andrey Fri, 05 Aug 2011 13:39:30 +0000
Revision: http://svn.php.net/viewvc?view=revision&revision=314330
Log:
Fix for bug #55283 SSL options set by mysqli_ssl_set ignored for MySQLi
persistent connections
Bug: https://bugs.php.net/55283 (Verified) SSL options set by mysqli_ssl_set
ignored for MySQLi persistent connections
Changed paths:
U php/php-src/branches/PHP_5_3/NEWS
U php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_nonapi.c
A php/php-src/branches/PHP_5_3/ext/mysqli/tests/bug55283.phpt
U php/php-src/branches/PHP_5_4/ext/mysqli/mysqli_nonapi.c
A php/php-src/branches/PHP_5_4/ext/mysqli/tests/bug55283.phpt
U php/php-src/trunk/ext/mysqli/mysqli_nonapi.c
A php/php-src/trunk/ext/mysqli/tests/bug55283.phpt
Modified: php/php-src/branches/PHP_5_3/NEWS
===================================================================
--- php/php-src/branches/PHP_5_3/NEWS 2011-08-05 13:19:58 UTC (rev 314329)
+++ php/php-src/branches/PHP_5_3/NEWS 2011-08-05 13:39:30 UTC (rev 314330)
@@ -1,7 +1,10 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? ????, PHP 5.3.7
-
+- mysqli
+ . Fixed bug #55238 (SSL options set by mysqli_ssl_set ignored for MySQLi
+ persistent connections). (Andrey)
+
28 Jul 2011, PHP 5.3.7 RC4
- Improved core functions:
. Updated crypt_blowfish to 1.2. ((CVE-2011-2483) (Solar Designer)
Modified: php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_nonapi.c
===================================================================
--- php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_nonapi.c 2011-08-05 13:19:58 UTC (rev 314329)
+++ php/php-src/branches/PHP_5_3/ext/mysqli/mysqli_nonapi.c 2011-08-05 13:39:30 UTC (rev 314330)
@@ -141,10 +141,12 @@
hostname = MyG(default_host);
}
- if (mysql->mysql && mysqli_resource && (mysqli_resource->status > MYSQLI_STATUS_INITIALIZED || (strlen(SAFE_STR(hostname)) > 2 && !strncasecmp(hostname, "p:", 2)))) {
- /* already connected, we should close the connection */
- php_mysqli_close(mysql, MYSQLI_CLOSE_IMPLICIT, mysqli_resource->status TSRMLS_CC);
- }
+ if (mysql->mysql && mysqli_resource &&
+ (mysqli_resource->status > MYSQLI_STATUS_INITIALIZED))
+ {
+ /* already connected, we should close the connection */
+ php_mysqli_close(mysql, MYSQLI_CLOSE_IMPLICIT, mysqli_resource->status TSRMLS_CC);
+ }
if (strlen(SAFE_STR(hostname)) > 2 && !strncasecmp(hostname, "p:", 2)) {
hostname += 2;
Added: php/php-src/branches/PHP_5_3/ext/mysqli/tests/bug55283.phpt
===================================================================
--- php/php-src/branches/PHP_5_3/ext/mysqli/tests/bug55283.phpt (rev 0)
+++ php/php-src/branches/PHP_5_3/ext/mysqli/tests/bug55283.phpt 2011-08-05 13:39:30 UTC (rev 314330)
@@ -0,0 +1,55 @@
+--TEST--
+Bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi persistent connections)
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+require_once('skipifconnectfailure.inc');
+$link = mysqli_init();
+mysqli_ssl_set($link, null, null, null, null, "RC4-MD5");
+if (my_mysqli_real_connect($link, $host, $user, $passwd, $db, $port, null, $flags)) {
+ $res = $link->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ $row = $res->fetch_row();
+ if ($row[1] === "") {
+ die('skip Server started without SSL support');
+ }
+}
+?>
+--FILE--
+<?php
