Commit: 3b85d09de7347b16024530579e46f89d587a2e18 Author: John Jawed (JJ) <ja...@php.net> Wed, 24 Oct 2012 21:47:47 -0700 Parents: 7b4a53e26344ede3534c6ce7ea5973cd4082c90e Branches: master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=3b85d09de7347b16024530579e46f89d587a2e18 Log: Notice if CURLOPT_SSL_VERIFYHOST is set to true Changed paths: M ext/curl/interface.c A ext/curl/tests/bug63363.phpt Diff: diff --git a/ext/curl/interface.c b/ext/curl/interface.c index d9abece..eb7ed8d 100644 --- a/ext/curl/interface.c +++ b/ext/curl/interface.c @@ -2014,6 +2014,10 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu switch (option) { /* Long options */ + case CURLOPT_SSL_VERIFYHOST: + if(Z_TYPE_PP(zvalue)==IS_BOOL && Z_BVAL_PP(zvalue)) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation)"); + } case CURLOPT_AUTOREFERER: case CURLOPT_BUFFERSIZE: case CURLOPT_CLOSEPOLICY: @@ -2048,7 +2052,6 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu case CURLOPT_PUT: case CURLOPT_RESUME_FROM: case CURLOPT_SSLVERSION: - case CURLOPT_SSL_VERIFYHOST: case CURLOPT_SSL_VERIFYPEER: case CURLOPT_TIMECONDITION: case CURLOPT_TIMEOUT: diff --git a/ext/curl/tests/bug63363.phpt b/ext/curl/tests/bug63363.phpt new file mode 100644 index 0000000..43deaa2 --- /dev/null +++ b/ext/curl/tests/bug63363.phpt @@ -0,0 +1,29 @@ +--TEST-- +Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST) +--SKIPIF-- +<?php +if (!extension_loaded("curl")) { + exit("skip curl extension not loaded"); +} + +?> +--FILE-- +<?php +$ch = curl_init(); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false)); +/* Case that should throw an error */ +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1)); +var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2)); + +curl_close($ch); +?> +--EXPECTF-- +bool(true) + +Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST set to true which disables common name validation (setting CURLOPT_SSL_VERIFYHOST to 2 enables common name validation) in %s on line %d +bool(true) +bool(true) +bool(true) +bool(true) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php