[PHP-CVS] com php-src: fixed a typo in the error message: ext/phar/util.c
Commit:6e23cfeba48cc10fe59d3dacfea90ccb1a2f1dd4 Author:Anatoliy Belsky a...@php.net Thu, 25 Oct 2012 09:26:44 +0200 Parents: a88379e03d806a1218926e9bf2c9bcd74c4124c7 Branches: PHP-5.3 PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=6e23cfeba48cc10fe59d3dacfea90ccb1a2f1dd4 Log: fixed a typo in the error message Changed paths: M ext/phar/util.c Diff: diff --git a/ext/phar/util.c b/ext/phar/util.c index d456ee3..08faaa6 100644 --- a/ext/phar/util.c +++ b/ext/phar/util.c @@ -2157,7 +2157,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat if (!EVP_SignUpdate(md_ctx, buf, sig_len)) { efree(sigbuf); if (error) { - spprintf(error, 0, unable to to update the openssl signature for phar \%s\, phar-fname); + spprintf(error, 0, unable to update the openssl signature for phar \%s\, phar-fname); } return FAILURE; } -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: merged changes for bug #63297 from 5.3: NEWS ext/phar/util.c
Commit:f962260081c4341c768533c5fb23c83c6ca9b1ed Author:Anatoliy Belsky a...@php.net Thu, 25 Oct 2012 09:40:21 +0200 Parents: 9a6d8e250aa8cd7502f20059ad7b686ac814fc9e Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=f962260081c4341c768533c5fb23c83c6ca9b1ed Log: merged changes for bug #63297 from 5.3 Bugs: https://bugs.php.net/63297 Changed paths: M NEWS M ext/phar/util.c Diff: diff --git a/NEWS b/NEWS index a039615..8a322a9 100644 --- a/NEWS +++ b/NEWS @@ -18,6 +18,10 @@ PHP NEWS (Dmitry, Laruence) . Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy) +- Phar: + . Fixed bug #63297 (Phar fails to write an openssl based signature). +(Anatoliy) + 18 Oct 2012, PHP 5.4.8 - CLI server: diff --git a/ext/phar/util.c b/ext/phar/util.c index 5fcb2b6..f674bca 100644 --- a/ext/phar/util.c +++ b/ext/phar/util.c @@ -2118,8 +2118,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat #ifdef PHAR_HAVE_OPENSSL BIO *in; EVP_PKEY *key; - EVP_MD *mdtype = (EVP_MD *) EVP_sha1(); - EVP_MD_CTX md_ctx; + EVP_MD_CTX *md_ctx; in = BIO_new_mem_buf(PHAR_G(openssl_privatekey), PHAR_G(openssl_privatekey_len)); @@ -2140,15 +2139,30 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat return FAILURE; } + md_ctx = EVP_MD_CTX_create(); + siglen = EVP_PKEY_size(key); sigbuf = emalloc(siglen + 1); - EVP_SignInit(md_ctx, mdtype); + + if (!EVP_SignInit(md_ctx, EVP_sha1())) { + efree(sigbuf); + if (error) { + spprintf(error, 0, unable to initialize openssl signature for phar \%s\, phar-fname); + } + return FAILURE; + } while ((sig_len = php_stream_read(fp, (char*)buf, sizeof(buf))) 0) { - EVP_SignUpdate(md_ctx, buf, sig_len); + if (!EVP_SignUpdate(md_ctx, buf, sig_len)) { + efree(sigbuf); + if (error) { + spprintf(error, 0, unable to update the openssl signature for phar \%s\, phar-fname); + } + return FAILURE; + } } - if (!EVP_SignFinal (md_ctx, sigbuf,(unsigned int *)siglen, key)) { + if (!EVP_SignFinal (md_ctx, sigbuf,(unsigned int *)siglen, key)) { efree(sigbuf); if (error) { spprintf(error, 0, unable to write phar \%s\ with requested openssl signature, phar-fname); @@ -2157,7 +2171,7 @@ int phar_create_signature(phar_archive_data *phar, php_stream *fp, char **signat } sigbuf[siglen] = '\0'; - EVP_MD_CTX_cleanup(md_ctx); + EVP_MD_CTX_destroy(md_ctx); #else sigbuf = NULL; siglen = 0; -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Deprecating undocumented function alias, related to bug #63295: ext/mysql/php_mysql.c ext/mysql/tests/mysql_reflection_extension.phpt ext/mysql/tests/mysql_reflection_functions.
