIL,BORK,LEAK,XLEAK \
-              --no-progress \
-              --offline \
-              --show-diff \
-              --show-slow 1000 \
-              --set-timeout 120 \
-              --repeat 2
+          command: echo 1
+      # - checkout
+      # - run:
+      #     name: apt
+      #     command: |
+      #       export DEBIAN_FRONTEND=noninteractive
+      #       sudo apt-get update -y
+      #       sudo apt-get install -y \
+      #         gcc \
+      #         g++ \
+      #         autoconf \
+      #         bison \
+      #         re2c \
+      #         locales \
+      #         locales-all \
+      #         ldap-utils \
+      #         openssl \
+      #         slapd \
+      #         libgmp-dev \
+      #         libicu-dev \
+      #         libtidy-dev \
+      #         libenchant-2-dev \
+      #         libsasl2-dev \
+      #         libxpm-dev \
+      #         libzip-dev \
+      #         libbz2-dev \
+      #         libsqlite3-dev \
+      #         libwebp-dev \
+      #         libonig-dev \
+      #         libcurl4-openssl-dev \
+      #         libxml2-dev \
+      #         libxslt1-dev \
+      #         libpq-dev \
+      #         libreadline-dev \
+      #         libldap2-dev \
+      #         libsodium-dev \
+      #         libargon2-0-dev \
+      #         libmm-dev \
+      #         libsnmp-dev \
+      #         snmpd \
+      #         `#snmp-mibs-downloader` \
+      #         freetds-dev \
+      #         `#unixodbc-dev` \
+      #         dovecot-core \
+      #         dovecot-pop3d \
+      #         dovecot-imapd \
+      #         sendmail \
+      #         firebird-dev \
+      #         liblmdb-dev \
+      #         libtokyocabinet-dev \
+      #         libdb-dev \
+      #         libqdbm-dev \
+      #         libjpeg-dev \
+      #         libpng-dev \
+      #         libfreetype6-dev
+      # - run:
+      #     name: ./configure
+      #     command: |
+      #       ./buildconf -f
+      #       ./configure \
+      #         --enable-debug \
+      #         --enable-zts \
+      #         --enable-option-checking=fatal \
+      #         --prefix=/usr \
+      #         --enable-phpdbg \
+      #         --enable-fpm \
+      #         --with-pdo-mysql=mysqlnd \
+      #         --with-mysqli=mysqlnd \
+      #         --with-pgsql \
+      #         --with-pdo-pgsql \
+      #         --with-pdo-sqlite \
+      #         --enable-intl \
+      #         --without-pear \
+      #         --enable-gd \
+      #         --with-jpeg \
+      #         --with-webp \
+      #         --with-freetype \
+      #         --with-xpm \
+      #         --enable-exif \
+      #         --with-zip \
+      #         --with-zlib \
+      #         --enable-soap \
+      #         --enable-xmlreader \
+      #         --with-xsl \
+      #         --with-tidy \
+      #         --enable-sysvsem \
+      #         --enable-sysvshm \
+      #         --enable-shmop \
+      #         --enable-pcntl \
+      #         --with-readline \
+      #         --enable-mbstring \
+      #         --with-curl \
+      #         --with-gettext \
+      #         --enable-sockets \
+      #         --with-bz2 \
+      #         --with-openssl \
+      #         --with-gmp \
+      #         --enable-bcmath \
+      #         --enable-calendar \
+      #         --enable-ftp \
+      #         --with-enchant=/usr \
+      #         --enable-sysvmsg \
+      #         --with-ffi \
+      #         --enable-zend-test \
+      #         --enable-dl-test=shared \
+      #         --with-ldap \
+      #         --with-ldap-sasl \
+      #         --with-password-argon2 \
+      #         --with-mhash \
+      #         --with-sodium \
+      #         --enable-dba \
+      #         --with-cdb \
+      #         --enable-flatfile \
+      #         --enable-inifile \
