dmitry Mon, 17 Aug 2009 18:23:48 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=287425
Log:
Fixed bug #49144 (import of schema from different host transmits original
authentication details)
Bug: http://bugs.php.net/49144 (Assigned) import of schema from different host
transmits original authentication details
Changed paths:
U php/php-src/branches/PHP_5_2/NEWS
U php/php-src/branches/PHP_5_2/ext/soap/php_schema.c
U php/php-src/branches/PHP_5_2/ext/soap/php_sdl.c
U php/php-src/branches/PHP_5_2/ext/soap/php_sdl.h
U php/php-src/branches/PHP_5_3/NEWS
U php/php-src/branches/PHP_5_3/ext/soap/php_schema.c
U php/php-src/branches/PHP_5_3/ext/soap/php_sdl.c
U php/php-src/branches/PHP_5_3/ext/soap/php_sdl.h
U php/php-src/trunk/ext/soap/php_schema.c
U php/php-src/trunk/ext/soap/php_sdl.c
U php/php-src/trunk/ext/soap/php_sdl.h
Modified: php/php-src/branches/PHP_5_2/NEWS
===================================================================
--- php/php-src/branches/PHP_5_2/NEWS 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_2/NEWS 2009-08-17 18:23:48 UTC (rev 287425)
@@ -6,6 +6,8 @@
- Fixed bug #49269 (Ternary operator fails on Iterator object when used inside
foreach declaration). (Etienne, Dmitry)
- Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani)
+- Fixed bug #49144 (import of schema from different host transmits original
+ authentication details). (Dmitry)
13 Aug 2009, PHP 5.2.11RC1
- Fixed regression in cURL extension that prevented flush of data to output
Modified: php/php-src/branches/PHP_5_2/ext/soap/php_schema.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/soap/php_schema.c 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_2/ext/soap/php_schema.c 2009-08-17 18:23:48 UTC (rev 287425)
@@ -102,7 +102,10 @@
xmlNodePtr schema;
xmlAttrPtr new_tns;
+ sdl_set_uri_credentials(ctx, (char*)location TSRMLS_CC);
doc = soap_xmlParseFile((char*)location TSRMLS_CC);
+ sdl_restore_uri_credentials(ctx TSRMLS_CC);
+
if (doc == NULL) {
soap_error1(E_ERROR, "Parsing Schema: can't import schema from '%s'", location);
}
Modified: php/php-src/branches/PHP_5_2/ext/soap/php_sdl.c
===================================================================
--- php/php-src/branches/PHP_5_2/ext/soap/php_sdl.c 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_2/ext/soap/php_sdl.c 2009-08-17 18:23:48 UTC (rev 287425)
@@ -226,6 +226,64 @@
return 1;
}
+void sdl_set_uri_credentials(sdlCtx *ctx, char *uri TSRMLS_DC)
+{
+ char *s;
+ int l1, l2;
+ zval *context = NULL;
+ zval **header = NULL;
+
+ /* check if we load xsd from the same server */
+ s = strstr(ctx->sdl->source, "://");
+ if (!s) return;
+ s = strchr(s+3, '/');
+ l1 = s - ctx->sdl->source;
+ s = strstr((char*)uri, "://");
+ if (!s) return;
+ s = strchr(s+3, '/');
+ l2 = s - (char*)uri;
+ if (l1 != l2 || memcmp(ctx->sdl->source, uri, l1) != 0) {
+ /* another server. clear authentication credentals */
+ context = php_libxml_switch_context(NULL TSRMLS_CC);
+ php_libxml_switch_context(context TSRMLS_CC);
+ if (context) {
+ ctx->context = php_stream_context_from_zval(context, 1);
+
+ if (ctx->context &&
+ php_stream_context_get_option(ctx->context, "http", "header", &header) == SUCCESS) {
+ s = strstr(Z_STRVAL_PP(header), "Authorization: Basic");
+ if (s && (s == Z_STRVAL_PP(header) || *(s-1) == '\n' || *(s-1) == '\r')) {
+ char *rest = strstr(s, "\r\n");
