[PHP-CVS] com php-src: Notice if CURLOPT_SSL_VERIFYHOST is set to true: ext/curl/interface.c ext/curl/tests/bug63363.phpt

[Anthony Ferrara]

Commit:    f68f31f1211f4f3fe8c692269e916358110fa73d
Author:    John Jawed (JJ) <ja...@php.net>         Wed, 24 Oct 2012 21:47:47 
-0700
Committer: Anthony Ferrara <ircmax...@gmail.com>      Thu, 25 Oct 2012 16:00:02 
-0400
Parents:   0737be7e7baf1fece1683ca9f33064733d8b3514
Branches:  PHP-5.4 master

Link:       
http://git.php.net/?p=php-src.git;a=commitdiff;h=f68f31f1211f4f3fe8c692269e916358110fa73d

Log:
Notice if CURLOPT_SSL_VERIFYHOST is set to true

Changed paths:
  M  ext/curl/interface.c
  A  ext/curl/tests/bug63363.phpt


Diff:
diff --git a/ext/curl/interface.c b/ext/curl/interface.c
index d75e5c0..00dbfd3 100644
--- a/ext/curl/interface.c
+++ b/ext/curl/interface.c
@@ -1683,6 +1683,11 @@ static int _php_curl_setopt(php_curl *ch, long option, 
zval **zvalue, zval *retu
        CURLcode     error=CURLE_OK;
 
        switch (option) {
+               /* Long options */
+               case CURLOPT_SSL_VERIFYHOST:
+                       if(Z_TYPE_PP(zvalue)==IS_BOOL && Z_BVAL_PP(zvalue)) {
+                               php_error_docref(NULL TSRMLS_CC, E_NOTICE, 
"CURLOPT_SSL_VERIFYHOST set to true which disables common name validation 
(setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation)");
+                       }
                case CURLOPT_INFILESIZE:
                case CURLOPT_VERBOSE:
                case CURLOPT_HEADER:
@@ -1721,7 +1726,6 @@ static int _php_curl_setopt(php_curl *ch, long option, 
zval **zvalue, zval *retu
 #if LIBCURL_VERSION_NUM > 0x071002
                case CURLOPT_CONNECTTIMEOUT_MS:
 #endif
-               case CURLOPT_SSL_VERIFYHOST:
                case CURLOPT_SSL_VERIFYPEER:
                case CURLOPT_DNS_USE_GLOBAL_CACHE:
                case CURLOPT_NOSIGNAL:
diff --git a/ext/curl/tests/bug63363.phpt b/ext/curl/tests/bug63363.phpt
new file mode 100644
index 0000000..43deaa2
--- /dev/null
+++ b/ext/curl/tests/bug63363.phpt
@@ -0,0 +1,29 @@
+--TEST--
+Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST)
+--SKIPIF--
+<?php
+if (!extension_loaded("curl")) {
+        exit("skip curl extension not loaded");
+}
+
+?>
+--FILE--
+<?php
+$ch = curl_init();
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false));
+/* Case that should throw an error */
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1));
+var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2));
+
+curl_close($ch);
+?>
+--EXPECTF--
+bool(true)
+
+Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST set to true which disables 
common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name 
validation) in %s on line %d
+bool(true)
+bool(true)
+bool(true)
+bool(true)


--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php