Fixed bug #66891 (Unexpected HTTP 401 after NTLM authentication)

If you set a "WWW-Authenticate" header PHP automatically issues a 401.

http\Env\Response slurps any set headers and re-sends it after sending
the status code, so that PHP might be resetting the status code to 401
because it sees again an WWW-Authenticate header.

Send the status code after any headers to avoid this issue.

diff --git a/package.xml b/package.xml
index 196688852e0a30e929d442d06609b3d98e213447..3e73111c0dee17fc890896d5ddda61eee2fcaa7b 100644 (file)
--- a/package.xml
+++ b/package.xml
@@ -50,6 +50,7 @@ v2: http://dev.iworks.at/ext-http/lcov/ext/http/
  <notes><![CDATA[
 * Fixed bug #68353 (QsoSSL support removed in libcurl 7.39)
 * Fixed bug #68149 (duplicate content-length with libcurl < 7.23)
+* Fixed bug #66891 (Unexpected HTTP 401 after NTLM authentication)
 ]]></notes>
  <contents>
   <dir name="/">

diff --git a/php_http_env_response.c b/php_http_env_response.c
index c155dde3263bde5cba07c77ec108a4f7abd80077..13a35c6af7054803de8760f6cc688ee2745ab954 100644 (file)
--- a/php_http_env_response.c
+++ b/php_http_env_response.c
@@ -329,6 +329,17 @@ static STATUS php_http_env_response_send_head(php_http_env_response_t *r, php_ht
                return ret;
        }
 
+       if ((zoption = get_option(options, ZEND_STRL("headers") TSRMLS_CC))) {
+               if (Z_TYPE_P(zoption) == IS_ARRAY) {
+                       php_http_header_to_callback(Z_ARRVAL_P(zoption), 0, (php_http_pass_format_callback_t) r->ops->set_header, r TSRMLS_CC);
+               }
+               zval_ptr_dtor(&zoption);
+       }
+
+       if (ret != SUCCESS) {
+               return ret;
+       }
+
        if ((zoption = get_option(options, ZEND_STRL("responseCode") TSRMLS_CC))) {
                zval *zoption_copy = php_http_ztyp(IS_LONG, zoption);
 
@@ -359,17 +370,6 @@ static STATUS php_http_env_response_send_head(php_http_env_response_t *r, php_ht
                return ret;
        }
 
-       if ((zoption = get_option(options, ZEND_STRL("headers") TSRMLS_CC))) {
-               if (Z_TYPE_P(zoption) == IS_ARRAY) {
-                       php_http_header_to_callback(Z_ARRVAL_P(zoption), 0, (php_http_pass_format_callback_t) r->ops->set_header, r TSRMLS_CC);
-               }
-               zval_ptr_dtor(&zoption);
-       }
-
-       if (ret != SUCCESS) {
-               return ret;
-       }
-
        if ((zoption = get_option(options, ZEND_STRL("contentType") TSRMLS_CC))) {
                zval *zoption_copy = php_http_ztyp(IS_STRING, zoption);
 

diff --git a/tests/bug66891.phpt b/tests/bug66891.phpt
new file mode 100644 (file)
index 0000000..0fd84f8
--- /dev/null
+++ b/tests/bug66891.phpt
@@ -0,0 +1,18 @@
+--TEST--
+Bug #66891 (Unexpected HTTP 401 after NTLM authentication)
+--SKIPIF--
+<?php
+include "skipif.inc";
+?>
+--GET--
+dummy=1
+--FILE--
+<?php
+header("WWW-Authenticate: none");
+$r = new http\Env\Response;
+$r->setResponseCode(200);
+$r->send();
+var_dump(http_response_code());
+?>
+--EXPECT--
+int(200)
\ No newline at end of file