+      #         --with-tcadb \
+      #         --with-lmdb \
+      #         --with-qdbm \
+      #         --with-snmp \
+      #         `#--with-unixODBC` \
+      #         `#--with-pdo-odbc=unixODBC,/usr` \
+      #         --with-config-file-path=/etc \
+      #         --with-config-file-scan-dir=/etc/php.d \
+      #         --with-pdo-firebird \
+      #         `#--with-pdo-dblib` \
+      #         --disable-phpdbg \
+      #         `#--enable-werror`
+      # - run:
+      #     name: make
+      #     no_output_timeout: 30m
+      #     command: make -j2 > /dev/null
+      # - run:
+      #     name: make install
+      #     command: |
+      #       sudo make install
+      #       sudo mkdir -p /etc/php.d
+      #       sudo chmod 777 /etc/php.d
+      #       echo opcache.enable_cli=1 > /etc/php.d/opcache.ini
+      #       echo opcache.protect_memory=1 >> /etc/php.d/opcache.ini
+      # - run:
+      #     name: Test
+      #     no_output_timeout: 30m
+      #     command: |
+      #       sapi/cli/php run-tests.php \
+      #         -d opcache.enable_cli=1 \
+      #         -d opcache.jit_buffer_size=64M \
+      #         -d opcache.jit=tracing \
+      #         -d zend_test.observer.enabled=1 \
+      #         -d zend_test.observer.show_output=0 \
+      #         -P -q -x -j2 \
+      #         -g FAIL,BORK,LEAK,XLEAK \
+      #         --no-progress \
+      #         --offline \
+      #         --show-diff \
+      #         --show-slow 1000 \
+      #         --set-timeout 120 \
+      #         --repeat 2
 
 workflows:
   push-workflow:
diff --git a/.github/actions/setup-x64/action.yml b/.github/actions/setup-x64/action.yml
index 3ee5cd3f28f25..27fbcf60818d2 100644
--- a/.github/actions/setup-x64/action.yml
+++ b/.github/actions/setup-x64/action.yml
@@ -7,11 +7,11 @@ runs:
         set -x
 
         sudo service slapd start
-        docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "create login pdo_test with password='password', check_policy=off; create user pdo_test for login pdo_test; grant alter, control to pdo_test;"
-        docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "create login odbc_test with password='password', check_policy=off; create user odbc_test for login odbc_test; grant alter, control, delete to odbc_test;"
-        docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "ALTER SERVER ROLE sysadmin ADD MEMBER odbc_test;"
-        docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "CREATE DATABASE odbc;"
-        docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "CREATE DATABASE pdo_odbc;"
+        # docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "create login pdo_test with password='password', check_policy=off; create user pdo_test for login pdo_test; grant alter, control to pdo_test;"
+        # docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "create login odbc_test with password='password', check_policy=off; create user odbc_test for login odbc_test; grant alter, control, delete to odbc_test;"
+        # docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "ALTER SERVER ROLE sysadmin ADD MEMBER odbc_test;"
+        # docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "CREATE DATABASE odbc;"
+        # docker exec sql1 /opt/mssql-tools18/bin/sqlcmd -S 127.0.0.1 -U SA -C -P "<YourStrong@Passw0rd>" -Q "CREATE DATABASE pdo_odbc;"
         sudo locale-gen de_DE
 
         ./.github/scripts/setup-slapd.sh
diff --git a/.github/scripts/setup-slapd.sh b/.github/scripts/setup-slapd.sh
index f6b976783c77e..556c16eef0a9f 100755
--- a/.github/scripts/setup-slapd.sh
+++ b/.github/scripts/setup-slapd.sh
@@ -163,6 +163,88 @@ EOF
 
 sudo service slapd restart
 
+
+echo "=== TLS DEBUG: Testing TLS_PROTOCOL_MAX 3.2 ==="
+TEMP_LDAP_CONF=$(mktemp)
+echo 'TLS_PROTOCOL_MAX 3.2' > "$TEMP_LDAP_CONF"
+
+echo "Debug info:"
