diff options
Diffstat (limited to 'ext/curl')
| -rw-r--r-- | ext/curl/interface.c | 43 | ||||
| -rw-r--r-- | ext/curl/multi.c | 2 | ||||
| -rw-r--r-- | ext/curl/php_curl.h | 3 | ||||
| -rw-r--r-- | ext/curl/streams.c | 28 | ||||
| -rw-r--r-- | ext/curl/tests/bug63363.phpt | 9 | ||||
| -rw-r--r-- | ext/curl/tests/bug63795.phpt | 34 | ||||
| -rw-r--r-- | ext/curl/tests/curl_multi_segfault.phpt | 56 |
7 files changed, 148 insertions, 27 deletions
diff --git a/ext/curl/interface.c b/ext/curl/interface.c index 00dbfd3d2..531f15ba1 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2012 The PHP Group | + | Copyright (c) 1997-2013 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -977,6 +977,15 @@ PHP_MSHUTDOWN_FUNCTION(curl) } /* }}} */ +/* {{{ curl_write_nothing + * Used as a work around. See _php_curl_close_ex + */ +static size_t curl_write_nothing(char *data, size_t size, size_t nmemb, void *ctx) +{ + return size * nmemb; +} +/* }}} */ + /* {{{ curl_write */ static size_t curl_write(char *data, size_t size, size_t nmemb, void *ctx) @@ -1685,8 +1694,14 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu switch (option) { /* Long options */ case CURLOPT_SSL_VERIFYHOST: - if(Z_TYPE_PP(zvalue)==IS_BOOL && Z_BVAL_PP(zvalue)) { - php_error_docref(NULL TSRMLS_CC, E_NOTICE, "CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation)"); + if(Z_BVAL_PP(zvalue) == 1) { +#if LIBCURL_VERSION_NUM <= 0x071c00 /* 7.28.0 */ + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead"); +#else + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead"); + error = curl_easy_setopt(ch->cp, option, 2); + break; +#endif } case CURLOPT_INFILESIZE: case CURLOPT_VERBOSE: @@ -1836,10 +1851,6 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu case CURLOPT_SSH_PRIVATE_KEYFILE: #endif { -#if LIBCURL_VERSION_NUM < 0x071100 - char *copystr = NULL; -#endif - convert_to_string_ex(zvalue); #if LIBCURL_VERSION_NUM >= 0x071300 if ( @@ -2120,6 +2131,9 @@ string_copy: return 1; } + if (Z_REFCOUNT_P(ch->clone) <= 1) { + zend_llist_clean(&ch->to_free->post); + } zend_llist_add_element(&ch->to_free->post, &first); error = curl_easy_setopt(ch->cp, CURLOPT_HTTPPOST, first); @@ -2646,6 +2660,21 @@ static void _php_curl_close_ex(php_curl *ch TSRMLS_DC) #endif _php_curl_verify_handlers(ch, 0 TSRMLS_CC); + + /* + * Libcurl is doing connection caching. When easy handle is cleaned up, + * if the handle was previously used by the curl_multi_api, the connection + * remains open un the curl multi handle is cleaned up. Some protocols are + * sending content like the FTP one, and libcurl try to use the + * WRITEFUNCTION or the HEADERFUNCTION. Since structures used in those + * callback are freed, we need to use an other callback to which avoid + * segfaults. + * + * Libcurl commit d021f2e8a00 fix this issue and should be part of 7.28.2 + */ + curl_easy_setopt(ch->cp, CURLOPT_HEADERFUNCTION, curl_write_nothing); + curl_easy_setopt(ch->cp, CURLOPT_WRITEFUNCTION, curl_write_nothing); + curl_easy_cleanup(ch->cp); /* cURL destructors should be invoked only by last curl handle */ diff --git a/ext/curl/multi.c b/ext/curl/multi.c index 53e97b80f..38c1f1a53 100644 --- a/ext/curl/multi.c +++ b/ext/curl/multi.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2012 The PHP Group | + | Copyright (c) 1997-2013 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | diff --git a/ext/curl/php_curl.h b/ext/curl/php_curl.h index 05275455e..945f0a430 100644 --- a/ext/curl/php_curl.h +++ b/ext/curl/php_curl.h @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2012 The PHP Group | + | Copyright (c) 1997-2013 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -181,6 +181,7 @@ typedef struct { CURLMcode mcode; int pending; zval *headers; + struct curl_slist *headers_slist; /* holds custom headers sent out in the request */ } php_curl_stream; diff --git a/ext/curl/streams.c b/ext/curl/streams.c index 821c2ecad..2683ae088 100644 --- a/ext/curl/streams.c +++ b/ext/curl/streams.c @@ -2,7 +2,7 @@ +----------------------------------------------------------------------+ | PHP Version 5 | +----------------------------------------------------------------------+ - | Copyright (c) 1997-2012 The PHP Group | + | Copyright (c) 1997-2013 The PHP Group | +----------------------------------------------------------------------+ | This source file is subject to version 3.01 of the PHP license, | | that is bundled with this package in the file LICENSE, and is | @@ -218,6 +218,10 @@ static int php_curl_stream_close(php_stream *stream, int close_handle TSRMLS_DC) curl_easy_cleanup(curlstream->curl); curl_multi_cleanup(curlstream->multi); + if (curlstream->headers_slist) { + curl_slist_free_all(curlstream->headers_slist); + } + /* we are not closing curlstream->readbuf here, because we export * it as a zval with the wrapperdata - the engine will garbage collect it */ @@ -268,7 +272,6 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, php_stream *stream; php_curl_stream *curlstream; zval *tmp, **ctx_opt = NULL; - struct curl_slist *slist = NULL; curlstream = emalloc(sizeof(php_curl_stream)); memset(curlstream, 0, sizeof(php_curl_stream)); @@ -279,6 +282,7 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, curlstream->curl = curl_easy_init(); curlstream->multi = curl_multi_init(); curlstream->pending = 1; + curlstream->headers_slist = NULL; /* if opening for an include statement, ensure that the local storage will * have a FILE* associated with it. @@ -327,7 +331,7 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, } if (SUCCESS == php_stream_context_get_option(context, "http", "curl_verify_ssl_host", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) { - curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 1); + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 2); } else { curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 0); } @@ -351,7 +355,7 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, zend_hash_move_forward_ex(Z_ARRVAL_PP(ctx_opt), &pos) ) { if (Z_TYPE_PP(header) == IS_STRING) { - slist = curl_slist_append(slist, Z_STRVAL_PP(header)); + curlstream->headers_slist = curl_slist_append(curlstream->headers_slist, Z_STRVAL_PP(header)); } } } else if (Z_TYPE_PP(ctx_opt) == IS_STRING && Z_STRLEN_PP(ctx_opt)) { @@ -361,14 +365,14 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, p = php_strtok_r(copy_ctx_opt, "\r\n", &token); while (p) { trimmed = php_trim(p, strlen(p), NULL, 0, NULL, 3 TSRMLS_CC); - slist = curl_slist_append(slist, trimmed); + curlstream->headers_slist = curl_slist_append(curlstream->headers_slist, trimmed); efree(trimmed); p = php_strtok_r(NULL, "\r\n", &token); } efree(copy_ctx_opt); } - if (slist) { - curl_easy_setopt(curlstream->curl, CURLOPT_HTTPHEADER, slist); + if (curlstream->headers_slist) { + curl_easy_setopt(curlstream->curl, CURLOPT_HTTPHEADER, curlstream->headers_slist); } } if (SUCCESS == php_stream_context_get_option(context, "http", "method", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_STRING) { @@ -416,7 +420,7 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, } } else if (context && !strncasecmp(filename, "ftps", sizeof("ftps")-1)) { if (SUCCESS == php_stream_context_get_option(context, "ftp", "curl_verify_ssl_host", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) { - curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 1); + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 2); } else { curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 0); } @@ -500,18 +504,10 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, } } - /* context headers are not needed anymore */ - if (slist) { - curl_easy_setopt(curlstream->curl, CURLOPT_HTTPHEADER, NULL); - curl_slist_free_all(slist); - } return stream; exit_fail: php_stream_close(stream); - if (slist) { - curl_slist_free_all(slist); - } return NULL; } diff --git a/ext/curl/tests/bug63363.phpt b/ext/curl/tests/bug63363.phpt index 43deaa234..36abc5e0a 100644 --- a/ext/curl/tests/bug63363.phpt +++ b/ext/curl/tests/bug63363.phpt @@ -5,7 +5,10 @@ Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST) if (!extension_loaded("curl")) { exit("skip curl extension not loaded"); } - +$curl_version = curl_version(); +if ($curl_version['version_number'] >= 0x071c01) { + exit("skip: test valid for libcurl < 7.28.1"); +} ?> --FILE-- <?php @@ -22,8 +25,10 @@ curl_close($ch); --EXPECTF-- bool(true) -Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation) in %s on line %d +Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead in %s on line %d bool(true) bool(true) + +Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead in %s on line %d bool(true) bool(true) diff --git a/ext/curl/tests/bug63795.phpt b/ext/curl/tests/bug63795.phpt new file mode 100644 index 000000000..798faa68f --- /dev/null +++ b/ext/curl/tests/bug63795.phpt @@ -0,0 +1,34 @@ +--TEST-- +Bug #63795 (CURL >= 7.28.0 no longer support value 1 for CURLOPT_SSL_VERIFYHOST) +--SKIPIF-- +<?php +if (!extension_loaded("curl")) { + exit("skip curl extension not loaded"); +} +$curl_version = curl_version(); +if ($curl_version['version_number'] < 0x071c01) { + exit("skip: test valid for libcurl >= 7.28.1"); +} +?> +--FILE-- +<?php +$ch = curl_init(); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false)); +/* Case that should throw an error */ +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2)); + +curl_close($ch); +?> +--EXPECTF-- +bool(true) + +Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead in %s on line %d +bool(true) +bool(true) + +Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead in %s on line %d +bool(true) +bool(true) diff --git a/ext/curl/tests/curl_multi_segfault.phpt b/ext/curl/tests/curl_multi_segfault.phpt new file mode 100644 index 000000000..dde818941 --- /dev/null +++ b/ext/curl/tests/curl_multi_segfault.phpt @@ -0,0 +1,56 @@ +--TEST-- +Segfault due to libcurl connection caching +--CREDITS-- +--SKIPIF-- +<?php +if (!extension_loaded("curl")) exit("skip curl extension not loaded"); +if (false === getenv('PHP_CURL_FTP_REMOTE_SERVER')) exit("skip PHP_CURL_FTP_REMOTE_SERVER env variable is not defined"); +if (false === getenv('PHP_CURL_FTP_REMOTE_USER')) exit("skip PHP_CURL_FTP_REMOTE_USER env variable is not defined"); +if (false === getenv('PHP_CURL_FTP_REMOTE_PASSWD')) exit("skip PHP_CURL_FTP_REMOTE_PASSWD env variable is not defined"); +?> +--FILE-- +<?php + $host = getenv('PHP_CURL_FTP_REMOTE_SERVER'); + $username = getenv('PHP_CURL_FTP_REMOTE_USER'); + $password = getenv('PHP_CURL_FTP_REMOTE_PASSWD'); + + // FTP this script to a server + $fp = fopen ( __FILE__ , "r" ); + $url = "ftp://$username:$password@$host/" ; + + $ch = curl_init (); + + curl_setopt ( $ch , CURLOPT_URL, $url ); + curl_setopt ( $ch , CURLOPT_RETURNTRANSFER, 1 ); + + //force passive connection + curl_setopt ( $ch , CURLOPT_FTP_USE_EPSV, 0 ); + curl_setopt ( $ch , CURLOPT_FTP_SKIP_PASV_IP, 1 ); + + $cmh = curl_multi_init(); + curl_multi_add_handle($cmh, $ch); + + $active = null; + + do { + $mrc = curl_multi_exec($cmh, $active); + } while ($mrc == CURLM_CALL_MULTI_PERFORM); + + + while ($active && $mrc == CURLM_OK) { + if (curl_multi_select($cmh) != -1) { + do { + $mrc = curl_multi_exec($cmh, $active); + } while ($mrc == CURLM_CALL_MULTI_PERFORM); + } + } + + var_dump(is_string(curl_multi_getcontent($ch))); + curl_multi_remove_handle($cmh, $ch); + curl_close($ch); + curl_multi_close($cmh); +?> +===DONE=== +--EXPECTF-- +bool(true) +===DONE=== |