mike Tue Oct 25 10:32:34 2005 EDT
Modified files: (Branch: PHP_5_1)
/php-src NEWS
/php-src/ext/curl config.m4 config.w32 interface.c
Log:
- MFH: thread safe SSL crypto locks, fixes bug #33760
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.2027.2.157&r2=1.2027.2.158&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.157 php-src/NEWS:1.2027.2.158
--- php-src/NEWS:1.2027.2.157 Mon Oct 24 03:44:11 2005
+++ php-src/NEWS Tue Oct 25 10:32:32 2005
@@ -17,6 +17,8 @@
- Fixed bug #34712 (zend.ze1_compatibility_mode = on segfault). (Dmitry)
- Fixed bug #33829 (mime_content_type() returns text/plain for gzip and bzip
files). (Derick)
+- Fixed bug #33760 (cURL needs to implement CRYPTO_callback functions to
prevent
+ locking). (Mike, Ilia)
- Fixed bug #34623 (Crash in pdo_mysql on longtext fields). (Ilia)
- Fixed bug #31341 (escape on curly inconsistent). (Dmitry)
- Fixed bug #31177 (menory leaks and corruption because of incorrect
http://cvs.php.net/diff.php/php-src/ext/curl/config.m4?r1=1.28&r2=1.28.2.1&ty=u
Index: php-src/ext/curl/config.m4
diff -u php-src/ext/curl/config.m4:1.28 php-src/ext/curl/config.m4:1.28.2.1
--- php-src/ext/curl/config.m4:1.28 Fri May 6 22:51:51 2005
+++ php-src/ext/curl/config.m4 Tue Oct 25 10:32:33 2005
@@ -1,5 +1,5 @@
dnl
-dnl $Id: config.m4,v 1.28 2005/05/07 02:51:51 sniper Exp $
+dnl $Id: config.m4,v 1.28.2.1 2005/10/25 14:32:33 mike Exp $
dnl
PHP_ARG_WITH(curl, for CURL support,
@@ -48,6 +48,38 @@
else
AC_MSG_ERROR(cURL version 7.10.5 or later is required to compile php with
cURL support)
fi
+
+ AC_MSG_CHECKING([for SSL support in libcurl])
+ CURL_SSL=`$CURL_CONFIG --features | $EGREP SSL`
+ if test "$CURL_SSL" == "SSL"; then
+ AC_MSG_RESULT([yes])
+ AC_DEFINE([HAVE_CURL_SSL], [1], [Have cURL with SSL support])
+
+ AC_MSG_CHECKING([for SSL library used])
+ CURL_SSL_FLAVOUR=
+ for i in $CURL_LIBS; do
+ if test "$i" == "-lssl"; then
+ CURL_SSL_FLAVOUR="openssl"
+ AC_MSG_RESULT([openssl])
+ AC_DEFINE([HAVE_CURL_OPENSSL], [1], [Have cURL with OpenSSL support])
+ AC_CHECK_HEADERS([openssl/crypto.h])
+ break
+ elif test "$i" == "-lgnutls"; then
+ CURL_SSL_FLAVOUR="gnutls"
+ AC_MSG_RESULT([gnutls])
+ AC_DEFINE([HAVE_CURL_GNUTLS], [1], [Have cURL with GnuTLS support])
+ AC_CHECK_HEADERS([gcrypt.h])
+ break
+ fi
+ done
+ if test -z "$CURL_SSL_FLAVOUR"; then
+ AC_MSG_RESULT([unknown!])
+ AC_MSG_WARN([Could not determine the type of SSL library used!])
+ AC_MSG_WARN([Building will fail in ZTS mode!])