+echo "  Temp config file: $TEMP_LDAP_CONF"
+echo "  Contents:"
+cat "$TEMP_LDAP_CONF"
+echo ""
+
+echo "  Server TLS configuration check:"
+sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(olcTLSProtocolMin=*)' dn olcTLSProtocolMin 2>/dev/null || echo "  No TLS protocol min configured"
+
+echo ""
+echo "Checking OpenLDAP config priority order (settings later in list override earlier ones):"
+
+echo "1. LDAPNOINIT: ${LDAPNOINIT:-not set}"
+
+echo "2. System file /etc/openldap/ldap.conf:"
+if [ -f /etc/openldap/ldap.conf ]; then
+  echo "   EXISTS - Contents:"
+  cat /etc/openldap/ldap.conf
+  sudo rm /etc/openldap/ldap.conf
+  echo "   REMOVED to test priority"
+else
+  echo "   Does not exist"
+fi
+
+echo "3. User files:"
+echo "   \$HOME/ldaprc: $([ -f "$HOME/ldaprc" ] && echo "EXISTS" || echo "does not exist")"
+if [ -f "$HOME/ldaprc" ]; then cat "$HOME/ldaprc"; fi
+echo "   \$HOME/.ldaprc: $([ -f "$HOME/.ldaprc" ] && echo "EXISTS" || echo "does not exist")"
+if [ -f "$HOME/.ldaprc" ]; then cat "$HOME/.ldaprc"; fi
+echo "   ./ldaprc: $([ -f "./ldaprc" ] && echo "EXISTS" || echo "does not exist")"
+if [ -f "./ldaprc" ]; then cat "./ldaprc"; fi
+
+echo "4. System file \$LDAPCONF: ${LDAPCONF:-not set}"
+if [ -n "$LDAPCONF" ] && [ -f "$LDAPCONF" ]; then
+  echo "   Contents:"
+  cat "$LDAPCONF"
+fi
+
+echo "5. User files \$LDAPRC related:"
+echo "   \$LDAPRC: ${LDAPRC:-not set}"
+if [ -n "$LDAPRC" ]; then
+  echo "   \$HOME/\$LDAPRC: $([ -f "$HOME/$LDAPRC" ] && echo "EXISTS" || echo "does not exist")"
+  echo "   \$HOME/.\$LDAPRC: $([ -f "$HOME/.$LDAPRC" ] && echo "EXISTS" || echo "does not exist")"
+  echo "   ./\$LDAPRC: $([ -f "./$LDAPRC" ] && echo "EXISTS" || echo "does not exist")"
+fi
+
+echo "6. Environment variables \$LDAP<OPTION>:"
+echo "   \$LDAPTLS_PROTOCOL_MAX: ${LDAPTLS_PROTOCOL_MAX:-not set}"
+echo "   \$LDAPBASE: ${LDAPBASE:-not set}"
+echo "   \$LDAPURI: ${LDAPURI:-not set}"
+
+echo ""
+echo "Testing with our LDAPCONF setting:"
+echo "  Command: LDAPCONF=\"$TEMP_LDAP_CONF\" ldapsearch -H ldap://localhost -D cn=Manager,dc=my-domain,dc=com -w secret -s base -b dc=my-domain,dc=com -ZZ 'objectclass=*'"
+LDAPCONF="$TEMP_LDAP_CONF" ldapsearch -H ldap://localhost -D cn=Manager,dc=my-domain,dc=com -w secret -s base -b dc=my-domain,dc=com -Z 'objectclass=*' >/dev/null 2>&1
+result1=$?
+echo "  Result: $([ $result1 -eq 0 ] && echo 'SUCCESS (unexpected)' || echo 'FAILED (expected)')"
+
+echo ""
+echo "Testing with environment variable (highest priority):"
+echo "  Command: LDAPTLS_PROTOCOL_MAX=3.2 ldapsearch -H ldap://localhost -D cn=Manager,dc=my-domain,dc=com -w secret -s base -b dc=my-domain,dc=com -ZZ 'objectclass=*'"
+LDAPTLS_PROTOCOL_MAX=3.2 ldapsearch -H ldap://localhost -D cn=Manager,dc=my-domain,dc=com -w secret -s base -b dc=my-domain,dc=com -Z 'objectclass=*' >/dev/null 2>&1
+result2=$?
+echo "  Result: $([ $result2 -eq 0 ] && echo 'SUCCESS (unexpected)' || echo 'FAILED (expected)')"
+
+echo ""
+echo "Testing what TLS version is actually being negotiated:"
+echo | openssl s_client -connect localhost:636 -servername localhost 2>&1 | grep -E "(Protocol|Cipher)" || echo "  LDAPS connection failed"
+
+rm -f "$TEMP_LDAP_CONF"
+echo ""
+echo "Summary:"
+echo "- If both LDAPCONF and LDAPTLS_PROTOCOL_MAX tests succeed, TLS version restrictions are not working"
+echo "- This would explain why the PHP test expecting failures gets successes instead"
+
+exit 1
+
 # Verify TLS connection
 tries=0
 while : ; do
@@ -182,3 +264,4 @@ while : ; do
 		fi
 	fi
 done
+
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index b0942b4d700ed..fffd1e4c0800d 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -74,9 +74,9 @@ jobs:
           - debug: false
             zts: false
             asan: false
-          - debug: true
-            zts: true
-            asan: true
+          # - debug: true
+          #   zts: true