Commit:e7fc671dc0ad335cba9ff2a564387612e32b68e1 Author:ULF WENDEL u...@php.net Tue, 23 Oct 2012 12:02:58 +0200 Parents: 84ab603fc783689f38c6d0047d85a3c7bb031ae4 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=e7fc671dc0ad335cba9ff2a564387612e32b68e1 Log: Deprecating undocumented function alias, related to bug #63295 Bugs: https://bugs.php.net/63295 Changed paths: M ext/mysql/php_mysql.c A ext/mysql/tests/mysql_reflection_extension.phpt A ext/mysql/tests/mysql_reflection_functions.phpt diff --git a/ext/mysql/php_mysql.c b/ext/mysql/php_mysql.c index d6a0c94..f1aab94 100644 --- a/ext/mysql/php_mysql.c +++ b/ext/mysql/php_mysql.c @@ -297,27 +297,27 @@ static const zend_function_entry mysql_functions[] = { PHP_FE(mysql_set_charset, arginfo_mysql_set_charset) #endif /* for downwards compatability */ - PHP_FALIAS(mysql, mysql_db_query, arginfo_mysql_db_query) - PHP_FALIAS(mysql_fieldname, mysql_field_name, arginfo_mysql_field_name) - PHP_FALIAS(mysql_fieldtable,mysql_field_table, arginfo_mysql_field_seek) - PHP_FALIAS(mysql_fieldlen, mysql_field_len, arginfo_mysql_field_seek) - PHP_FALIAS(mysql_fieldtype, mysql_field_type, arginfo_mysql_field_seek) - PHP_FALIAS(mysql_fieldflags,mysql_field_flags, arginfo_mysql_field_seek) - PHP_FALIAS(mysql_selectdb, mysql_select_db, arginfo_mysql_select_db) + PHP_DEP_FALIAS(mysql, mysql_db_query, arginfo_mysql_db_query) + PHP_DEP_FALIAS(mysql_fieldname, mysql_field_name, arginfo_mysql_field_name) + PHP_DEP_FALIAS(mysql_fieldtable,mysql_field_table, arginfo_mysql_field_seek) + PHP_DEP_FALIAS(mysql_fieldlen, mysql_field_len, arginfo_mysql_field_seek) + PHP_DEP_FALIAS(mysql_fieldtype, mysql_field_type, arginfo_mysql_field_seek) + PHP_DEP_FALIAS(mysql_fieldflags,mysql_field_flags, arginfo_mysql_field_seek) + PHP_DEP_FALIAS(mysql_selectdb, mysql_select_db, arginfo_mysql_select_db) #ifndef NETWARE/* The below two functions not supported on NetWare */ #if MYSQL_VERSION_ID 4 PHP_DEP_FALIAS(mysql_createdb, mysql_create_db, arginfo_mysql_select_db) PHP_DEP_FALIAS(mysql_dropdb,mysql_drop_db, arginfo_mysql_select_db) #endif #endif /* NETWARE */ - PHP_FALIAS(mysql_freeresult,mysql_free_result, arginfo__result_mysql_arg) - PHP_FALIAS(mysql_numfields, mysql_num_fields, arginfo__result_mysql_arg) - PHP_FALIAS(mysql_numrows, mysql_num_rows, arginfo__result_mysql_arg) - PHP_FALIAS(mysql_listdbs, mysql_list_dbs, arginfo__optional_mysql_link) + PHP_DEP_FALIAS(mysql_freeresult,mysql_free_result, arginfo__result_mysql_arg) + PHP_DEP_FALIAS(mysql_numfields, mysql_num_fields, arginfo__result_mysql_arg) + PHP_DEP_FALIAS(mysql_numrows, mysql_num_rows, arginfo__result_mysql_arg) + PHP_DEP_FALIAS(mysql_listdbs, mysql_list_dbs, arginfo__optional_mysql_link) PHP_DEP_FALIAS(mysql_listtables,mysql_list_tables, arginfo_mysql_select_db) - PHP_FALIAS(mysql_listfields,mysql_list_fields, arginfo_mysql_list_fields) + PHP_DEP_FALIAS(mysql_listfields,mysql_list_fields, arginfo_mysql_list_fields) PHP_FALIAS(mysql_db_name, mysql_result, arginfo_mysql_result) - PHP_FALIAS(mysql_dbname,mysql_result, arginfo_mysql_result) + PHP_DEP_FALIAS(mysql_dbname,mysql_result, arginfo_mysql_result) PHP_FALIAS(mysql_tablename, mysql_result, arginfo_mysql_result) PHP_FALIAS(mysql_table_name,mysql_result, arginfo_mysql_result) PHP_FE_END @@ -1989,16 +1989,16 @@ Q: String or long first? if (sql_row[field_offset]) { Z_TYPE_P(return_value) = IS_STRING; -#if PHP_API_VERSION 20100412 +#if PHP_API_VERSION 20100412 if (PG(magic_quotes_runtime)) { Z_STRVAL_P(return_value) = php_addslashes(sql_row[field_offset], sql_row_lengths[field_offset],Z_STRLEN_P(return_value), 0 TSRMLS_CC); } else { -#endif +#endif Z_STRLEN_P(return_value) = sql_row_lengths[field_offset]; Z_STRVAL_P(return_value) = (char *) safe_estrndup(sql_row[field_offset], Z_STRLEN_P(return_value)); #if PHP_API_VERSION 20100412 } -#endif +#endif } else {
[PHP-CVS] com php-src: commented out the HHC_LOCATION line, as there are no easy to use alternatives for hhc.exe on linux. we should either run the chm build on a windows box(maybe on the replacement
Commit:240f8d06def8d84021605d21d932adeeaeebbbda Author:Ferenc Kovacs tyr...@gmail.com Thu, 25 Oct 2012 17:11:13 +0200 Parents: e7fc671dc0ad335cba9ff2a564387612e32b68e1 Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=240f8d06def8d84021605d21d932adeeaeebbbda Log: commented out the HHC_LOCATION line, as there are no easy to use alternatives for hhc.exe on linux. we should either run the chm build on a windows box(maybe on the replacement of oti1), or look into running it through wine see http://cweiske.de/tagebuch/Generating%20CHM%20files%20with%20Wine%20on%20a%20Linux%20server,%20and%20a%20bit%20about%20PEAR's%20PhD%20transition.htm for details. I also set DOT_CLEANUP to NO as the doc generation was spitting out errors regarding some dot file cannot be found. Changed paths: M ext/spl/doxygen.cfg Diff: diff --git a/ext/spl/doxygen.cfg b/ext/spl/doxygen.cfg index 4b71787..5c7025a 100755 --- a/ext/spl/doxygen.cfg +++ b/ext/spl/doxygen.cfg @@ -111,7 +111,7 @@ HTML_STYLESHEET= HTML_ALIGN_MEMBERS = YES GENERATE_HTMLHELP = YES CHM_FILE = ../spl.chm -HHC_LOCATION = hhc.exe +#HHC_LOCATION = hhc.exe GENERATE_CHI = NO BINARY_TOC = NO TOC_EXPAND = NO @@ -210,7 +210,7 @@ MAX_DOT_GRAPH_WIDTH= 1200 MAX_DOT_GRAPH_HEIGHT = 1024 MAX_DOT_GRAPH_DEPTH= 0 GENERATE_LEGEND= YES -DOT_CLEANUP= YES +DOT_CLEANUP= NO #--- # Configuration::additions related to the search engine #--- -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Fix for bug #62820: ext/pdo_mysql/mysql_statement.c