+ include "connect.inc";
+ $db1 = new mysqli();
+
+
+ $flags = MYSQLI_CLIENT_SSL;
+
+ $link = mysqli_init();
+ mysqli_ssl_set($link, null, null, null, null, "RC4-MD5");
+ if (my_mysqli_real_connect($link, 'p:' . $host, $user, $passwd, $db, $port, null, $flags)) {
+ $r = $link->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ var_dump($r->fetch_row());
+ }
+
+ /* non-persistent connection */
+ $link2 = mysqli_init();
+ mysqli_ssl_set($link2, null, null, null, null, "RC4-MD5");
+ if (my_mysqli_real_connect($link2, $host, $user, $passwd, $db, $port, null, $flags)) {
+ $r2 = $link2->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ var_dump($r2->fetch_row());
+ }
+
+ echo "done\n";
+?>
+--EXPECTF--
+array(2) {
+ [0]=>
+ string(10) "Ssl_cipher"
+ [1]=>
+ string(7) "RC4-MD5"
+}
+array(2) {
+ [0]=>
+ string(10) "Ssl_cipher"
+ [1]=>
+ string(7) "RC4-MD5"
+}
+done
\ No newline at end of file
Modified: php/php-src/branches/PHP_5_4/ext/mysqli/mysqli_nonapi.c
===================================================================
--- php/php-src/branches/PHP_5_4/ext/mysqli/mysqli_nonapi.c 2011-08-05 13:19:58 UTC (rev 314329)
+++ php/php-src/branches/PHP_5_4/ext/mysqli/mysqli_nonapi.c 2011-08-05 13:39:30 UTC (rev 314330)
@@ -141,10 +141,12 @@
hostname = MyG(default_host);
}
- if (mysql->mysql && mysqli_resource && (mysqli_resource->status > MYSQLI_STATUS_INITIALIZED || (strlen(SAFE_STR(hostname)) > 2 && !strncasecmp(hostname, "p:", 2)))) {
- /* already connected, we should close the connection */
- php_mysqli_close(mysql, MYSQLI_CLOSE_IMPLICIT, mysqli_resource->status TSRMLS_CC);
- }
+ if (mysql->mysql && mysqli_resource &&
+ (mysqli_resource->status > MYSQLI_STATUS_INITIALIZED))
+ {
+ /* already connected, we should close the connection */
+ php_mysqli_close(mysql, MYSQLI_CLOSE_IMPLICIT, mysqli_resource->status TSRMLS_CC);
+ }
if (strlen(SAFE_STR(hostname)) > 2 && !strncasecmp(hostname, "p:", 2)) {
hostname += 2;
Added: php/php-src/branches/PHP_5_4/ext/mysqli/tests/bug55283.phpt
===================================================================
--- php/php-src/branches/PHP_5_4/ext/mysqli/tests/bug55283.phpt (rev 0)
+++ php/php-src/branches/PHP_5_4/ext/mysqli/tests/bug55283.phpt 2011-08-05 13:39:30 UTC (rev 314330)
@@ -0,0 +1,55 @@
+--TEST--
+Bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi persistent connections)
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+require_once('skipifconnectfailure.inc');
+$link = mysqli_init();
+mysqli_ssl_set($link, null, null, null, null, "RC4-MD5");
+if (my_mysqli_real_connect($link, $host, $user, $passwd, $db, $port, null, $flags)) {
+ $res = $link->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ $row = $res->fetch_row();
+ if ($row[1] === "") {
+ die('skip Server started without SSL support');
+ }
+}
+?>
+--FILE--
+<?php
+ include "connect.inc";
+ $db1 = new mysqli();
+
+
+ $flags = MYSQLI_CLIENT_SSL;
+
+ $link = mysqli_init();
+ mysqli_ssl_set($link, null, null, null, null, "RC4-MD5");
+ if (my_mysqli_real_connect($link, 'p:' . $host, $user, $passwd, $db, $port, null, $flags)) {
+ $r = $link->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ var_dump($r->fetch_row());
+ }
+
+ /* non-persistent connection */
+ $link2 = mysqli_init();