+          #   asan: true
     name: "LINUX_X64_${{ matrix.debug && 'DEBUG' || 'RELEASE' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}${{ matrix.asan && '_ASAN' || '' }}"
     runs-on: ubuntu-24.04
     timeout-minutes: 50
@@ -93,32 +93,32 @@ jobs:
           echo "::group::Show installed package versions"
           dpkg -l
           echo "::endgroup::"
-      - name: Create MSSQL container
-        if: ${{ !matrix.asan }}
-        uses: ./.github/actions/setup-mssql
-      - name: Setup Caddy server
-        uses: ./.github/actions/setup-caddy
-      - name: ccache
-        uses: hendrikmuhs/ccache-action@v1.2
-        with:
-          # This duplicates the "job.name" expression above because
-          # GitHub has no way to query the job name (github.job is the
-          # job id, not the job name)
-          key: "LINUX_X64_${{ matrix.debug && 'DEBUG' || 'RELEASE' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}${{ matrix.asan && '_ASAN' || '' }}-${{hashFiles('main/php_version.h')}}"
-          append-timestamp: false
-          save: ${{ github.event_name != 'pull_request' }}
-      - name: ./configure
-        uses: ./.github/actions/configure-x64
-        with:
-          configurationParameters: >-
-            --${{ matrix.debug && 'enable' || 'disable' }}-debug
-            --${{ matrix.zts && 'enable' || 'disable' }}-zts
-            ${{ matrix.asan && 'CFLAGS="-fsanitize=undefined,address -fno-sanitize=function -DZEND_TRACK_ARENA_ALLOC" LDFLAGS="-fsanitize=undefined,address -fno-sanitize=function" CC=clang CXX=clang++' || '' }}
-          skipSlow: ${{ matrix.asan }}
-      - name: make
-        run: make -j$(/usr/bin/nproc) >/dev/null
-      - name: make install
-        uses: ./.github/actions/install-linux
+      # - name: Create MSSQL container
+      #   if: ${{ !matrix.asan }}
+      #   uses: ./.github/actions/setup-mssql
+      # - name: Setup Caddy server
+      #   uses: ./.github/actions/setup-caddy
+      # - name: ccache
+      #   uses: hendrikmuhs/ccache-action@v1.2
+      #   with:
+      #     # This duplicates the "job.name" expression above because
+      #     # GitHub has no way to query the job name (github.job is the
+      #     # job id, not the job name)
+      #     key: "LINUX_X64_${{ matrix.debug && 'DEBUG' || 'RELEASE' }}_${{ matrix.zts && 'ZTS' || 'NTS' }}${{ matrix.asan && '_ASAN' || '' }}-${{hashFiles('main/php_version.h')}}"
+      #     append-timestamp: false
+      #     save: ${{ github.event_name != 'pull_request' }}
+      # - name: ./configure
+      #   uses: ./.github/actions/configure-x64
+      #   with:
+      #     configurationParameters: >-
+      #       --${{ matrix.debug && 'enable' || 'disable' }}-debug
+      #       --${{ matrix.zts && 'enable' || 'disable' }}-zts
+      #       ${{ matrix.asan && 'CFLAGS="-fsanitize=undefined,address -fno-sanitize=function -DZEND_TRACK_ARENA_ALLOC" LDFLAGS="-fsanitize=undefined,address -fno-sanitize=function" CC=clang CXX=clang++' || '' }}
+      #     skipSlow: ${{ matrix.asan }}
+      # - name: make
+      #   run: make -j$(/usr/bin/nproc) >/dev/null
+      # - name: make install
+      #   uses: ./.github/actions/install-linux
       - name: Setup
         if: ${{ !matrix.asan }}
         uses: ./.github/actions/setup-x64
@@ -135,240 +135,240 @@ jobs:
       - name: Verify generated files are up to date
         if: ${{ !matrix.asan }}
         uses: ./.github/actions/verify-generated-files
-  LINUX_X32:
-    if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
-    name: LINUX_X32_DEBUG_ZTS
-    runs-on: ubuntu-latest
-    timeout-minutes: 50
-    container:
-      image: ubuntu:24.04
-    env:
-      MYSQL_TEST_HOST: mysql
-      PDO_MYSQL_TEST_DSN: mysql:host=mysql;dbname=test
-      PDO_MYSQL_TEST_HOST: mysql
-      PDO_FIREBIRD_TEST_DSN: firebird:dbname=firebird:test.fdb
-    services:
-      mysql:
-        image: mysql:8.3
-        ports:
-          - 3306:3306
-        env:
-          MYSQL_DATABASE: test
-          MYSQL_ROOT_PASSWORD: root
-      firebird:
-        image: jacobalberty/firebird
-        ports:
-          - 3050:3050
-        env:
-          ISC_PASSWORD: test
-          FIREBIRD_DATABASE: test.fdb
-          FIREBIRD_USER: test
-          FIREBIRD_PASSWORD: test
-    steps:
-      - name: git checkout
-        uses: actions/checkout@v5
-      - name: apt
-        uses: ./.github/actions/apt-x32
-      - name: ccache
-        uses: hendrikmuhs/ccache-action@v1.2
-        with:
-          key: "${{github.job}}-${{hashFiles('main/php_version.h')}}"
-          append-timestamp: false
-      - name: ./configure
-        uses: ./.github/actions/configure-x32
-        with:
-          configurationParameters: >-
-            --enable-debug
-            --enable-zts
-      - name: make
-        run: make -j$(/usr/bin/nproc) >/dev/null
-      - name: make install
-        uses: ./.github/actions/install-linux-x32
-      - name: Test Tracing JIT
-        uses: ./.github/actions/test-linux
-        with:
-          jitType: tracing
-          runTestsParameters: >-
-            -d opcache.enable_cli=1
-  MACOS_DEBUG_NTS:
-    if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
-    strategy:
-      fail-fast: false
-      matrix:
-        include:
-          - os: 15
-            arch: ARM64
-    name: MACOS_${{ matrix.arch }}_DEBUG_NTS
-    runs-on: macos-${{ matrix.os }}
-    timeout-minutes: 50
-    steps:
-      - name: git checkout
-        uses: actions/checkout@v5
-      - name: brew
-        uses: ./.github/actions/brew
-      - name: ccache
-        uses: hendrikmuhs/ccache-action@v1.2
-        with:
-          key: "${{github.job}}-${{matrix.os}}-${{hashFiles('main/php_version.h')}}"
-          append-timestamp: false
-          save: ${{ github.event_name != 'pull_request' }}
-      - name: ./configure
-        uses: ./.github/actions/configure-macos
-        with:
-          configurationParameters: --enable-debug --disable-zts
-      - name: make
-        run: |-
-          export PATH="$(brew --prefix)/opt/bison/bin:$PATH"
-          make -j$(sysctl -n hw.logicalcpu) >/dev/null
-      - name: make install
-        run: sudo make install
-      - name: Test Tracing JIT
-        uses: ./.github/actions/test-macos
-        with:
-          jitType: tracing
-          runTestsParameters: >-
-            -d opcache.enable_cli=1
-      - name: Verify generated files are up to date
-        uses: ./.github/actions/verify-generated-files
-  WINDOWS:
-    if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
-    name: WINDOWS_X64_ZTS
-    runs-on: windows-2022
-    timeout-minutes: 50
-    env:
-      PHP_BUILD_CACHE_BASE_DIR: C:\build-cache
-      PHP_BUILD_OBJ_DIR: C:\obj
-      PHP_BUILD_CACHE_SDK_DIR: C:\build-cache\sdk
-      PHP_BUILD_SDK_BRANCH: php-sdk-2.3.0
-      PHP_BUILD_CRT: vs17
-      PLATFORM: x64
-      THREAD_SAFE: "1"
-      INTRINSICS: AVX2
-      PARALLEL: -j2
-      OPCACHE: "1"
-    steps:
-      - name: git config
-        run: git config --global core.autocrlf false && git config --global core.eol lf
-      - name: git checkout
-        uses: actions/checkout@v5
-      - name: Setup
-        uses: ./.github/actions/setup-windows
-      - name: Build
-        run: .github/scripts/windows/build.bat
-      - name: Test
-        run: .github/scripts/windows/test.bat
-  BENCHMARKING:
-    name: BENCHMARKING
-    if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
-    runs-on: ubuntu-24.04
-    timeout-minutes: 50
-    steps:
-      - name: git checkout
-        uses: actions/checkout@v5
-        with:
-          fetch-depth: 0
-      # ASLR can cause a lot of noise due to missed sse opportunities for memcpy
-      # and other operations, so we disable it during benchmarking.
