From da79735adbc6acdd2d4f99c4891906e906a1beb4 Mon Sep 17 00:00:00 2001
From: Michael Wallner <mike@php.net>
Date: Mon, 13 Jul 2015 16:44:26 +0200
Subject: [PATCH] add recent curl options

---
 config9.m4             | 74 +++++++++++++++++++++---------------------
 package.xml            |  3 ++
 php_http_client_curl.c | 15 ++++++++-
 3 files changed, 54 insertions(+), 38 deletions(-)

diff --git a/config9.m4 b/config9.m4
index 356fb81..dcf193b 100644
--- a/config9.m4
+++ b/config9.m4
@@ -93,6 +93,34 @@ if test "$PHP_HTTP" != "no"; then
 		fi
 	])
 	
+	dnl
+	dnl HTTP_CURL_SSL_LIB_CHECK(ssllib[, code-if-yes[, code-if-not])
+	dnl
+	AC_DEFUN([HTTP_CURL_SSL_LIB_CHECK], [
+		AC_MSG_CHECKING([for $1 support in libcurl])
+		AC_TRY_RUN([
+			#include <curl/curl.h>
+			int main(int argc, char *argv[]) {
+				curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
+				if (data && data->ssl_version && *data->ssl_version) {
+					const char *ptr = data->ssl_version;
+					while(*ptr == ' ') ++ptr;
+					return strncasecmp(ptr, "$1", sizeof("$1")-1);
+				}
+				return 1;
+			}
+		], [
+			AC_MSG_RESULT([yes])
+			$2
+		], [
+			AC_MSG_RESULT([no])
+			$3
+		], [
+			AC_MSG_RESULT([no])
+			$3
+		])
+	])
+	
 
 dnl ----
 dnl STDC
@@ -288,58 +316,30 @@ dnl ----
 				AC_MSG_RESULT([yes])
 				AC_DEFINE([PHP_HTTP_HAVE_SSL], [1], [ ])
 			
-				AC_MSG_CHECKING([for openssl support in libcurl])
-				AC_TRY_RUN([
-					#include <curl/curl.h>
-					int main(int argc, char *argv[]) {
-						curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
-						if (data && data->ssl_version && *data->ssl_version) {
-							const char *ptr = data->ssl_version;
-							while(*ptr == ' ') ++ptr;
-							return strncasecmp(ptr, "OpenSSL", sizeof("OpenSSL")-1);
-						}
-						return 1;
-					}
-				], [
-					AC_MSG_RESULT([yes])
+				HTTP_CURL_SSL_LIB_CHECK(OpenSSL, [
 					AC_CHECK_HEADER([openssl/ssl.h], [
 						AC_CHECK_HEADER([openssl/crypto.h], [
 							AC_DEFINE([PHP_HTTP_HAVE_OPENSSL], [1], [ ])
 							CURL_SSL_LIBS="ssl crypto"
 						])
 					])
-				], [
-					AC_MSG_RESULT([no])
-				], [
-					AC_MSG_RESULT([no])
 				])
-			
-				AC_MSG_CHECKING([for gnutls support in libcurl])
-				AC_TRY_RUN([
-					#include <curl/curl.h>
-					int main(int argc, char *argv[]) {
-						curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
-						if (data && data->ssl_version && *data->ssl_version) {
-							const char *ptr = data->ssl_version;
-							while(*ptr == ' ') ++ptr;
-							return strncasecmp(ptr, "GnuTLS", sizeof("GnuTLS")-1);
-						}
-						return 1;
-					}
-				], [
-					AC_MSG_RESULT([yes])
+				HTTP_CURL_SSL_LIB_CHECK(GnuTLS, [
 					AC_CHECK_HEADER([gnutls.h], [
 						AC_CHECK_HEADER([gcrypt.h], [
 							AC_DEFINE([PHP_HTTP_HAVE_GNUTLS], [1], [ ])
 							CURL_SSL_LIBS="gnutls gcrypt"
 						])
 					])
-				], [
-					AC_MSG_RESULT([no])
-				], [
-					AC_MSG_RESULT([no])
+				])
+				HTTP_CURL_SSL_LIB_CHECK(NSS, [
+					AC_DEFINE([PHP_HTTP_HAVE_NSS], [1], [ ])
+				])
+				HTTP_CURL_SSL_LIB_CHECK(SecureTransport, [
+					AC_DEFINE([PHP_HTTP_HAVE_DARWINSSL], [1], [ ])
 				])
 			else
+				dnl no CURL_SSL
 				AC_MSG_RESULT([no])
 			fi
 			
