From 03848def2b38db9a52ab905405d9ea9ffd130e85 Mon Sep 17 00:00:00 2001 From: Michael Wallner Date: Fri, 21 Oct 2005 09:48:26 +0000 Subject: [PATCH] - eliminate warinings in encoding api - improve configure check for curl ssl support - introduce untested gnutls thread safe crypto locking callbacks --- config.m4 | 40 +++++++++---- http_encoding_api.c | 16 ++--- http_request_api.c | 138 +++++++++++++++++++++++++++++++++----------- 3 files changed, 142 insertions(+), 52 deletions(-) diff --git a/config.m4 b/config.m4 index 21e5b7a..81818fb 100644 --- a/config.m4 +++ b/config.m4 @@ -21,13 +21,7 @@ if test "$PHP_HTTP" != "no"; then dnl ------- dnl NETDB.H dnl ------- - AC_MSG_CHECKING(for netdb.h) - if test -r /usr/include/netdb.h -o -r /usr/local/include/netdb.h; then - AC_DEFINE(HAVE_NETDB_H, 1, [Have netdb.h]) - AC_MSG_RESULT(found in default path) - else - AC_MSG_RESULT(not found in default path) - fi + AC_CHECK_HEADERS([netdb.h]) dnl ---- dnl ZLIB @@ -85,13 +79,39 @@ dnl ---- AC_MSG_RESULT([found: $CURL_CONFIG]) fi + CURL_LIBS=`$CURL_CONFIG --libs` + + AC_MSG_CHECKING([for SSL support in libcurl]) CURL_SSL=`$CURL_CONFIG --features | $EGREP SSL` if test "$CURL_SSL" == "SSL"; then + AC_MSG_RESULT([yes]) AC_DEFINE([HTTP_HAVE_SSL], [1], [ ]) + + AC_MSG_CHECKING([for SSL library used]) + CURL_SSL_FLAVOUR= + for i in $CURL_LIBS; do + if test "$i" == "-lssl"; then + CURL_SSL_FLAVOUR="openssl" + AC_MSG_RESULT([openssl]) + AC_DEFINE([HTTP_HAVE_OPENSSL], [1], [ ]) + AC_CHECK_HEADERS([openssl/crypto.h]) + break + elif test "$i" == "-lgnutls"; then + CURL_SSL_FLAVOUR="gnutls" + AC_MSG_RESULT([gnutls]) + AC_DEFINE([HTTP_HAVE_GNUTLS], [1], [ ]) + AC_CHECK_HEADERS([gcrypt.h]) + break + fi + done + if test -z "$CURL_SSL_FLAVOUR"; then + AC_MSG_RESULT([unknown!]) + AC_MSG_WARN([Could not determine the type of SSL library used!]) + AC_MSG_WARN([Building will fail in ZTS mode!]) + fi + else + AC_MSG_RESULT([no]) fi - AC_CHECK_HEADERS([openssl/crypto.h]) - - CURL_LIBS=`$CURL_CONFIG --libs` PHP_ADD_INCLUDE($CURL_DIR/include) PHP_ADD_LIBRARY_WITH_PATH(curl, $CURL_DIR/$PHP_LIBDIR, HTTP_SHARED_LIBADD) diff --git a/http_encoding_api.c b/http_encoding_api.c index d1ce3da..ccf52d3 100644 --- a/http_encoding_api.c +++ b/http_encoding_api.c @@ -126,7 +126,7 @@ inline void http_init_gzencode_buffer(z_stream *Z, const char *data, size_t data *buf_ptr = emalloc(HTTP_ENCODING_BUFLEN(data_len) + sizeof(http_encoding_gzip_header) + HTTP_ENCODING_SAFPAD); memcpy(*buf_ptr, http_encoding_gzip_header, sizeof(http_encoding_gzip_header)); - Z->next_out = *buf_ptr + sizeof(http_encoding_gzip_header); + Z->next_out = (Bytef *) *buf_ptr + sizeof(http_encoding_gzip_header); } inline void http_init_deflate_buffer(z_stream *Z, const char *data, size_t data_len, char **buf_ptr) @@ -141,7 +141,7 @@ inline void http_init_deflate_buffer(z_stream *Z, const char *data, size_t data_ Z->avail_out = HTTP_ENCODING_BUFLEN(data_len) - 1; Z->next_out = emalloc(HTTP_ENCODING_BUFLEN(data_len)); - *buf_ptr = Z->next_out; + *buf_ptr = (char *) Z->next_out; } inline void http_init_uncompress_buffer(size_t data_len, char **buf_ptr, size_t *buf_len, int *iteration) @@ -172,7 +172,7 @@ inline void http_init_inflate_buffer(z_stream *Z, const char *data, size_t data_ Z->next_in = (Bytef *) data; Z->avail_in = data_len; Z->avail_out = *buf_len; - Z->next_out = *buf_ptr; + Z->next_out = (Bytef *) *buf_ptr; } inline size_t http_finish_buffer(size_t buf_len, char **buf_ptr) @@ -257,7 +257,7 @@ inline STATUS http_verify_gzencode_buffer(const char *data, size_t data_len, con cmp += (unsigned) ((data[offset-1] & 0xFF) << 8); crc = crc32(0L, Z_NULL, 0); - crc = crc32(crc, data, sizeof(http_encoding_gzip_header)); + crc = crc32(crc, (const Bytef *) data, sizeof(http_encoding_gzip_header)); if (cmp != (crc & 0xFFFF)) { http_error_ex(error_level TSRMLS_CC, HTTP_E_ENCODING, "GZIP headers CRC checksums so not match (%lu, %lu)", cmp, crc & 0xFFFF); @@ -422,7 +422,7 @@ PHP_HTTP_API STATUS _http_encoding_compress(int level, const char *data, size_t *encoded = emalloc(*encoded_len = HTTP_ENCODING_BUFLEN(data_len)); - if (Z_OK == (status = compress2(*encoded, encoded_len, data, data_len, level))) { + if (Z_OK == (status = compress2((Bytef *) *encoded, (uLongf *) encoded_len, (const Bytef *) data, data_len, level))) { http_finish_buffer(*encoded_len, encoded); return SUCCESS; } @@ -476,7 +476,7 @@ PHP_HTTP_API STATUS _http_encoding_uncompress(const char *data, size_t data_len, do { http_init_uncompress_buffer(data_len, decoded, decoded_len, &max); - if (Z_OK == (status = uncompress(*decoded, decoded_len, data, data_len))) { + if (Z_OK == (status = uncompress((Bytef *) *decoded, (uLongf *) decoded_len, (const Bytef *) data, data_len))) { http_finish_buffer(*decoded_len, decoded); return SUCCESS; } @@ -525,7 +525,7 @@ PHP_HTTP_API STATUS _http_encoding_stream_update(http_encoding_stream *s, const s->Z.next_in = (Bytef *) data; s->Z.avail_in = data_len; - s->Z.next_out = *encoded; + s->Z.next_out = (Bytef *) *encoded; s->Z.avail_out = *encoded_len; status = deflate(&s->Z, Z_SYNC_FLUSH); @@ -549,7 +549,7 @@ PHP_HTTP_API STATUS _http_encoding_stream_finish(http_encoding_stream *s, char * *encoded_len = 1024; *encoded = emalloc(*encoded_len); - s->Z.next_out = *encoded; + s->Z.next_out = (Bytef *) *encoded; s->Z.avail_out = *encoded_len; if (Z_STREAM_END != (status = deflate(&s->Z, Z_FINISH)) || Z_OK != (status = deflateEnd(&s->Z))) { diff --git a/http_request_api.c b/http_request_api.c index 85bbb17..b16957c 100644 --- a/http_request_api.c +++ b/http_request_api.c @@ -22,15 +22,6 @@ #ifdef HTTP_HAVE_CURL -#if defined(ZTS) && defined(HTTP_HAVE_SSL) -# if !defined(HAVE_OPENSSL_CRYPTO_H) -# error "libcurl was compiled with OpenSSL support, but we have no openssl/crypto.h" -# else -# define HTTP_NEED_SSL -# include -# endif -#endif - #include "php_http.h" #include "php_http_std_defs.h" #include "php_http_api.h" @@ -49,23 +40,62 @@ #include +/* + * cruft for thread safe SSL crypto locks + */ +#if defined(ZTS) && defined(HTTP_HAVE_SSL) +# ifdef PHP_WIN32 +# define HTTP_NEED_SSL_TSL +# define HTTP_NEED_OPENSSL_TSL +# include +# else /* !PHP_WIN32 */ +# define HTTP_NEED_SSL_TSL +# if defined(HTTP_HAVE_OPENSSL) +# if defined(HAVE_OPENSSL_CRYPTO_H) +# define HTTP_NEED_OPENSSL_TSL +# include +# else +# warning \ + "libcurl was compiled with OpenSSL support, but configure could not find " \ + "openssl/crypto.h; thus no SSL crypto locking callbacks will be set, which may " \ + "cause random crashes on SSL requests" +# endif +# elif defined(HTTP_HAVE_GNUTLS) +# if defined(HAVE_GCRYPT_H) +# define HTTP_NEED_GNUTLS_TSL +# include +# else +# warning \ + "libcurl was compiled with GnuTLS support, but configure could not find " \ + "gcrypt.h; thus no SSL crypto locking