+ if (rest) {
+ zval new_header;
+
+ rest += 2;
+ Z_TYPE(new_header) = IS_STRING;
+ Z_STRLEN(new_header) = Z_STRLEN_PP(header) - (rest - s);
+ Z_STRVAL(new_header) = emalloc(Z_STRLEN_PP(header) + 1);
+ memcpy(Z_STRVAL(new_header), Z_STRVAL_PP(header), s - Z_STRVAL_PP(header));
+ memcpy(Z_STRVAL(new_header) + (s - Z_STRVAL_PP(header)), rest, Z_STRLEN_PP(header) - (rest - Z_STRVAL_PP(header)) + 1);
+ ctx->old_header = *header;
+ ctx->old_header->refcount++;
+ php_stream_context_set_option(ctx->context, "http", "header", &new_header);
+ zval_dtor(&new_header);
+ }
+ }
+ }
+ }
+ }
+}
+
+void sdl_restore_uri_credentials(sdlCtx *ctx TSRMLS_DC)
+{
+ if (ctx->old_header) {
+ php_stream_context_set_option(ctx->context, "http", "header", ctx->old_header);
+ zval_ptr_dtor(&ctx->old_header);
+ ctx->old_header = NULL;
+ }
+ ctx->context = NULL;
+}
+
static void load_wsdl_ex(zval *this_ptr, char *struri, sdlCtx *ctx, int include TSRMLS_DC)
{
sdlPtr tmpsdl = ctx->sdl;
@@ -237,7 +295,9 @@
return;
}
+ sdl_set_uri_credentials(ctx, struri TSRMLS_CC);
wsdl = soap_xmlParseFile(struri TSRMLS_CC);
+ sdl_restore_uri_credentials(ctx TSRMLS_CC);
if (!wsdl) {
xmlErrorPtr xmlErrorPtr = xmlGetLastError();
Modified: php/php-src/branches/PHP_5_2/ext/soap/php_sdl.h
===================================================================
--- php/php-src/branches/PHP_5_2/ext/soap/php_sdl.h 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_2/ext/soap/php_sdl.h 2009-08-17 18:23:48 UTC (rev 287425)
@@ -76,6 +76,8 @@
HashTable *attributes; /* array of sdlAttributePtr */
HashTable *attributeGroups; /* array of sdlTypesPtr */
+ php_stream_context *context;
+ zval *old_header;
} sdlCtx;
struct _sdlBinding {
@@ -264,4 +266,7 @@
void delete_sdl(void *handle);
void delete_sdl_impl(void *handle);
+void sdl_set_uri_credentials(sdlCtx *ctx, char *uri TSRMLS_DC);
+void sdl_restore_uri_credentials(sdlCtx *ctx TSRMLS_DC);
+
#endif
Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_3/NEWS 2009-08-17 18:23:48 UTC (rev 287425)
@@ -28,6 +28,8 @@
- Fixed bug #49193 (gdJpegGetVersionString() inside gd_compact identifies
wrong type in declaration). (Ilia)
- Fixed bug #49183 (dns_get_record does not return NAPTR records). (Pierre)
+- Fixed bug #49144 (import of schema from different host transmits original
+ authentication details). (Dmitry)
- Fixed bug #49132 (posix_times returns false without error).
(phpbugs at gunnu dot us)
- Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu)
Modified: php/php-src/branches/PHP_5_3/ext/soap/php_schema.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/soap/php_schema.c 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_3/ext/soap/php_schema.c 2009-08-17 18:23:48 UTC (rev 287425)
@@ -102,7 +102,10 @@
xmlNodePtr schema;
xmlAttrPtr new_tns;
+ sdl_set_uri_credentials(ctx, (char*)location TSRMLS_CC);
doc = soap_xmlParseFile((char*)location TSRMLS_CC);
+ sdl_restore_uri_credentials(ctx TSRMLS_CC);
+
if (doc == NULL) {
soap_error1(E_ERROR, "Parsing Schema: can't import schema from '%s'", location);
}
Modified: php/php-src/branches/PHP_5_3/ext/soap/php_sdl.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/soap/php_sdl.c 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_3/ext/soap/php_sdl.c 2009-08-17 18:23:48 UTC (rev 287425)
@@ -226,6 +226,64 @@
return 1;
}