-      - name: Disable ASLR
-        run: echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
-      - name: apt
-        run: |
-          set -x
-          sudo apt-get update
-          sudo apt-get install \
-            bison \
-            libgmp-dev \
-            libonig-dev \
-            libsqlite3-dev \
-            openssl \
-            re2c \
-            valgrind
-      - name: ccache
-        uses: hendrikmuhs/ccache-action@v1.2
-        with:
-          key: "${{github.job}}-${{hashFiles('main/php_version.h')}}"
-          append-timestamp: false
-          save: ${{ github.event_name != 'pull_request' }}
-      - name: ./configure
-        run: |
-          set -x
-          ./buildconf --force
-          ./configure \
-            --disable-debug \
-            --enable-mbstring \
-            --enable-option-checking=fatal \
-            --enable-sockets \
-            --enable-werror \
-            --prefix=/usr \
-            --with-config-file-scan-dir=/etc/php.d \
-            --with-gmp \
-            --with-mysqli=mysqlnd \
-            --with-openssl \
-            --with-pdo-sqlite \
-            --with-valgrind
-      - name: make
-        run: make -j$(/usr/bin/nproc) >/dev/null
-      - name: make install
-        run: |
-          set -x
-          sudo make install
-          sudo mkdir -p /etc/php.d
-          sudo chmod 777 /etc/php.d
-          echo mysqli.default_socket=/var/run/mysqld/mysqld.sock > /etc/php.d/mysqli.ini
-          echo opcache.enable=1 >> /etc/php.d/opcache.ini
-          echo opcache.enable_cli=1 >> /etc/php.d/opcache.ini
-      - name: Setup
-        run: |
-          git config --global user.name "Benchmark"
-          git config --global user.email "benchmark@php.net"
-          sudo service mysql start
-          mysql -uroot -proot -e "CREATE DATABASE IF NOT EXISTS wordpress"
-          mysql -uroot -proot -e "CREATE USER 'wordpress'@'localhost' IDENTIFIED BY 'wordpress'; FLUSH PRIVILEGES;"
-          mysql -uroot -proot -e "GRANT ALL PRIVILEGES ON *.* TO 'wordpress'@'localhost' WITH GRANT OPTION;"
-      - name: git checkout benchmarking-data
-        uses: actions/checkout@v5
-        with:
-          repository: php/benchmarking-data
-          ssh-key: ${{ secrets.BENCHMARKING_DATA_DEPLOY_KEY }}
-          path: benchmark/repos/data
-      - name: Benchmark
-        run: php benchmark/benchmark.php true
-      - name: Store result
-        if: github.event_name == 'push'
-        run: |
-          set -x
-          cd benchmark/repos/data
-          git pull --autostash
-          if [ -e ".git/MERGE_HEAD" ]; then
-            echo "Merging, can't proceed"
-            exit 1
-          fi
-          git add .
-          if git diff --cached --quiet; then
-            exit 0
-          fi
-          git commit -m "Add result for ${{ github.repository }}@${{ github.sha }}"
-          git push
-      - name: Show diff
-        if: github.event_name == 'pull_request'
-        run: |-
-          set -x
-          php benchmark/generate_diff.php \
-            ${{ github.sha }} \
-            $(git merge-base ${{ github.event.pull_request.base.sha }} ${{ github.sha }}) \
-            > $GITHUB_STEP_SUMMARY
-      - uses: actions/upload-artifact@v4
-        with:
-          name: profiles
-          path: ${{ github.workspace }}/benchmark/profiles
-          retention-days: 30
-  FREEBSD:
-    if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
-    name: FREEBSD
-    runs-on: ubuntu-latest
-    timeout-minutes: 50
-    steps:
-      - name: git checkout
-        uses: actions/checkout@v5
-      - name: FreeBSD
-        uses: ./.github/actions/freebsd
+  # LINUX_X32:
+  #   if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
+  #   name: LINUX_X32_DEBUG_ZTS
+  #   runs-on: ubuntu-latest
+  #   timeout-minutes: 50
+  #   container:
+  #     image: ubuntu:24.04
+  #   env:
+  #     MYSQL_TEST_HOST: mysql
+  #     PDO_MYSQL_TEST_DSN: mysql:host=mysql;dbname=test
+  #     PDO_MYSQL_TEST_HOST: mysql
+  #     PDO_FIREBIRD_TEST_DSN: firebird:dbname=firebird:test.fdb
+  #   services:
+  #     mysql:
