From 19b186b70c9fa66bd6086d719d710a0994c3f63a Mon Sep 17 00:00:00 2001
From: Michael Wallner <mike@php.net>
Date: Thu, 5 Feb 2015 15:22:17 +0100
Subject: [PATCH] tlsauth SSL request option support

---
 config9.m4             | 31 +++++++++++++++++++++++++++++++
 php_http_client_curl.c | 38 ++++++++++++++++++++++++++++++++++++++
 tests/client012.phpt   |  8 ++++----
 3 files changed, 73 insertions(+), 4 deletions(-)

diff --git a/config9.m4 b/config9.m4
index 8476d97..20e7d6c 100644
--- a/config9.m4
+++ b/config9.m4
@@ -304,6 +304,37 @@ dnl ----
 			], [
 				AC_MSG_RESULT([no])
 			])
+			
+			AC_MSG_CHECKING([whether CURLOPT_TLSAUTH_TYPE expects CURL_TLSAUTH_SRP or literal "SRP"])
+			AC_TRY_RUN([
+				#include <curl/curl.h>
+				int main(int argc, char *argv[]) {
+					CURL *ch = curl_easy_init();
+					return curl_easy_setopt(ch, CURLOPT_TLSAUTH_TYPE, CURL_TLSAUTH_SRP);
+				}
+			], [
+				AC_MSG_RESULT([CURL_TLSAUTH_SRP])
+				AC_DEFINE([PHP_HTTP_CURL_TLSAUTH_SRP], [CURL_TLSAUTH_SRP], [ ])
+				AC_DEFINE([PHP_HTTP_CURL_TLSAUTH_DEF], [CURL_TLSAUTH_NONE], [ ])
+			], [
+				AC_TRY_RUN([
+					#include <curl/curl.h>
+					int main(int argc, char *argv[]) {
+						CURL *ch = curl_easy_init();
+						return curl_easy_setopt(ch, CURLOPT_TLSAUTH_TYPE, "SRP");
+					}
+				], [
+					AC_MSG_RESULT(["SRP"])
+					AC_DEFINE([PHP_HTTP_CURL_TLSAUTH_SRP], ["SRP"], [ ])
+					AC_DEFINE([PHP_HTTP_CURL_TLSAUTH_DEF], [""], [ ])
+				], [
+					AC_MSG_RESULT([neither])
+				], [
+					AC_MSG_RESULT([neither])
+				])			
+			], [
+				AC_MSG_RESULT([neither])
+			])
 		
 			INCLUDES="$save_INCLUDES"
 			LIBS="$save_LIBS"
diff --git a/php_http_client_curl.c b/php_http_client_curl.c
index c6e80b4..cf84772 100644
--- a/php_http_client_curl.c
+++ b/php_http_client_curl.c
@@ -1163,6 +1163,30 @@ static STATUS php_http_curle_option_set_resolve(php_http_option_t *opt, zval *va
 }
 #endif
 
+#if PHP_HTTP_CURL_VERSION(7,21,4)
+static STATUS php_http_curle_option_set_ssl_tlsauthtype(php_http_option_t *opt, zval *val, void *userdata)
+{
+	php_http_client_curl_handler_t *curl = userdata;
+	CURL *ch = curl->handle;
+
+	if (val && Z_LVAL_P(val)) {
+		switch (Z_LVAL_P(val)) {
+		case CURL_TLSAUTH_SRP:
+			if (CURLE_OK == curl_easy_setopt(ch, CURLOPT_TLSAUTH_TYPE, PHP_HTTP_CURL_TLSAUTH_SRP)) {
+				return SUCCESS;
+			}
+			/* no break */
+		default:
+			return FAILURE;
+		}
+	}
+	if (CURLE_OK != curl_easy_setopt(ch, CURLOPT_TLSAUTH_TYPE, PHP_HTTP_CURL_TLSAUTH_DEF)) {
+		return FAILURE;
+	}
+	return SUCCESS;
+}
+#endif
+
 static void php_http_curle_options_init(php_http_options_t *registry TSRMLS_DC)
 {
 	php_http_option_t *opt;
@@ -1450,6 +1474,17 @@ static void php_http_curle_options_init(php_http_options_t *registry TSRMLS_DC)
 			opt->flags |= PHP_HTTP_CURLE_OPTION_CHECK_STRLEN;
 			opt->flags |= PHP_HTTP_CURLE_OPTION_CHECK_BASEDIR;
 		}
+#endif
+#if PHP_HTTP_CURL_VERSION(7,21,4)
+		if ((opt = php_http_option_register(registry, ZEND_STRL("tlsauthtype"), CURLOPT_TLSAUTH_TYPE, IS_LONG))) {
+			opt->setter = php_http_curle_option_set_ssl_tlsauthtype;
+		}
+		if ((opt = php_http_option_register(registry, ZEND_STRL("tlsauthuser"), CURLOPT_TLSAUTH_USERNAME, IS_STRING))) {
+			opt->flags |= PHP_HTTP_CURLE_OPTION_CHECK_STRLEN;
+		}
+		if ((opt = php_http_option_register(registry, ZEND_STRL("tlsauthpass"), CURLOPT_TLSAUTH_PASSWORD, IS_STRING))) {
+			opt->flags |= PHP_HTTP_CURLE_OPTION_CHECK_STRLEN;
+		}
 #endif
 	}
 }
@@ -2210,6 +2245,9 @@ PHP_MINIT_FUNCTION(http_client_curl)
 	REGISTER_NS_LONG_CONSTANT("http\\Client\\Curl", "SSL_VERSION_SSLv2", CURL_SSLVERSION_SSLv2, CONST_CS|CONST_PERSISTENT);
 	REGISTER_NS_LONG_CONSTANT("http\\Client\\Curl", "SSL_VERSION_SSLv3", CURL_SSLVERSION_SSLv3, CONST_CS|CONST_PERSISTENT);
 	REGISTER_NS_LONG_CONSTANT("http\\Client\\Curl", "SSL_VERSION_ANY", CURL_SSLVERSION_DEFAULT, CONST_CS|CONST_PERSISTENT);
+#if PHP_HTTP_CURL_VERSION(7,21,4)
+	REGISTER_NS_LONG_CONSTANT("http\\Client\\Curl", "TLSAUTH_SRP", CURL_TLSAUTH_SRP, CONST_CS|CONST_PERSISTENT);
+#endif
 
 	/*
 	* DNS IPvX resolving
diff --git a/tests/client012.phpt b/tests/client012.phpt
index ad6c2eb..e4c188c 100644
--- a/tests/client012.phpt
+++ b/tests/client012.phpt
@@ -12,12 +12,12 @@ echo "Test\n";
 
 $client = new http\Client;
 
-$client->setSslOptions(array("verify_peer" => true));
-$client->addSslOptions(array("verify_host" => 2));
+$client->setSslOptions(array("verifypeer" => true));
+$client->addSslOptions(array("verifyhost" => 2));
 var_dump(
 	array(
-		"verify_peer" => true,
-		"verify_host" => 2,
+		"verifypeer" => true,
+		"verifyhost" => 2,
 	) === $client->getSslOptions()
 );
 
-- 
2.30.2