From: Michael Wallner Date: Sun, 5 Feb 2006 21:53:47 +0000 (+0000) Subject: - fix ssl options X-Git-Tag: RELEASE_0_23_0~31 X-Git-Url: https://git.m6w6.name/?a=commitdiff_plain;h=eeb93322c9e734419c7d671a7806cbd0df4109a5;p=m6w6%2Fext-http - fix ssl options - update http_get docs --- diff --git a/http_functions.c b/http_functions.c index f03398c..548788a 100644 --- a/http_functions.c +++ b/http_functions.c @@ -1154,7 +1154,6 @@ PHP_FUNCTION(http_match_request_header) * - httpauth: string, http credentials in "user:pass" format * - httpauthtype: int, HTTP_AUTH_BASIC, DIGEST and/or NTLM * - compress: bool, whether to allow gzip/deflate content encoding - * (defaults to true) * - port: int, use another port as specified in the url * - referer: string, the referer to send * - useragent: string, the user agent to send @@ -1169,9 +1168,26 @@ PHP_FUNCTION(http_match_request_header) * - maxfilesize: int, maximum file size that should be downloaded; * has no effect, if the size of the requested entity is not known * - lastmodified: int, timestamp for If-(Un)Modified-Since header + * - etag: string, quoted etag for If-(None-)Match header * - timeout: int, seconds the request may take * - connecttimeout: int, seconds the connect may take * - onprogress: mixed, progress callback + * - ssl: array, with the following options: + * cert: string, path to certificate + * certtype: string, type of certificate + * certpasswd: string, password for certificate + * key: string, path to key + * keytype: string, type of key + * keypasswd: string, pasword for key + * engine: string, ssl engine to use + * version: int, ssl version to use + * verifypeer: bool, whether to verify the peer + * verifyhost: bool whether to verify the host + * cipher_list: string, list of allowed ciphers + * cainfo: string + * capath: string + * random_file: string + * egdsocket: string * * * The optional third parameter will be filled with some additional information diff --git a/http_request_api.c b/http_request_api.c index c80b80b..308212c 100644 --- a/http_request_api.c +++ b/http_request_api.c @@ -244,10 +244,15 @@ PHP_MSHUTDOWN_FUNCTION(http_request) #define HTTP_CURL_OPT(OPTION, p) HTTP_CURL_OPT_EX(request->ch, OPTION, (p)) #define HTTP_CURL_OPT_EX(ch, OPTION, p) curl_easy_setopt((ch), OPTION, (p)) -#define HTTP_CURL_OPT_STRING(keyname, obdc) HTTP_CURL_OPT_STRING_EX(keyname, keyname, obdc) + +#define HTTP_CURL_OPT_STRING(OPTION, ldiff, obdc) \ + { \ + char *K = #OPTION; \ + HTTP_CURL_OPT_STRING_EX(K+lenof("CURLOPT_KEY")+ldiff, OPTION, obdc); \ + } #define HTTP_CURL_OPT_STRING_EX(keyname, optname, obdc) \ - if (!strcasecmp(key, #keyname)) { \ - zval *copy = http_request_option_cache(request, #keyname, zval_copy(IS_STRING, *param)); \ + if (!strcasecmp(key, keyname)) { \ + zval *copy = http_request_option_cache(request, keyname, zval_copy(IS_STRING, *param)); \ if (obdc) { \ HTTP_CHECK_OPEN_BASEDIR(Z_STRVAL_P(copy), return FAILURE); \ } \ @@ -255,10 +260,14 @@ PHP_MSHUTDOWN_FUNCTION(http_request) key = NULL; \ continue; \ } -#define HTTP_CURL_OPT_LONG(keyname) HTTP_CURL_OPT_LONG_EX(keyname, keyname) +#define HTTP_CURL_OPT_LONG(OPTION, ldiff) \ + { \ + char *K = #OPTION; \ + HTTP_CURL_OPT_LONG_EX(K+lenof("CURLOPT_KEY")+ldiff, OPTION); \ + } #define HTTP_CURL_OPT_LONG_EX(keyname, optname) \ - if (!strcasecmp(key, #keyname)) { \ - zval *copy = http_request_option_cache(request, #keyname, zval_copy(IS_LONG, *param)); \ + if (!strcasecmp(key, keyname)) { \ + zval *copy = http_request_option_cache(request, keyname, zval_copy(IS_LONG, *param)); \ HTTP_CURL_OPT(optname, Z_LVAL_P(copy)); \ key = NULL; \ continue; \ @@ -688,7 +697,7 @@ PHP_HTTP_API STATUS _http_request_prepare(http_request *request, HashTable *opti HTTP_CURL_OPT(CURLOPT_TIMEOUT, Z_LVAL_P(zoption)); } - /* connecttimeout, defaults to 3 */ + /* connecttimeout, defaults to 0 */ if ((zoption = http_request_option(request, options, "connecttimeout", IS_LONG))) { HTTP_CURL_OPT(CURLOPT_CONNECTTIMEOUT, Z_LVAL_P(zoption)); } @@ -702,25 +711,25 @@ PHP_HTTP_API STATUS _http_request_prepare(http_request *request, HashTable *opti FOREACH_KEYVAL(pos, zoption, key, idx, param) { if (key) { - HTTP_CURL_OPT_STRING(CURLOPT_SSLCERT, 1); - HTTP_CURL_OPT_STRING(CURLOPT_SSLCERTTYPE, 0); - HTTP_CURL_OPT_STRING(CURLOPT_SSLCERTPASSWD, 0); + HTTP_CURL_OPT_STRING(CURLOPT_SSLCERT, 0, 1); + HTTP_CURL_OPT_STRING(CURLOPT_SSLCERTTYPE, 0, 0); + HTTP_CURL_OPT_STRING(CURLOPT_SSLCERTPASSWD, 0, 0); - HTTP_CURL_OPT_STRING(CURLOPT_SSLKEY, 0); - HTTP_CURL_OPT_STRING(CURLOPT_SSLKEYTYPE, 0); - HTTP_CURL_OPT_STRING(CURLOPT_SSLKEYPASSWD, 0); + HTTP_CURL_OPT_STRING(CURLOPT_SSLKEY, 0, 0); + HTTP_CURL_OPT_STRING(CURLOPT_SSLKEYTYPE, 0, 0); + HTTP_CURL_OPT_STRING(CURLOPT_SSLKEYPASSWD, 0, 0); - HTTP_CURL_OPT_STRING(CURLOPT_SSLENGINE, 0); - HTTP_CURL_OPT_LONG(CURLOPT_SSLVERSION); + HTTP_CURL_OPT_STRING(CURLOPT_SSLENGINE, 0, 0); + HTTP_CURL_OPT_LONG(CURLOPT_SSLVERSION, 0); - HTTP_CURL_OPT_LONG(CURLOPT_SSL_VERIFYPEER); - HTTP_CURL_OPT_LONG(CURLOPT_SSL_VERIFYHOST); - HTTP_CURL_OPT_STRING(CURLOPT_SSL_CIPHER_LIST, 0); + HTTP_CURL_OPT_LONG(CURLOPT_SSL_VERIFYPEER, 1); + HTTP_CURL_OPT_LONG(CURLOPT_SSL_VERIFYHOST, 1); + HTTP_CURL_OPT_STRING(CURLOPT_SSL_CIPHER_LIST, 1, 0); - HTTP_CURL_OPT_STRING(CURLOPT_CAINFO, 1); - HTTP_CURL_OPT_STRING(CURLOPT_CAPATH, 1); - HTTP_CURL_OPT_STRING(CURLOPT_RANDOM_FILE, 1); - HTTP_CURL_OPT_STRING(CURLOPT_EGDSOCKET, 1); + HTTP_CURL_OPT_STRING(CURLOPT_CAINFO, -3, 1); + HTTP_CURL_OPT_STRING(CURLOPT_CAPATH, -3, 1); + HTTP_CURL_OPT_STRING(CURLOPT_RANDOM_FILE, -3, 1); + HTTP_CURL_OPT_STRING(CURLOPT_EGDSOCKET, -3, 1); /* reset key */ key = NULL;