Symfony version(s) affected

5.4.0

Description

If i choose to use php.ini (or NativeSessionStorage class) to configure the session.cookie_* settings, the AbstractSessionListener doesn't use them (possibly after refactoring on #41390) as expected, but i'm forced to set them on framework.yaml configuration.
On symfony/http-kernel 5.3 this works as expected

How to reproduce

• as an example we use session.cookie_path, but this should work for any session.cookie_* setting
• configure session.cookie_path on your php.ini
• do NOT configure cookie_path on your framework.yaml
• start a session via Symfony SessionListener
• session cookie uses symfony default setting for cookie_path (which is "/") and not (as expected) the setting from php.ini

Possible Solution

• get setting from php.ini on AbstratSessionListener->onKernelResponse function https://github.com/symfony/symfony/blob/5.4/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php#L143
• use this setting, if $this->sessionOptions['cookie_path'] is not set, before using default value

Additional Context

additionally the session.cookie_secure=auto setting doesn't work anymore as expected, because the Cookie::create expects a boolean value for $secure parameter... so now, it's always true. :-(
https://github.com/symfony/symfony/blob/5.4/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php#L171