callbacks will be set, which may " \ + "cause random crashes on SSL requests" +# endif +# else +# warning \ + "libcurl was compiled with SSL support, but configure could not determine which" \ + "library was used; thus no SSL crypto locking callbacks will be set, which may " \ + "cause random crashes on SSL requests" +# endif /* HTTP_HAVE_OPENSSL || HTTP_HAVE_GNUTLS */ +# endif /* PHP_WIN32 */ +#endif /* ZTS && HTTP_HAVE_SSL */ + ZEND_EXTERN_MODULE_GLOBALS(http); -#ifdef HTTP_NEED_SSL -static inline zend_bool http_ssl_init(void); +#ifdef HTTP_NEED_SSL_TSL +static inline void http_ssl_init(void); static inline void http_ssl_cleanup(void); #endif PHP_MINIT_FUNCTION(http_request) { +#ifdef HTTP_NEED_SSL_TSL + http_ssl_init(); +#endif + if (CURLE_OK != curl_global_init(CURL_GLOBAL_ALL)) { return FAILURE; } -#ifdef HTTP_NEED_SSL - http_ssl_init(); -#endif - #if LIBCURL_VERSION_NUM >= 0x070a05 HTTP_LONG_CONSTANT("HTTP_AUTH_BASIC", CURLAUTH_BASIC); HTTP_LONG_CONSTANT("HTTP_AUTH_DIGEST", CURLAUTH_DIGEST); @@ -79,7 +109,7 @@ PHP_MINIT_FUNCTION(http_request) PHP_MSHUTDOWN_FUNCTION(http_request) { curl_global_cleanup(); -#ifdef HTTP_NEED_SSL +#ifdef HTTP_NEED_SSL_TSL http_ssl_cleanup(); #endif return SUCCESS; @@ -867,7 +897,7 @@ static inline zval *_http_curl_getopt_ex(HashTable *options, char *key, size_t k } /* }}} */ -#ifdef HTTP_NEED_SSL +#ifdef HTTP_NEED_OPENSSL_TSL static MUTEX_T *http_ssl_mutex = NULL; @@ -885,26 +915,18 @@ static unsigned long http_ssl_id(void) return (unsigned long) tsrm_thread_id(); } -static inline zend_bool http_ssl_init(void) +static inline void http_ssl_init(void) { - curl_version_info_data *cvid = curl_version_info(CURLVERSION_NOW); + int i, c = CRYPTO_num_locks(); - if (cvid && (cvid->features & CURL_VERSION_SSL)) { - int i, c = CRYPTO_num_locks(); - - http_ssl_mutex = malloc(c * sizeof(MUTEX_T)); - - for (i = 0; i < c; ++i) { - http_ssl_mutex[i] = tsrm_mutex_alloc(); - } - - CRYPTO_set_id_callback(http_ssl_id); - CRYPTO_set_locking_callback(http_ssl_lock); - - return 1; + http_ssl_mutex = malloc(c * sizeof(MUTEX_T)); + + for (i = 0; i < c; ++i) { + http_ssl_mutex[i] = tsrm_mutex_alloc(); } - return 0; + CRYPTO_set_id_callback(http_ssl_id); + CRYPTO_set_locking_callback(http_ssl_lock); } static inline void http_ssl_cleanup(void) @@ -923,7 +945,55 @@ static inline void http_ssl_cleanup(void) http_ssl_mutex = NULL; } } -#endif /* HTTP_NEED_SSL */ +#endif /* HTTP_NEED_OPENSSL_TSL */ + +#ifdef HTTP_NEED_GNUTLS_TSL + +static int http_ssl_mutex_create(void **m) +{ + if (*((MUTEX_T **) m) = tsrm_mutex_alloc()) { + return SUCCESS; + } else { + return FAILURE; + } +} + +static int http_ssl_mutex_destroy(void **m) +{ + tsrm_mutex_free(*((MUTEX_T **) m)); + return SUCCESS; +} + +static int http_ssl_mutex_lock(void **m) +{ + return tsrm_mutex_lock(*((MUTEX_T **) m)); +} + +static int http_ssl_mutex_unlock(void **m) +{ + return tsrm_mutex_unlock(*((MUTEX_T **) m)); +} + +static struct gcry_thread_cbs http_ssl_callbacks = { + GCRY_THREAD_OPTIONS_USER, + NULL, + http_ssl_mutex_create, + http_ssl_mutex_destroy, + http_ssl_mutex_lock, + http_ssl_mutex_unlock +}; + +static inline void http_ssl_init(void) +{ + gcry_control(GCRYCTL_SET_THREAD_CBS, &http_ssl_callbacks); +} + +static inline void http_ssl_cleanup(void) +{ + return; +} + +#endif /* HTTP_NEED_GNUTLS_TSL */ static inline void _http_curl_defaults(CURL *ch) { -- 2.30.2