Commit:0737be7e7baf1fece1683ca9f33064733d8b3514 Author:ULF WENDEL u...@php.net Tue, 23 Oct 2012 15:13:57 +0200 Parents: 38b632dd7c1d6a935f859e53d69cc3ce3c373c94 Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=0737be7e7baf1fece1683ca9f33064733d8b3514 Log: Fix for bug #62820 Bugs: https://bugs.php.net/62820 Changed paths: M ext/pdo_mysql/mysql_statement.c diff --git a/ext/pdo_mysql/mysql_statement.c b/ext/pdo_mysql/mysql_statement.c index fc5ec51..7bfbef0 100644 --- a/ext/pdo_mysql/mysql_statement.c +++ b/ext/pdo_mysql/mysql_statement.c @@ -75,13 +75,13 @@ static int pdo_mysql_stmt_dtor(pdo_stmt_t *stmt TSRMLS_DC) /* {{{ */ efree(S-in_length); } - if (S-bound_result) + if (S-bound_result) { int i; for (i = 0; i stmt-column_count; i++) { pdo_free_bound_result(S-bound_result[i]); } - + efree(S-bound_result); efree(S-out_null); efree(S-out_length); @@ -95,7 +95,7 @@ static int pdo_mysql_stmt_dtor(pdo_stmt_t *stmt TSRMLS_DC) /* {{{ */ if (mysql_next_result(S-H-server) != 0) { break; } - + res = mysql_store_result(S-H-server); if (res) { mysql_free_result(res); @@ -180,23 +180,23 @@ static int pdo_mysql_stmt_execute_prepared_libmysql(pdo_stmt_t *stmt TSRMLS_DC) } if (!S-result) { - int i; - - /* figure out the result set format, if any */ - S-result = mysql_stmt_result_metadata(S-stmt); - if (S-result) { - int calc_max_length = H-buffered S-max_length == 1; - S-fields = mysql_fetch_fields(S-result); - if (S-bound_result) { - int i; - for (i = 0; i stmt-column_count; i++) { - efree(S-bound_result[i].buffer); - } - efree(S-bound_result); - efree(S-out_null); - efree(S-out_length); + int i; + + /* figure out the result set format, if any */ + S-result = mysql_stmt_result_metadata(S-stmt); + if (S-result) { + int calc_max_length = H-buffered S-max_length == 1; + S-fields = mysql_fetch_fields(S-result); + if (S-bound_result) { + int i; + for (i = 0; i stmt-column_count; i++) { + efree(S-bound_result[i].buffer); + } + efree(S-bound_result); + efree(S-out_null); + efree(S-out_length); } - + stmt-column_count = (int)mysql_num_fields(S-result); S-bound_result = ecalloc(stmt-column_count, sizeof(MYSQL_BIND)); S-out_null = ecalloc(stmt-column_count, sizeof(my_bool)); @@ -262,7 +262,7 @@ static int pdo_mysql_stmt_execute_prepared_libmysql(pdo_stmt_t *stmt TSRMLS_DC) } } } - + pdo_mysql_stmt_set_row_count(stmt TSRMLS_CC); PDO_DBG_RETURN(1); } @@ -275,9 +275,9 @@ static int pdo_mysql_stmt_execute_prepared_mysqlnd(pdo_stmt_t *stmt TSRMLS_DC) / pdo_mysql_stmt *S = stmt-driver_data; pdo_mysql_db_handle *H = S-H; int i; - + PDO_DBG_ENTER(pdo_mysql_stmt_execute_prepared_mysqlnd); - + if (mysql_stmt_execute(S-stmt)) { pdo_mysql_error_stmt(stmt); PDO_DBG_RETURN(0); @@ -305,7 +305,7 @@ static int pdo_mysql_stmt_execute_prepared_mysqlnd(pdo_stmt_t *stmt TSRMLS_DC) / } } } - + pdo_mysql_stmt_set_row_count(stmt TSRMLS_CC); PDO_DBG_RETURN(1); } @@ -322,7 +322,7 @@ static int pdo_mysql_stmt_execute(pdo_stmt_t *stmt TSRMLS_DC) /* {{{ */ if (S-stmt) { PDO_DBG_RETURN(pdo_mysql_stmt_execute_prepared(stmt)); } - + /* ensure that we free any previous unfetched results */ if (S-result) { mysql_free_result(S-result); @@ -357,8 +357,8 @@ static int pdo_mysql_stmt_next_rowset(pdo_stmt_t *stmt TSRMLS_DC) /* {{{ */ } if (!mysqlnd_stmt_more_results(S-stmt)) { - /* - MySQL gives us n + 1 result sets for + /* +