+void sdl_set_uri_credentials(sdlCtx *ctx, char *uri TSRMLS_DC)
+{
+ char *s;
+ int l1, l2;
+ zval *context = NULL;
+ zval **header = NULL;
+
+ /* check if we load xsd from the same server */
+ s = strstr(ctx->sdl->source, "://");
+ if (!s) return;
+ s = strchr(s+3, '/');
+ l1 = s - ctx->sdl->source;
+ s = strstr((char*)uri, "://");
+ if (!s) return;
+ s = strchr(s+3, '/');
+ l2 = s - (char*)uri;
+ if (l1 != l2 || memcmp(ctx->sdl->source, uri, l1) != 0) {
+ /* another server. clear authentication credentals */
+ context = php_libxml_switch_context(NULL TSRMLS_CC);
+ php_libxml_switch_context(context TSRMLS_CC);
+ if (context) {
+ ctx->context = php_stream_context_from_zval(context, 1);
+
+ if (ctx->context &&
+ php_stream_context_get_option(ctx->context, "http", "header", &header) == SUCCESS) {
+ s = strstr(Z_STRVAL_PP(header), "Authorization: Basic");
+ if (s && (s == Z_STRVAL_PP(header) || *(s-1) == '\n' || *(s-1) == '\r')) {
+ char *rest = strstr(s, "\r\n");
+ if (rest) {
+ zval new_header;
+
+ rest += 2;
+ Z_TYPE(new_header) = IS_STRING;
+ Z_STRLEN(new_header) = Z_STRLEN_PP(header) - (rest - s);
+ Z_STRVAL(new_header) = emalloc(Z_STRLEN_PP(header) + 1);
+ memcpy(Z_STRVAL(new_header), Z_STRVAL_PP(header), s - Z_STRVAL_PP(header));
+ memcpy(Z_STRVAL(new_header) + (s - Z_STRVAL_PP(header)), rest, Z_STRLEN_PP(header) - (rest - Z_STRVAL_PP(header)) + 1);
+ ctx->old_header = *header;
+ Z_ADDREF_P(ctx->old_header);
+ php_stream_context_set_option(ctx->context, "http", "header", &new_header);
+ zval_dtor(&new_header);
+ }
+ }
+ }
+ }
+ }
+}
+
+void sdl_restore_uri_credentials(sdlCtx *ctx TSRMLS_DC)
+{
+ if (ctx->old_header) {
+ php_stream_context_set_option(ctx->context, "http", "header", ctx->old_header);
+ zval_ptr_dtor(&ctx->old_header);
+ ctx->old_header = NULL;
+ }
+ ctx->context = NULL;
+}
+
static void load_wsdl_ex(zval *this_ptr, char *struri, sdlCtx *ctx, int include TSRMLS_DC)
{
sdlPtr tmpsdl = ctx->sdl;
@@ -237,7 +295,9 @@
return;
}
+ sdl_set_uri_credentials(ctx, struri TSRMLS_CC);
wsdl = soap_xmlParseFile(struri TSRMLS_CC);
+ sdl_restore_uri_credentials(ctx TSRMLS_CC);
if (!wsdl) {
xmlErrorPtr xmlErrorPtr = xmlGetLastError();
Modified: php/php-src/branches/PHP_5_3/ext/soap/php_sdl.h
===================================================================
--- php/php-src/branches/PHP_5_3/ext/soap/php_sdl.h 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/branches/PHP_5_3/ext/soap/php_sdl.h 2009-08-17 18:23:48 UTC (rev 287425)
@@ -76,6 +76,8 @@
HashTable *attributes; /* array of sdlAttributePtr */
HashTable *attributeGroups; /* array of sdlTypesPtr */
+ php_stream_context *context;
+ zval *old_header;
} sdlCtx;
struct _sdlBinding {
@@ -264,4 +266,7 @@
void delete_sdl(void *handle);
void delete_sdl_impl(void *handle);
+void sdl_set_uri_credentials(sdlCtx *ctx, char *uri TSRMLS_DC);
+void sdl_restore_uri_credentials(sdlCtx *ctx TSRMLS_DC);
+
#endif
Modified: php/php-src/trunk/ext/soap/php_schema.c
===================================================================
--- php/php-src/trunk/ext/soap/php_schema.c 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/trunk/ext/soap/php_schema.c 2009-08-17 18:23:48 UTC (rev 287425)
@@ -102,7 +102,10 @@
xmlNodePtr schema;
xmlAttrPtr new_tns;
+ sdl_set_uri_credentials(ctx, (char*)location TSRMLS_CC);
doc = soap_xmlParseFile((char*)location TSRMLS_CC);