+ fi
+ else
+ AC_MSG_RESULT([no])
+ fi
PHP_ADD_INCLUDE($CURL_DIR/include)
PHP_EVAL_LIBLINE($CURL_LIBS, CURL_SHARED_LIBADD)
http://cvs.php.net/diff.php/php-src/ext/curl/config.w32?r1=1.3&r2=1.3.4.1&ty=u
Index: php-src/ext/curl/config.w32
diff -u php-src/ext/curl/config.w32:1.3 php-src/ext/curl/config.w32:1.3.4.1
--- php-src/ext/curl/config.w32:1.3 Tue Jan 13 00:30:53 2004
+++ php-src/ext/curl/config.w32 Tue Oct 25 10:32:33 2005
@@ -1,4 +1,4 @@
-// $Id: config.w32,v 1.3 2004/01/13 05:30:53 pollita Exp $
+// $Id: config.w32,v 1.3.4.1 2005/10/25 14:32:33 mike Exp $
// vim:ft=javascript
ARG_WITH("curl", "CURL support", "no");
@@ -12,6 +12,7 @@
CHECK_LIB("winmm.lib", "curl", PHP_CURL)) {
EXTENSION("curl", "interface.c multi.c streams.c");
AC_DEFINE('HAVE_CURL', 1, 'Have CURL library');
+ AC_DEFINE('HAVE_CURL_SSL', 1, 'Have SSL suppurt in CURL');
// TODO: check for curl_version_info
// AC_DEFINE('PHP_CURL_URL_WRAPPERS', 0, 'Use curl for URL
wrappers [experimental]');
} else {
http://cvs.php.net/diff.php/php-src/ext/curl/interface.c?r1=1.62.2.3&r2=1.62.2.4&ty=u
Index: php-src/ext/curl/interface.c
diff -u php-src/ext/curl/interface.c:1.62.2.3
php-src/ext/curl/interface.c:1.62.2.4
--- php-src/ext/curl/interface.c:1.62.2.3 Sun Oct 16 22:43:20 2005
+++ php-src/ext/curl/interface.c Tue Oct 25 10:32:33 2005
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: interface.c,v 1.62.2.3 2005/10/17 02:43:20 iliaa Exp $ */
+/* $Id: interface.c,v 1.62.2.4 2005/10/25 14:32:33 mike Exp $ */
#define ZEND_INCLUDE_FULL_WINDOWS_HEADERS
@@ -44,6 +44,45 @@
#define HttpPost curl_httppost
#endif
+/* {{{ cruft for thread safe SSL crypto locks */
+#if defined(ZTS) && defined(HAVE_CURL_SSL)
+# ifdef PHP_WIN32
+# define PHP_CURL_NEED_SSL_TSL
+# define PHP_CURL_NEED_OPENSSL_TSL
+# include <openssl/crypto.h>
+# else /* !PHP_WIN32 */
+# if defined(HAVE_CURL_OPENSSL)
+# if defined(HAVE_OPENSSL_CRYPTO_H)
+# define PHP_CURL_NEED_SSL_TSL
+# define PHP_CURL_NEED_OPENSSL_TSL
+# include <openssl/crypto.h>
+# else
+# warning \
+ "libcurl was compiled with OpenSSL
support, but configure could not find " \
+ "openssl/crypto.h; thus no SSL crypto
locking callbacks will be set, which may " \
+ "cause random crashes on SSL requests"
+# endif
+# elif defined(HAVE_CURL_GNUTLS)
+# if defined(HAVE_GCRYPT_H)
+# define PHP_CURL_NEED_SSL_TSL
+# define PHP_CURL_NEED_GNUTLS_TSL
+# include <gcrypt.h>
+# else
+# warning \
+ "libcurl was compiled with GnuTLS
support, but configure could not find " \
+ "gcrypt.h; thus no SSL crypto locking
callbacks will be set, which may " \
+ "cause random crashes on SSL requests"
+# endif
+# else
+# warning \
+ "libcurl was compiled with SSL support, but
configure could not determine which" \
+ "library was used; thus no SSL crypto locking
callbacks will be set, which may " \
+ "cause random crashes on SSL requests"
+# endif /* HAVE_CURL_OPENSSL || HAVE_CURL_GNUTLS */
+# endif /* PHP_WIN32 */
+#endif /* ZTS && HAVE_CURL_SSL */
+/* }}} */
+
#define SMART_STR_PREALLOC 4096
