PHP :: Bug #50489

Return to Bug #50489
Patch php-5.3.3_fopen_https_proxy_auth_fix	revision 2010-11-22 10:45 UTC by bruno dot premont at restena dot lu

Patch php-5.3.3_fopen_https_proxy_auth_fix for Streams related Bug #50489

Patch version 2010-11-22 10:45 UTC

Return to Bug #50489 | Download this patch
Patch Revisions:

2010-11-22 10:45 UTC [diff to current]

Developer: bruno.premont@restena.lu

c.f. PHP Bug #50489
     http://bugs.php.net/bug.php?id=50489
--- php-5.3.3-orig/ext/standard/http_fopen_wrapper.c	2010-08-13 09:06:36.000000000 +0000
+++ php-5.3.3/ext/standard/http_fopen_wrapper.c	2010-08-13 09:45:54.000000000 +0000
@@ -201,7 +201,56 @@ php_stream *php_stream_url_wrap_http_ex(
 		smart_str_appends(&header, resource->host);
 		smart_str_appendc(&header, ':');
 		smart_str_append_unsigned(&header, resource->port);
-		smart_str_appendl(&header, " HTTP/1.0\r\n\r\n", sizeof(" HTTP/1.0\r\n\r\n")-1);
+		smart_str_appendl(&header, " HTTP/1.0\r\n", sizeof(" HTTP/1.0\r\n")-1);
+		if (context && php_stream_context_get_option(context, "http", "header", &tmpzval) == SUCCESS) {
+			/* Look out for ProxyAuthentication header, appending it */
+			tmp = NULL;
+		
+			if (Z_TYPE_PP(tmpzval) == IS_ARRAY) {
+				HashPosition pos;
+				zval **tmpheader = NULL;
+				smart_str tmpstr = {0};
+
+				for (zend_hash_internal_pointer_reset_ex(Z_ARRVAL_PP(tmpzval), &pos);
+					SUCCESS == zend_hash_get_current_data_ex(Z_ARRVAL_PP(tmpzval), (void *)&tmpheader, &pos);
+					zend_hash_move_forward_ex(Z_ARRVAL_PP(tmpzval), &pos)
+				) {
+					if (Z_TYPE_PP(tmpheader) == IS_STRING) {
+						smart_str_appendl(&tmpstr, Z_STRVAL_PP(tmpheader), Z_STRLEN_PP(tmpheader));
+						smart_str_appendl(&tmpstr, "\r\n", sizeof("\r\n") - 1);
+					}
+				}
+				smart_str_0(&tmpstr);
+				/* Remove newlines and spaces from start and end. there's at least one extra \r\n at the end that needs to go. */
+				if (tmpstr.c) {
+					tmp = php_trim(tmpstr.c, strlen(tmpstr.c), NULL, 0, NULL, 3 TSRMLS_CC);
+					smart_str_free(&tmpstr);
+				}
+			}
+			if (Z_TYPE_PP(tmpzval) == IS_STRING && Z_STRLEN_PP(tmpzval)) {
+				/* Remove newlines and spaces from start and end php_trim will estrndup() */
+				tmp = php_trim(Z_STRVAL_PP(tmpzval), Z_STRLEN_PP(tmpzval), NULL, 0, NULL, 3 TSRMLS_CC);
+			}
+			if (tmp && strlen(tmp) > 0) {
+				/* Strip Proxy-Authorization header for HTTPS */
+				int l = strlen(tmp);
+				char *s, *s2, *tmp_c = estrdup(tmp);
+				
+				php_strtolower(tmp_c, l);
+				if ((s = strstr(tmp_c, "proxy-authorization:"))) {
+					if ((s2 = memchr(s, '\n', tmp_c + l - s))) {
+						smart_str_appendl(&header, tmp + (s - tmp_c), s2 - s - 1);
+					} else {
+						smart_str_appendl(&header, tmp + (s - tmp_c), tmp_c + l - s);
+					}
+					smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
+				}
+				efree(tmp_c);
+			}
+			if (tmp)
+				efree(tmp);
+		}
+		smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
 		if (php_stream_write(stream, header.c, header.len) != header.len) {
 			php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "Cannot connect to HTTPS server through proxy");
 			php_stream_close(stream);
@@ -363,6 +412,18 @@ php_stream *php_stream_url_wrap_http_ex(
 				char *s, *s2, *tmp_c = estrdup(tmp);
 				
 				php_strtolower(tmp_c, l);
+				if (use_proxy && use_ssl && (s = strstr(tmp_c, "proxy-authorization:"))) {
+					/* Strip Proxy-Authorization header for HTTPS */
+					if ((s2 = memchr(s, '\n', tmp_c + l - s))) {
+						int b = tmp_c + l - 1 - s2;
+						memmove(tmp, tmp + (s2 + 1 - tmp_c), b);
+						memmove(tmp_c, s2 + 1, b);
+						
+					} else {
+						tmp[s - tmp_c] = *s = '\0';
+					}
+					l = strlen(tmp_c);
+				}
 				if ((s = strstr(tmp_c, "content-length:"))) {
 					if ((s2 = memchr(s, '\n', tmp_c + l - s))) {
 						int b = tmp_c + l - 1 - s2;
@@ -385,6 +446,27 @@ php_stream *php_stream_url_wrap_http_ex(
 				tmp_c = php_trim(tmp, strlen(tmp), NULL, 0, NULL, 3 TSRMLS_CC);
 				efree(tmp);
 				tmp = tmp_c;
+			} else if (use_proxy && use_ssl) {
+				/* Strip Proxy-Authorization header for HTTPS */
+				int l = strlen(tmp);
+				char *s, *s2, *tmp_c = estrdup(tmp);
+				
+				php_strtolower(tmp_c, l);
+				if ((s = strstr(tmp_c, "proxy-authorization:"))) {
+					if ((s2 = memchr(s, '\n', tmp_c + l - s))) {
+						int b = tmp_c + l - 1 - s2;
+						memmove(tmp, tmp + (s2 + 1 - tmp_c), b);
+						memmove(tmp_c, s2 + 1, b);
+						
+					} else {
+						tmp[s - tmp_c] = *s = '\0';
+					}
+					l = strlen(tmp_c);
+				}
+				efree(tmp_c);
+				tmp_c = php_trim(tmp, strlen(tmp), NULL, 0, NULL, 3 TSRMLS_CC);
+				efree(tmp);
+				tmp = tmp_c;
 			}
 
 			user_headers = estrdup(tmp);

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat May 04 07:01:31 2024 UTC