Merge branch '4.4' into 5.0

* 4.4: (30 commits)
  [Security] Check UserInterface::getPassword is not null before calling needsRehash
  gracefully handle missing event dispatchers
  Fix TokenStorage::reset not called in stateless firewall
  [DotEnv] Remove `usePutEnv` property default value
  [HttpFoundation] get currently session.gc_maxlifetime if ttl doesnt exists
  Set up typo fix
  [DependencyInjection] Handle env var placeholders in CheckTypeDeclarationsPass
  [Cache] fix memory leak when using PhpArrayAdapter
  [Validator] Allow underscore character "_" in URL username and password
  [TwigBridge] Update bootstrap_4_layout.html.twig
  [FrameworkBundle][SodiumVault] Create secrets directory only when needed
  fix parsing negative octal numbers
  [SecurityBundle] Passwords are not encoded when algorithm set to \"true\"
  [DependencyInjection] Resolve expressions in CheckTypeDeclarationsPass
  [SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
  do not validate passwords when the hash is null
  [DI] fix resolving bindings for named TypedReference
  [Config] never try loading failed classes twice with ClassExistenceResource
  [Mailer] Fix SMTP Authentication when using STARTTLS
  [DI] Fix making the container path-independent when the app is in /app
  ...

Author: nicolas-grekas

Command/ContainerDebugCommand.php

@@ -21,6 +21,7 @@
 use Symfony\Component\Console\Input\InputOption;
 use Symfony\Component\Console\Output\OutputInterface;
 use Symfony\Component\Console\Style\SymfonyStyle;
+use Symfony\Component\DependencyInjection\Compiler\ServiceLocatorTagPass;
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Exception\ServiceNotFoundException;
 use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
@@ -228,6 +229,8 @@ protected function getContainerBuilder(): ContainerBuilder
             $container->compile();
         } else {
             (new XmlFileLoader($container = new ContainerBuilder(), new FileLocator()))->load($kernel->getContainer()->getParameter('debug.container.dump'));
+            $locatorPass = new ServiceLocatorTagPass();
+            $locatorPass->process($container);
         }
 
         return $this->containerBuilder = $container;

Secrets/SodiumVault.php

@@ -25,6 +25,7 @@ class SodiumVault extends AbstractVault implements EnvVarLoaderInterface
     private $encryptionKey;
     private $decryptionKey;
     private $pathPrefix;
+    private $secretsDir;
 
     /**
      * @param string|object|null $decryptionKey A string or a stringable object that defines the private key to use to decrypt the vault
@@ -36,12 +37,9 @@ public function __construct(string $secretsDir, $decryptionKey = null)
             throw new \TypeError(sprintf('Decryption key should be a string or an object that implements the __toString() method, %s given.', \gettype($decryptionKey)));
         }
 
-        if (!is_dir($secretsDir) && !@mkdir($secretsDir, 0777, true) && !is_dir($secretsDir)) {
-            throw new \RuntimeException(sprintf('Unable to create the secrets directory (%s)', $secretsDir));
-        }
-
         $this->pathPrefix = rtrim(strtr($secretsDir, '/', \DIRECTORY_SEPARATOR), \DIRECTORY_SEPARATOR).\DIRECTORY_SEPARATOR.basename($secretsDir).'.';
         $this->decryptionKey = $decryptionKey;
+        $this->secretsDir = $secretsDir;
     }
 
     public function generateKeys(bool $override = false): bool
@@ -203,9 +201,20 @@ private function export(string $file, string $data): void
         $data = str_replace('%', '\x', rawurlencode($data));
         $data = sprintf("<?php // %s on %s\n\nreturn \"%s\";\n", $name, date('r'), $data);
 
+        $this->createSecretsDir();
+
         if (false === file_put_contents($this->pathPrefix.$file.'.php', $data, LOCK_EX)) {
             $e = error_get_last();
             throw new \ErrorException($e['message'] ?? 'Failed to write secrets data.', 0, $e['type'] ?? E_USER_WARNING);
         }
     }
+
+    private function createSecretsDir(): void
+    {
+        if ($this->secretsDir && !is_dir($this->secretsDir) && !@mkdir($this->secretsDir, 0777, true) && !is_dir($this->secretsDir)) {
+            throw new \RuntimeException(sprintf('Unable to create the secrets directory (%s)', $this->secretsDir));
+        }
+
+        $this->secretsDir = null;
+    }
 }