#include "ext/standard/php_smart_str.h"
@@ -55,6 +94,11 @@
int le_curl;
int le_curl_multi_handle;
+#ifdef PHP_CURL_NEED_SSL_TSL
+static inline void php_curl_ssl_init(void);
+static inline void php_curl_ssl_cleanup(void);
+#endif
+
static void _php_curl_close(zend_rsrc_list_entry *rsrc TSRMLS_DC);
#define SAVE_CURL_ERROR(__handle, __err) (__handle)->err.no = (int) __err;
@@ -403,6 +447,9 @@
REGISTER_CURL_CONSTANT(CURLFTPAUTH_TLS);
#endif
+#ifdef PHP_CURL_NEED_SSL_TSL
+ php_curl_ssl_init();
+#endif
if (curl_global_init(CURL_GLOBAL_SSL) != CURLE_OK) {
return FAILURE;
}
@@ -440,7 +487,9 @@
php_unregister_url_stream_wrapper("ldap" TSRMLS_CC);
#endif
curl_global_cleanup();
-
+#ifdef PHP_CURL_NEED_SSL_TSL
+ php_curl_ssl_cleanup();
+#endif
return SUCCESS;
}
/* }}} */
@@ -1545,7 +1594,106 @@
}
/* }}} */
-#endif
+#ifdef PHP_CURL_NEED_OPENSSL_TSL
+/* {{{ */
+static MUTEX_T *php_curl_openssl_tsl = NULL;
+
+static void php_curl_ssl_lock(int mode, int n, const char * file, int line)
+{
+ if (mode & CRYPTO_LOCK) {
+ tsrm_mutex_lock(php_curl_openssl_tsl[n]);
+ } else {
+ tsrm_mutex_unlock(php_curl_openssl_tsl[n]);
+ }
+}
+
+static unsigned long php_curl_ssl_id(void)
+{
+ return (unsigned long) tsrm_thread_id();
+}
+
+static inline void php_curl_ssl_init(void)
+{
+ int i, c = CRYPTO_num_locks();
+
+ php_curl_openssl_tsl = malloc(c * sizeof(MUTEX_T));
+
+ for (i = 0; i < c; ++i) {
+ php_curl_openssl_tsl[i] = tsrm_mutex_alloc();
+ }
+
+ CRYPTO_set_id_callback(php_curl_ssl_id);
+ CRYPTO_set_locking_callback(php_curl_ssl_lock);
+}
+
+static inline void php_curl_ssl_cleanup(void)
+{
+ if (php_curl_openssl_tsl) {
+ int i, c = CRYPTO_num_locks();
+
+ CRYPTO_set_id_callback(NULL);
+ CRYPTO_set_locking_callback(NULL);
+
+ for (i = 0; i < c; ++i) {
+ tsrm_mutex_free(php_curl_openssl_tsl[i]);
+ }
+
+ free(php_curl_openssl_tsl);
+ php_curl_openssl_tsl = NULL;
+ }
+}
+#endif /* PHP_CURL_NEED_OPENSSL_TSL */
+/* }}} */
+
+#ifdef PHP_CURL_NEED_GNUTLS_TSL
+/* {{{ */
+static int php_curl_ssl_mutex_create(void **m)
+{
+ if (*((MUTEX_T *) m) = tsrm_mutex_alloc()) {
+ return SUCCESS;
+ } else {
+ return FAILURE;
+ }
+}
+
+static int php_curl_ssl_mutex_destroy(void **m)
+{
+ tsrm_mutex_free(*((MUTEX_T *) m));
+ return SUCCESS;
+}
+
+static int php_curl_ssl_mutex_lock(void **m)
+{
+ return tsrm_mutex_lock(*((MUTEX_T *) m));
+}
+
+static int php_curl_ssl_mutex_unlock(void **m)
+{
+ return tsrm_mutex_unlock(*((MUTEX_T *) m));
+}
+
+static struct gcry_thread_cbs php_curl_gnutls_tsl = {
+ GCRY_THREAD_OPTIONS_USER,
+ NULL,
+ php_curl_ssl_mutex_create,
+ php_curl_ssl_mutex_destroy,
+ php_curl_ssl_mutex_lock,
+ php_curl_ssl_mutex_unlock
+};
+
+static inline void php_curl_ssl_init(void)
+{
+ gcry_control(GCRYCTL_SET_THREAD_CBS, &php_curl_gnutls_tsl);
+}
+
+static inline void php_curl_ssl_cleanup(void)
+{
+ return;
+}
+#endif /* PHP_CURL_NEED_GNUTLS_TSL */
+/* }}} */
+
+#endif /* HAVE_CURL */
/*
* Local variables:
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