[PHP-CVS] com php-src: Fix for bug #62820 well hidden beneath a ton of whitespace changes. Do not use this pdo factory stuff - you get a line with an error on it, use the mysql stuff in the tests: ext
Commit:848780606dbaa3553b300390393d646b7bd20051 Author:ULF WENDEL u...@php.net Tue, 23 Oct 2012 14:58:16 +0200 Parents: bac9d118edb6b54cb9cfa80fefdc2d46609efebc Branches: PHP-5.3 Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=848780606dbaa3553b300390393d646b7bd20051 Log: Fix for bug #62820 well hidden beneath a ton of whitespace changes. Do not use this pdo factory stuff - you get a line with an error on it, use the mysql stuff in the tests Bugs: https://bugs.php.net/62820 Changed paths: M ext/pdo_mysql/mysql_statement.c M ext/pdo_mysql/tests/bug_41997.phpt diff --git a/ext/pdo_mysql/mysql_statement.c b/ext/pdo_mysql/mysql_statement.c index 115e74c..9884c85 100644 --- a/ext/pdo_mysql/mysql_statement.c +++ b/ext/pdo_mysql/mysql_statement.c @@ -80,13 +80,13 @@ static int pdo_mysql_stmt_dtor(pdo_stmt_t *stmt TSRMLS_DC) /* {{{ */ #endif /* PDO_USE_MYSQLND */ #ifdef HAVE_MYSQL_STMT_PREPARE - if (S-bound_result) + if (S-bound_result) { int i; for (i = 0; i stmt-column_count; i++) { pdo_free_bound_result(S-bound_result[i]); } - + efree(S-bound_result); efree(S-out_null); efree(S-out_length); @@ -101,13 +101,13 @@ static int pdo_mysql_stmt_dtor(pdo_stmt_t *stmt TSRMLS_DC) /* {{{ */ if (mysql_next_result(S-H-server) != 0) { break; } - + res = mysql_store_result(S-H-server); if (res) { mysql_free_result(res); } } - } + } #endif /* HAVE_MYSQL_NEXT_RESULT || PDO_USE_MYSQLND */ #if PDO_USE_MYSQLND if (!S-stmt S-current_data) { @@ -186,23 +186,23 @@ static int pdo_mysql_stmt_execute_prepared_libmysql(pdo_stmt_t *stmt TSRMLS_DC) } if (!S-result) { - int i; - - /* figure out the result set format, if any */ - S-result = mysql_stmt_result_metadata(S-stmt); - if (S-result) { - int calc_max_length = H-buffered S-max_length == 1; - S-fields = mysql_fetch_fields(S-result); - if (S-bound_result) { - int i; - for (i = 0; i stmt-column_count; i++) { - efree(S-bound_result[i].buffer); - } - efree(S-bound_result); - efree(S-out_null); - efree(S-out_length); + int i; + + /* figure out the result set format, if any */ + S-result = mysql_stmt_result_metadata(S-stmt); + if (S-result) { + int calc_max_length = H-buffered S-max_length == 1; + S-fields = mysql_fetch_fields(S-result); + if (S-bound_result) { + int i; + for (i = 0; i stmt-column_count; i++) { + efree(S-bound_result[i].buffer); + } + efree(S-bound_result); + efree(S-out_null); + efree(S-out_length); } - + stmt-column_count = (int)mysql_num_fields(S-result); S-bound_result = ecalloc(stmt-column_count, sizeof(MYSQL_BIND)); S-out_null = ecalloc(stmt-column_count, sizeof(my_bool)); @@ -268,7 +268,7 @@ static int pdo_mysql_stmt_execute_prepared_libmysql(pdo_stmt_t *stmt TSRMLS_DC) } } } - + pdo_mysql_stmt_set_row_count(stmt TSRMLS_CC); PDO_DBG_RETURN(1); } @@ -281,9 +281,9 @@ static int pdo_mysql_stmt_execute_prepared_mysqlnd(pdo_stmt_t *stmt TSRMLS_DC) / pdo_mysql_stmt *S = stmt-driver_data; pdo_mysql_db_handle *H = S-H; int i; - + PDO_DBG_ENTER(pdo_mysql_stmt_execute_prepared_mysqlnd); - + if (mysql_stmt_execute(S-stmt)) { pdo_mysql_error_stmt(stmt); PDO_DBG_RETURN(0); @@ -311,7 +311,7 @@ static int pdo_mysql_stmt_execute_prepared_mysqlnd(pdo_stmt_t *stmt TSRMLS_DC) / } } } - + pdo_mysql_stmt_set_row_count(stmt TSRMLS_CC); PDO_DBG_RETURN(1); } @@ -330,7 +330,7 @@ static int pdo_mysql_stmt_execute(pdo_stmt_t *stmt TSRMLS_DC) /* {{{ */ PDO_DBG_RETURN(pdo_mysql_stmt_execute_prepared(stmt)); } #endif - + /* ensure that we free any previous
[PHP-CVS] com php-src: News entry for CURL notice addition: NEWS
Commit:c4ce96d073da66c04ebe1c74f38138d33a5e6fd4 Author:Anthony Ferrara ircmax...@gmail.com Thu, 25 Oct 2012 16:04:56 -0400 Parents: f68f31f1211f4f3fe8c692269e916358110fa73d Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=c4ce96d073da66c04ebe1c74f38138d33a5e6fd4 Log: News entry for CURL notice addition Changed paths: M NEWS Diff: diff --git a/NEWS b/NEWS index 8a322a9..10694f6 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,10 @@ PHP NEWS - Core: . Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence) +- Curl: + . Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST). +Patch by John Jawed GitHub PR #221 (Anthony) + - Fileinfo: . Fixed bug #63248 (Load multiple magic files from a directory under Windows). (Anatoliy) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Notice if CURLOPT_SSL_VERIFYHOST is set to true: ext/curl/interface.c ext/curl/tests/bug63363.phpt
Commit:3b85d09de7347b16024530579e46f89d587a2e18 Author:John Jawed (JJ) ja...@php.net Wed, 24 Oct 2012 21:47:47 -0700 Parents: 7b4a53e26344ede3534c6ce7ea5973cd4082c90e Branches: master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=3b85d09de7347b16024530579e46f89d587a2e18 Log: Notice if CURLOPT_SSL_VERIFYHOST is set to true Changed paths: M ext/curl/interface.c A ext/curl/tests/bug63363.phpt Diff: diff --git a/ext/curl/interface.c b/ext/curl/interface.c index d9abece..eb7ed8d 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -2014,6 +2014,10 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu switch (option) { /* Long options */ + case CURLOPT_SSL_VERIFYHOST: + if(Z_TYPE_PP(zvalue)==IS_BOOL Z_BVAL_PP(zvalue)) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation)); + } case CURLOPT_AUTOREFERER: case CURLOPT_BUFFERSIZE: case CURLOPT_CLOSEPOLICY: @@ -2048,7 +2052,6 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu case CURLOPT_PUT: case CURLOPT_RESUME_FROM: case CURLOPT_SSLVERSION: - case CURLOPT_SSL_VERIFYHOST: case CURLOPT_SSL_VERIFYPEER: case CURLOPT_TIMECONDITION: case