diff options
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | ext/curl/streams.c | 22 |
2 files changed, 24 insertions, 0 deletions
@@ -30,6 +30,8 @@ PHP NEWS - Fixed bug #38265 (heap corruption). (Dmitry) - Fixed bug #38199 (fclose() unable to close STDOUT and STDERR). (Tony) - Fixed bug #33895 (Missing math constants). (Hannes) +- Fixed bug #33770 (https:// or ftps:// do not work when --with-curlwrappers + is used and ssl certificate is not verifiable). (Ilia) - Fixed PECL bug #8112 (OCI8 persistent connections misbehave when Apache process times out). (Tony) diff --git a/ext/curl/streams.c b/ext/curl/streams.c index f4aeded3e9..ef41a2dc69 100644 --- a/ext/curl/streams.c +++ b/ext/curl/streams.c @@ -301,6 +301,17 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, /* TODO: read cookies and options from context */ if (context && !strncasecmp(filename, "http", sizeof("http")-1)) { + if (SUCCESS == php_stream_context_get_option(context, "http", "curl_verify_ssl_host", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 1); + } else { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 0); + } + if (SUCCESS == php_stream_context_get_option(context, "http", "curl_verify_ssl_peer", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 1); + } else { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 0); + } + /* HTTP(S) */ if (SUCCESS == php_stream_context_get_option(context, "http", "user_agent", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_STRING) { curl_easy_setopt(curlstream->curl, CURLOPT_USERAGENT, Z_STRVAL_PP(ctx_opt)); @@ -364,6 +375,17 @@ php_stream *php_curl_stream_opener(php_stream_wrapper *wrapper, char *filename, } curl_easy_setopt(curlstream->curl, CURLOPT_MAXREDIRS, 20L); } + } else if (context && !strncasecmp(filename, "ftps", sizeof("ftps")-1)) { + if (SUCCESS == php_stream_context_get_option(context, "ftp", "curl_verify_ssl_host", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 1); + } else { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 0); + } + if (SUCCESS == php_stream_context_get_option(context, "ftp", "curl_verify_ssl_peer", &ctx_opt) && Z_TYPE_PP(ctx_opt) == IS_BOOL && Z_LVAL_PP(ctx_opt) == 1) { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 1); + } else { + curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 0); + } } /* prepare for "pull" mode */ |