diff --git a/package.xml b/package.xml
index 1f22d38..6220829 100644
--- a/package.xml
+++ b/package.xml
@@ -48,6 +48,9 @@ http://dev.iworks.at/ext-http/lcov/ext/http/
  <notes><![CDATA[
 * Fixed VC11 build (Jan Erhardt)
 * Fixed gh-issue #2: comparison of obsolete pointers in the header parser (xiaoyjy)
++ SSL certinfo is available for libcurl >= 7.42 with gnutls (openssl has already been since 7.19.1)
++ Added "falsestart" SSL request option (available with libcurl >= 7.42 and darwinssl/NSS)
++ Added "service_name" and "proxy_service_name" request options for SPNEGO (available with libcurl >= 7.43)
 ]]></notes>
  <contents>
   <dir name="/">
diff --git a/php_http_client_curl.c b/php_http_client_curl.c
index 9ebffa3..5443e66 100644
--- a/php_http_client_curl.c
+++ b/php_http_client_curl.c
@@ -528,7 +528,7 @@ static ZEND_RESULT_CODE php_http_curle_get_info(CURL *ch, HashTable *info)
 	}
 #endif
 
-#if PHP_HTTP_CURL_VERSION(7,19,1) && defined(PHP_HTTP_HAVE_OPENSSL)
+#if (PHP_HTTP_CURL_VERSION(7,19,1) && defined(PHP_HTTP_HAVE_OPENSSL)) || (PHP_HTTP_CURL_VERSION(7,42,0) && defined(PHP_HTTP_HAVE_GNUTLS))
 	{
 		int i;
 		zval *ci_array;
@@ -1233,6 +1233,11 @@ static void php_http_curle_options_init(php_http_options_t *registry TSRMLS_DC)
 		opt->setter = php_http_curle_option_set_proxyheader;
 	}
 #endif
+#if PHP_HTTP_CURL_VERSION(7,43,0)
+	if ((opt = php_http_option_register(registry, ZEND_STRL("proxy_service_name"), CURLOPT_PROXY_SERVICE_NAME, IS_STRING))) {
+		opt->flags |= PHP_HTTP_CURLE_OPTION_CHECK_STRLEN;
+	}
+#endif
 
 #if PHP_HTTP_CURL_VERSION(7,40,0)
 	if ((opt = php_http_option_register(registry, ZEND_STRL("unix_socket_path"), CURLOPT_UNIX_SOCKET_PATH, IS_STRING))) {
@@ -1309,6 +1314,11 @@ static void php_http_curle_options_init(php_http_options_t *registry TSRMLS_DC)
 	if ((opt = php_http_option_register(registry, ZEND_STRL("httpauthtype"), CURLOPT_HTTPAUTH, IS_LONG))) {
 		Z_LVAL(opt->defval) = CURLAUTH_ANYSAFE;
 	}
+#if PHP_HTTP_CURL_VERSION(7,43,0)
+	if ((opt = php_http_option_register(registry, ZEND_STRL("service_name"), CURLOPT_SERVICE_NAME, IS_STRING))) {
+		opt->flags |= PHP_HTTP_CURLE_OPTION_CHECK_STRLEN;
+	}
+#endif
 
 	/* redirects */
 	if ((opt = php_http_option_register(registry, ZEND_STRL("redirect"), CURLOPT_FOLLOWLOCATION, IS_LONG))) {
@@ -1515,6 +1525,9 @@ static void php_http_curle_options_init(php_http_options_t *registry TSRMLS_DC)
 		if ((opt = php_http_option_register(registry, ZEND_STRL("tlsauthpass"), CURLOPT_TLSAUTH_PASSWORD, IS_STRING))) {
 			opt->flags |= PHP_HTTP_CURLE_OPTION_CHECK_STRLEN;
 		}
+#endif
+#if PHP_HTTP_CURL_VERSION(7,42,0) && (defined(PHP_HTTP_HAVE_NSS) || defined(PHP_HTTP_HAVE_DARWINSSL))
+		php_http_option_register(registry, ZEND_STRL("falsestart"), CURLOPT_SSL_FALSESTART, IS_BOOL);
 #endif
 	}
 }
-- 
2.30.2