+ sdl_restore_uri_credentials(ctx TSRMLS_CC);
+
if (doc == NULL) {
soap_error1(E_ERROR, "Parsing Schema: can't import schema from '%s'", location);
}
Modified: php/php-src/trunk/ext/soap/php_sdl.c
===================================================================
--- php/php-src/trunk/ext/soap/php_sdl.c 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/trunk/ext/soap/php_sdl.c 2009-08-17 18:23:48 UTC (rev 287425)
@@ -226,6 +226,64 @@
return 1;
}
+void sdl_set_uri_credentials(sdlCtx *ctx, char *uri TSRMLS_DC)
+{
+ char *s;
+ int l1, l2;
+ zval *context = NULL;
+ zval **header = NULL;
+
+ /* check if we load xsd from the same server */
+ s = strstr(ctx->sdl->source, "://");
+ if (!s) return;
+ s = strchr(s+3, '/');
+ l1 = s - ctx->sdl->source;
+ s = strstr((char*)uri, "://");
+ if (!s) return;
+ s = strchr(s+3, '/');
+ l2 = s - (char*)uri;
+ if (l1 != l2 || memcmp(ctx->sdl->source, uri, l1) != 0) {
+ /* another server. clear authentication credentals */
+ context = php_libxml_switch_context(NULL TSRMLS_CC);
+ php_libxml_switch_context(context TSRMLS_CC);
+ if (context) {
+ ctx->context = php_stream_context_from_zval(context, 1);
+
+ if (ctx->context &&
+ php_stream_context_get_option(ctx->context, "http", "header", &header) == SUCCESS) {
+ s = strstr(Z_STRVAL_PP(header), "Authorization: Basic");
+ if (s && (s == Z_STRVAL_PP(header) || *(s-1) == '\n' || *(s-1) == '\r')) {
+ char *rest = strstr(s, "\r\n");
+ if (rest) {
+ zval new_header;
+
+ rest += 2;
+ Z_TYPE(new_header) = IS_STRING;
+ Z_STRLEN(new_header) = Z_STRLEN_PP(header) - (rest - s);
+ Z_STRVAL(new_header) = emalloc(Z_STRLEN_PP(header) + 1);
+ memcpy(Z_STRVAL(new_header), Z_STRVAL_PP(header), s - Z_STRVAL_PP(header));
+ memcpy(Z_STRVAL(new_header) + (s - Z_STRVAL_PP(header)), rest, Z_STRLEN_PP(header) - (rest - Z_STRVAL_PP(header)) + 1);
+ ctx->old_header = *header;
+ Z_ADDREF_P(ctx->old_header);
+ php_stream_context_set_option(ctx->context, "http", "header", &new_header);
+ zval_dtor(&new_header);
+ }
+ }
+ }
+ }
+ }
+}
+
+void sdl_restore_uri_credentials(sdlCtx *ctx TSRMLS_DC)
+{
+ if (ctx->old_header) {
+ php_stream_context_set_option(ctx->context, "http", "header", ctx->old_header);
+ zval_ptr_dtor(&ctx->old_header);
+ ctx->old_header = NULL;
+ }
+ ctx->context = NULL;
+}
+
static void load_wsdl_ex(char *struri, sdlCtx *ctx, int include TSRMLS_DC)
{
sdlPtr tmpsdl = ctx->sdl;
@@ -237,7 +295,9 @@
return;
}
+ sdl_set_uri_credentials(ctx, struri TSRMLS_CC);
wsdl = soap_xmlParseFile(struri TSRMLS_CC);
+ sdl_restore_uri_credentials(ctx TSRMLS_CC);
if (!wsdl) {
xmlErrorPtr xmlErrorPtr = xmlGetLastError();
Modified: php/php-src/trunk/ext/soap/php_sdl.h
===================================================================
--- php/php-src/trunk/ext/soap/php_sdl.h 2009-08-17 17:57:40 UTC (rev 287424)
+++ php/php-src/trunk/ext/soap/php_sdl.h 2009-08-17 18:23:48 UTC (rev 287425)
@@ -76,6 +76,8 @@
HashTable *attributes; /* array of sdlAttributePtr */
HashTable *attributeGroups; /* array of sdlTypesPtr */
+ php_stream_context *context;
+ zval *old_header;
} sdlCtx;
struct _sdlBinding {
@@ -264,4 +266,7 @@
void delete_sdl(void *handle);
void delete_sdl_impl(void *handle);
+void sdl_set_uri_credentials(sdlCtx *ctx, char *uri TSRMLS_DC);
+void sdl_restore_uri_credentials(sdlCtx *ctx TSRMLS_DC);
+
#endif
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