+  #       image: mysql:8.3
+  #       ports:
+  #         - 3306:3306
+  #       env:
+  #         MYSQL_DATABASE: test
+  #         MYSQL_ROOT_PASSWORD: root
+  #     firebird:
+  #       image: jacobalberty/firebird
+  #       ports:
+  #         - 3050:3050
+  #       env:
+  #         ISC_PASSWORD: test
+  #         FIREBIRD_DATABASE: test.fdb
+  #         FIREBIRD_USER: test
+  #         FIREBIRD_PASSWORD: test
+  #   steps:
+  #     - name: git checkout
+  #       uses: actions/checkout@v5
+  #     - name: apt
+  #       uses: ./.github/actions/apt-x32
+  #     - name: ccache
+  #       uses: hendrikmuhs/ccache-action@v1.2
+  #       with:
+  #         key: "${{github.job}}-${{hashFiles('main/php_version.h')}}"
+  #         append-timestamp: false
+  #     - name: ./configure
+  #       uses: ./.github/actions/configure-x32
+  #       with:
+  #         configurationParameters: >-
+  #           --enable-debug
+  #           --enable-zts
+  #     - name: make
+  #       run: make -j$(/usr/bin/nproc) >/dev/null
+  #     - name: make install
+  #       uses: ./.github/actions/install-linux-x32
+  #     - name: Test Tracing JIT
+  #       uses: ./.github/actions/test-linux
+  #       with:
+  #         jitType: tracing
+  #         runTestsParameters: >-
+  #           -d opcache.enable_cli=1
+  # MACOS_DEBUG_NTS:
+  #   if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
+  #   strategy:
+  #     fail-fast: false
+  #     matrix:
+  #       include:
+  #         - os: 15
+  #           arch: ARM64
+  #   name: MACOS_${{ matrix.arch }}_DEBUG_NTS
+  #   runs-on: macos-${{ matrix.os }}
+  #   timeout-minutes: 50
+  #   steps:
+  #     - name: git checkout
+  #       uses: actions/checkout@v5
+  #     - name: brew
+  #       uses: ./.github/actions/brew
+  #     - name: ccache
+  #       uses: hendrikmuhs/ccache-action@v1.2
+  #       with:
+  #         key: "${{github.job}}-${{matrix.os}}-${{hashFiles('main/php_version.h')}}"
+  #         append-timestamp: false
+  #         save: ${{ github.event_name != 'pull_request' }}
+  #     - name: ./configure
+  #       uses: ./.github/actions/configure-macos
+  #       with:
+  #         configurationParameters: --enable-debug --disable-zts
+  #     - name: make
+  #       run: |-
+  #         export PATH="$(brew --prefix)/opt/bison/bin:$PATH"
+  #         make -j$(sysctl -n hw.logicalcpu) >/dev/null
+  #     - name: make install
+  #       run: sudo make install
+  #     - name: Test Tracing JIT
+  #       uses: ./.github/actions/test-macos
+  #       with:
+  #         jitType: tracing
+  #         runTestsParameters: >-
+  #           -d opcache.enable_cli=1
+  #     - name: Verify generated files are up to date
+  #       uses: ./.github/actions/verify-generated-files
+  # WINDOWS:
+  #   if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
+  #   name: WINDOWS_X64_ZTS
+  #   runs-on: windows-2022
+  #   timeout-minutes: 50
+  #   env:
+  #     PHP_BUILD_CACHE_BASE_DIR: C:\build-cache
+  #     PHP_BUILD_OBJ_DIR: C:\obj
+  #     PHP_BUILD_CACHE_SDK_DIR: C:\build-cache\sdk
+  #     PHP_BUILD_SDK_BRANCH: php-sdk-2.3.0
+  #     PHP_BUILD_CRT: vs17
+  #     PLATFORM: x64
+  #     THREAD_SAFE: "1"
+  #     INTRINSICS: AVX2
+  #     PARALLEL: -j2
+  #     OPCACHE: "1"
+  #   steps:
+  #     - name: git config
+  #       run: git config --global core.autocrlf false && git config --global core.eol lf
+  #     - name: git checkout
+  #       uses: actions/checkout@v5
+  #     - name: Setup
+  #       uses: ./.github/actions/setup-windows
+  #     - name: Build
+  #       run: .github/scripts/windows/build.bat
+  #     - name: Test
+  #       run: .github/scripts/windows/test.bat
+  # BENCHMARKING:
+  #   name: BENCHMARKING
+  #   if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
+  #   runs-on: ubuntu-24.04
+  #   timeout-minutes: 50
+  #   steps:
+  #     - name: git checkout
+  #       uses: actions/checkout@v5
+  #       with:
+  #         fetch-depth: 0
+  #     # ASLR can cause a lot of noise due to missed sse opportunities for memcpy
+  #     # and other operations, so we disable it during benchmarking.
