php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52893 Authentication fails due to incorrect string comparison.
Submitted: 2010-09-20 16:21 UTC Modified: -
Votes:2
Avg. Score:4.5 ± 0.5
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: aia21 at cam dot ac dot uk Assigned:
Status: Open Package: SOAP related
PHP Version: 5.2.14 OS: Linux / SLES 10 SP3
Private report: No CVE-ID: None
 [2010-09-20 16:21 UTC] aia21 at cam dot ac dot uk
Description:
------------
Hi, PHP5 was updated from 5.2.5 to 5.2.14 a few days ago in SLES 10 SP3 and our 
SOAP client scripts failed to run after the update giving the error:

SoapClient::SoapClient(https://PLACE_SERVERHOSTNAME_HERE:443/dspace-
ws1.1/Community?xsd=1): failed to open stream: HTTP request failed! HTTP/1.1 401 
Unauthorized

After two days of work I have understood why.  In PHP 5.2.11 code was added that 
strips the authentication credentials from URLs referenced by the WSDL file if 
they do not match the URL of the WSDL file.  The code in question is in php-
5.2.14/ext/soap/php_sdl.c::sdl_set_uri_credentials().  Towards the top of that 
function the code does:


        /* check if we load xsd from the same server */
        s = strstr(ctx->sdl->source, "://");
        if (!s) return;
        s = strchr(s+3, '/');
        l1 = s - ctx->sdl->source;
        s = strstr((char*)uri, "://");
        if (!s) return;
        s = strchr(s+3, '/');
        l2 = s - (char*)uri;
        if (l1 != l2 || memcmp(ctx->sdl->source, uri, l1) != 0) {
                /* another server. clear authentication credentals */

Which causes authentication for us to fail because our WSDL file URL is: 
https://PLACE_SERVERHOSTNAME_HERE/dspace-ws1.1/Community?wsdl whilst the XSD 
referenced inside the WSDL file is https://PLACE_SERVERHOSTNAME_HERE:443/dspace-
ws1.1/Community?xsd=1 so the above string comparison fails.

And indeed if I edit our WSDL URL to include the :443 our scripts work again so 
that is a work around for this problem.

However I believe this is a bug.  The code should be checking for the server 
name only, not including the port number.  It makes no sense to check the port 
number.  So perhaps it should search for ':' and for '/' and use the first one 
found (obviously cannot just search for ':' as that would fail to work for URLs 
that do not specify a port number).

Best regards,

Anton

Test script:
---------------
<?php
# This fails:
$communityWsdl = 'https://PLACE_SERVERHOSTNAME_HERE/dspace-ws1.1/Community?wsdl';
# This works:
#$communityWsdl = 'https://PLACE_SERVERHOSTNAME_HERE:443/dspace-ws1.1/Community?wsdl';
# Where the WSDL contains this line:
# <xsd:import namespace="http://service.webservice.app.dspace.org/" schemaLocation="https://PLACE_SERVERHOSTNAME_HERE:443/dspace-ws1.1/Community?xsd=1"/>
$options = array('login' => "PLACE_USERNAME_HERE",
                'password' => "PLACE_PASSWORD_HERE",
                'authentication' => SOAP_AUTHENTICATION_BASIC,
                'connection_timeout' => 40,
                'trace' => 1);
try {
        $communityService = new SoapClient($GLOBALS['communityWsdl'],
                        $GLOBALS['options']);
} catch (SoapFault $exception) {
        fprintf(STDERR, $exception . "\n");
        exit(1);
}
?>

Expected result:
----------------
Have a valid SoapClient object returned.

Actual result:
--------------
PHP Warning:  
SoapClient::SoapClient(https://PLACE_SERVERHOSTNAME_HERE:443/dspace-
ws1.1/Community?xsd=1): failed to open stream: HTTP request failed! HTTP/1.1 401 
Unauthorized
 in /usr/share/sms/dspace/sms-list-communities.php on line 15
PHP Warning:  SoapClient::SoapClient(): I/O warning : failed to load external 
entity "https://PLACE_SERVERHOSTNAME_HERE:443/dspace-ws1.1/Community?xsd=1" in 
/usr/share/sms/dspace/sms-list-communities.php on line 15
PHP Fatal error:  SOAP-ERROR: Parsing Schema: can't import schema from 
'https://PLACE_SERVERHOSTNAME_HERE:443/dspace-ws1.1/Community?xsd=1' in 
/usr/share/sms/dspace/sms-list-communities.php on line 15
SoapFault exception: [WSDL] SOAP-ERROR: Parsing Schema: can't import schema from 
'https://PLACE_SERVERHOSTNAME_HERE:443/dspace-ws1.1/Community?xsd=1' in 
/usr/share/sms/dspace/sms-list-communities.php:15
Stack trace:
#0 /usr/share/sms/dspace/sms-list-communities.php(15): SoapClient-
>SoapClient('https://soapbox...', Array)
#1 {main}


Patches

Pull Requests

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 14:01:32 2024 UTC