+ mysqli_ssl_set($link2, null, null, null, null, "RC4-MD5");
+ if (my_mysqli_real_connect($link2, $host, $user, $passwd, $db, $port, null, $flags)) {
+ $r2 = $link2->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ var_dump($r2->fetch_row());
+ }
+
+ echo "done\n";
+?>
+--EXPECTF--
+array(2) {
+ [0]=>
+ string(10) "Ssl_cipher"
+ [1]=>
+ string(7) "RC4-MD5"
+}
+array(2) {
+ [0]=>
+ string(10) "Ssl_cipher"
+ [1]=>
+ string(7) "RC4-MD5"
+}
+done
\ No newline at end of file
Modified: php/php-src/trunk/ext/mysqli/mysqli_nonapi.c
===================================================================
--- php/php-src/trunk/ext/mysqli/mysqli_nonapi.c 2011-08-05 13:19:58 UTC (rev 314329)
+++ php/php-src/trunk/ext/mysqli/mysqli_nonapi.c 2011-08-05 13:39:30 UTC (rev 314330)
@@ -141,10 +141,12 @@
hostname = MyG(default_host);
}
- if (mysql->mysql && mysqli_resource && (mysqli_resource->status > MYSQLI_STATUS_INITIALIZED || (strlen(SAFE_STR(hostname)) > 2 && !strncasecmp(hostname, "p:", 2)))) {
- /* already connected, we should close the connection */
- php_mysqli_close(mysql, MYSQLI_CLOSE_IMPLICIT, mysqli_resource->status TSRMLS_CC);
- }
+ if (mysql->mysql && mysqli_resource &&
+ (mysqli_resource->status > MYSQLI_STATUS_INITIALIZED))
+ {
+ /* already connected, we should close the connection */
+ php_mysqli_close(mysql, MYSQLI_CLOSE_IMPLICIT, mysqli_resource->status TSRMLS_CC);
+ }
if (strlen(SAFE_STR(hostname)) > 2 && !strncasecmp(hostname, "p:", 2)) {
hostname += 2;
Added: php/php-src/trunk/ext/mysqli/tests/bug55283.phpt
===================================================================
--- php/php-src/trunk/ext/mysqli/tests/bug55283.phpt (rev 0)
+++ php/php-src/trunk/ext/mysqli/tests/bug55283.phpt 2011-08-05 13:39:30 UTC (rev 314330)
@@ -0,0 +1,55 @@
+--TEST--
+Bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi persistent connections)
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+require_once('skipifconnectfailure.inc');
+$link = mysqli_init();
+mysqli_ssl_set($link, null, null, null, null, "RC4-MD5");
+if (my_mysqli_real_connect($link, $host, $user, $passwd, $db, $port, null, $flags)) {
+ $res = $link->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ $row = $res->fetch_row();
+ if ($row[1] === "") {
+ die('skip Server started without SSL support');
+ }
+}
+?>
+--FILE--
+<?php
+ include "connect.inc";
+ $db1 = new mysqli();
+
+
+ $flags = MYSQLI_CLIENT_SSL;
+
+ $link = mysqli_init();
+ mysqli_ssl_set($link, null, null, null, null, "RC4-MD5");
+ if (my_mysqli_real_connect($link, 'p:' . $host, $user, $passwd, $db, $port, null, $flags)) {
+ $r = $link->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ var_dump($r->fetch_row());
+ }
+
+ /* non-persistent connection */
+ $link2 = mysqli_init();
+ mysqli_ssl_set($link2, null, null, null, null, "RC4-MD5");
+ if (my_mysqli_real_connect($link2, $host, $user, $passwd, $db, $port, null, $flags)) {
+ $r2 = $link2->query("SHOW STATUS LIKE 'Ssl_cipher'");
+ var_dump($r2->fetch_row());
+ }
+
+ echo "done\n";
+?>
+--EXPECTF--
+array(2) {
+ [0]=>
+ string(10) "Ssl_cipher"
+ [1]=>
+ string(7) "RC4-MD5"
+}
+array(2) {
+ [0]=>
+ string(10) "Ssl_cipher"
+ [1]=>
+ string(7) "RC4-MD5"
+}
+done
\ No newline at end of file
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