+  #     - name: Disable ASLR
+  #       run: echo 0 | sudo tee /proc/sys/kernel/randomize_va_space
+  #     - name: apt
+  #       run: |
+  #         set -x
+  #         sudo apt-get update
+  #         sudo apt-get install \
+  #           bison \
+  #           libgmp-dev \
+  #           libonig-dev \
+  #           libsqlite3-dev \
+  #           openssl \
+  #           re2c \
+  #           valgrind
+  #     - name: ccache
+  #       uses: hendrikmuhs/ccache-action@v1.2
+  #       with:
+  #         key: "${{github.job}}-${{hashFiles('main/php_version.h')}}"
+  #         append-timestamp: false
+  #         save: ${{ github.event_name != 'pull_request' }}
+  #     - name: ./configure
+  #       run: |
+  #         set -x
+  #         ./buildconf --force
+  #         ./configure \
+  #           --disable-debug \
+  #           --enable-mbstring \
+  #           --enable-option-checking=fatal \
+  #           --enable-sockets \
+  #           --enable-werror \
+  #           --prefix=/usr \
+  #           --with-config-file-scan-dir=/etc/php.d \
+  #           --with-gmp \
+  #           --with-mysqli=mysqlnd \
+  #           --with-openssl \
+  #           --with-pdo-sqlite \
+  #           --with-valgrind
+  #     - name: make
+  #       run: make -j$(/usr/bin/nproc) >/dev/null
+  #     - name: make install
+  #       run: |
+  #         set -x
+  #         sudo make install
+  #         sudo mkdir -p /etc/php.d
+  #         sudo chmod 777 /etc/php.d
+  #         echo mysqli.default_socket=/var/run/mysqld/mysqld.sock > /etc/php.d/mysqli.ini
+  #         echo opcache.enable=1 >> /etc/php.d/opcache.ini
+  #         echo opcache.enable_cli=1 >> /etc/php.d/opcache.ini
+  #     - name: Setup
+  #       run: |
+  #         git config --global user.name "Benchmark"
+  #         git config --global user.email "benchmark@php.net"
+  #         sudo service mysql start
+  #         mysql -uroot -proot -e "CREATE DATABASE IF NOT EXISTS wordpress"
+  #         mysql -uroot -proot -e "CREATE USER 'wordpress'@'localhost' IDENTIFIED BY 'wordpress'; FLUSH PRIVILEGES;"
+  #         mysql -uroot -proot -e "GRANT ALL PRIVILEGES ON *.* TO 'wordpress'@'localhost' WITH GRANT OPTION;"
+  #     - name: git checkout benchmarking-data
+  #       uses: actions/checkout@v5
+  #       with:
+  #         repository: php/benchmarking-data
+  #         ssh-key: ${{ secrets.BENCHMARKING_DATA_DEPLOY_KEY }}
+  #         path: benchmark/repos/data
+  #     - name: Benchmark
+  #       run: php benchmark/benchmark.php true
+  #     - name: Store result
+  #       if: github.event_name == 'push'
+  #       run: |
+  #         set -x
+  #         cd benchmark/repos/data
+  #         git pull --autostash
+  #         if [ -e ".git/MERGE_HEAD" ]; then
+  #           echo "Merging, can't proceed"
+  #           exit 1
+  #         fi
+  #         git add .
+  #         if git diff --cached --quiet; then
+  #           exit 0
+  #         fi
+  #         git commit -m "Add result for ${{ github.repository }}@${{ github.sha }}"
+  #         git push
+  #     - name: Show diff
+  #       if: github.event_name == 'pull_request'
+  #       run: |-
+  #         set -x
+  #         php benchmark/generate_diff.php \
+  #           ${{ github.sha }} \
+  #           $(git merge-base ${{ github.event.pull_request.base.sha }} ${{ github.sha }}) \
+  #           > $GITHUB_STEP_SUMMARY
+  #     - uses: actions/upload-artifact@v4
+  #       with:
+  #         name: profiles
+  #         path: ${{ github.workspace }}/benchmark/profiles
+  #         retention-days: 30
+  # FREEBSD:
+  #   if: github.repository == 'php/php-src' || github.event_name == 'pull_request'
+  #   name: FREEBSD
+  #   runs-on: ubuntu-latest
+  #   timeout-minutes: 50
+  #   steps:
+  #     - name: git checkout
+  #       uses: actions/checkout@v5
+  #     - name: FreeBSD
+  #       uses: ./.github/actions/freebsd
diff --git a/ext/ldap/tests/ldap_start_tls_rc_max_version.phpt b/ext/ldap/tests/ldap_start_tls_rc_max_version.phpt
index e983b97c4b4ea..359785f8b5a34 100644
--- a/ext/ldap/tests/ldap_start_tls_rc_max_version.phpt
+++ b/ext/ldap/tests/ldap_start_tls_rc_max_version.phpt
@@ -6,10 +6,6 @@ ldap
 LDAPCONF={PWD}/ldap_start_tls_rc_max_version.conf
 --SKIPIF--
 <?php
-// Skip in CI for now as adding olcTLSProtocolMin does not seem to work (needs investigation)
-if (getenv('CI')) {
-    die("Skip in CI for now");
-}
 $require_vendor = [
     "name" => "OpenLDAP",
     "min_version" => 20600,