CURLOPT_TIMEOUT: diff --git a/ext/curl/tests/bug63363.phpt b/ext/curl/tests/bug63363.phpt new file mode 100644 index 000..43deaa2 --- /dev/null +++ b/ext/curl/tests/bug63363.phpt @@ -0,0 +1,29 @@ +--TEST-- +Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST) +--SKIPIF-- +?php +if (!extension_loaded(curl)) { +exit(skip curl extension not loaded); +} + +? +--FILE-- +?php +$ch = curl_init(); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false)); +/* Case that should throw an error */ +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2)); + +curl_close($ch); +? +--EXPECTF-- +bool(true) + +Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation) in %s on line %d +bool(true) +bool(true) +bool(true) +bool(true) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-CVS] com php-src: Notice if CURLOPT_SSL_VERIFYHOST is set to true: ext/curl/interface.c ext/curl/tests/bug63363.phpt
Commit:f68f31f1211f4f3fe8c692269e916358110fa73d Author:John Jawed (JJ) ja...@php.net Wed, 24 Oct 2012 21:47:47 -0700 Committer: Anthony Ferrara ircmax...@gmail.com Thu, 25 Oct 2012 16:00:02 -0400 Parents: 0737be7e7baf1fece1683ca9f33064733d8b3514 Branches: PHP-5.4 master Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=f68f31f1211f4f3fe8c692269e916358110fa73d Log: Notice if CURLOPT_SSL_VERIFYHOST is set to true Changed paths: M ext/curl/interface.c A ext/curl/tests/bug63363.phpt Diff: diff --git a/ext/curl/interface.c b/ext/curl/interface.c index d75e5c0..00dbfd3 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -1683,6 +1683,11 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu CURLcode error=CURLE_OK; switch (option) { + /* Long options */ + case CURLOPT_SSL_VERIFYHOST: + if(Z_TYPE_PP(zvalue)==IS_BOOL Z_BVAL_PP(zvalue)) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation)); + } case CURLOPT_INFILESIZE: case CURLOPT_VERBOSE: case CURLOPT_HEADER: @@ -1721,7 +1726,6 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu #if LIBCURL_VERSION_NUM 0x071002 case CURLOPT_CONNECTTIMEOUT_MS: #endif - case CURLOPT_SSL_VERIFYHOST: case CURLOPT_SSL_VERIFYPEER: case CURLOPT_DNS_USE_GLOBAL_CACHE: case CURLOPT_NOSIGNAL: diff --git a/ext/curl/tests/bug63363.phpt b/ext/curl/tests/bug63363.phpt new file mode 100644 index 000..43deaa2 --- /dev/null +++ b/ext/curl/tests/bug63363.phpt @@ -0,0 +1,29 @@ +--TEST-- +Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST) +--SKIPIF-- +?php +if (!extension_loaded(curl)) { +exit(skip curl extension not loaded); +} + +? +--FILE-- +?php +$ch = curl_init(); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false)); +/* Case that should throw an error */ +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2)); + +curl_close($ch); +? +--EXPECTF-- +bool(true) + +Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation) in %s on line %d +bool(true) +bool(true) +bool(true) +bool(true) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php