Re: [PHP-DEV] PHP SSL Client
On 22/06/01, [EMAIL PROTECTED] wrote: We are not regular PHP developers, but one of our programmers developed a patch to 4.0.5 that allows PHP to act as an SSL client. If you believe that it is useful, feel free to add to the PHP code base. Jeff, Thanks for your patch, but we do have an alternative method of providing SSL support planned that will work much like fopen(ssl://host) or fopen(https://host;). However, it might not be there until PHP 4.1 (although I'd like to get it into PHP 4.0.7, time permitting). --Wez. -- PHP Development Mailing List http://www.php.net/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DEV] PHP SSL Client
We are not regular PHP developers, but one of our programmers developed a
patch to 4.0.5 that allows PHP to act as an SSL client.
This patch adds the fsockopen_ssl() and pfsockopen_ssl() functions. It
works at a lower level than the curl package and allows you to add SSL to
anything by simply replacing the fsockopen() and pfsockopen() functions.
If you believe that it is useful, feel free to add to the PHP code base.
Best regards,
Jeff Groves
===
--- php-4.0.5/ext/standard/Makefile.org Fri May 25 14:26:19 2001
+++ php-4.0.5/ext/standard/Makefile.in Fri May 25 14:27:41 2001
@@ -17,6 +17,8 @@
include $(top_srcdir)/build/dynlib.mk
+DEFS += -DSSL_CLIENT
+
parsedate.c: $(srcdir)/parsedate.y
$(srcdir)/url_scanner_ex.c: $(srcdir)/url_scanner_ex.re
--- php-4.0.5.org/ext/standard/basic_functions.cWed Mar 28 16:51:34 2001
+++ php-4.0.5/ext/standard/basic_functions.cFri May 25 14:27:20 2001
@@ -445,6 +445,10 @@
/* functions from fsock.c */
PHP_FE(fsockopen, third_and_fourth_args_force_ref)
PHP_FE(pfsockopen, third_and_fourth_args_force_ref)
+#ifdef SSL_CLIENT
+ PHP_FE(fsockopen_ssl, third_and_fourth_args_force_ref)
+ PHP_FE(pfsockopen_ssl, third_and_fourth_args_force_ref)
+#endif
/* functions from pack.c */
PHP_FE(pack,NULL)
--- php-4.0.5.org/ext/standard/fsock.c Thu Apr 26 09:07:57 2001
+++ php-4.0.5/ext/standard/fsock.c Fri May 25 14:30:17 2001
@@ -209,7 +209,7 @@
passed by reference. The error code from the connect call is written
to this variable.
*/
-static void php_fsockopen(INTERNAL_FUNCTION_PARAMETERS, int persistent) {
+static int php_fsockopen(INTERNAL_FUNCTION_PARAMETERS, int persistent) {
pval **args[5];
int *sock=emalloc(sizeof(int));
int *sockp;
@@ -254,7 +254,7 @@
CLOSE_SOCK(0);
*sock = *sockp;
ZEND_REGISTER_RESOURCE(return_value,sock,php_file_le_socket());
- return;
+ return *sock;
}
if (portno) {
@@ -345,6 +345,8 @@
if(key) efree(key);
ZEND_REGISTER_RESOURCE(return_value,sock,php_file_le_socket());
+
+ return *sock;
}
/* }}} */
@@ -363,6 +365,38 @@
}
/* }}} */
+#ifdef SSL_CLIENT
+
+/* {{{ proto int fsockopen_ssl(string hostname, int port [, int errno [,
string errstr [, double timeout]]])
+ Open Internet or Unix domain socket connection */
+PHP_FUNCTION(fsockopen_ssl)
+{
+ int s;
+
+ s = php_fsockopen(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);
+ if (s = 0) {
+ php_sockset_ssl(s);
+ }
+}
+/* }}} */
+/* {{{ proto int pfsockopen_ssl(string hostname, int port [, int errno [,
string errstr [, double timeout]]])
+ Open persistent Internet or Unix domain socket connection */
+PHP_FUNCTION(pfsockopen_ssl)
+{
+ int s;
+
+ s = php_fsockopen(INTERNAL_FUNCTION_PARAM_PASSTHRU, 1);
+ if (s = 0) {
+ php_sockset_ssl(s);
+ }
+}
+/* }}} */
+
+#define SSL_SOCK_CLOSE(sock) if(sock-ssl_ctx) {
SSL_shutdown(sock-sslfp); SSL_free(sock-sslfp);
SSL_CTX_free(sock-ssl_ctx); sock-ssl_ctx = NULL; }
+#else
+#define SSL_SOCK_CLOSE(sock)
+#endif
+
#define SOCK_DESTROY(sock) \
if(sock-readbuf) pefree(sock-readbuf, sock-persistent); \
if(sock-prev) sock-prev-next = sock-next; \
@@ -378,6 +412,7 @@
for(now = FG(phpsockbuf); now; now = next) {
next = now-next;
if(now-persistent == persistent) {
+ SSL_SOCK_CLOSE(now);
SOCK_DESTROY(now);
}
}
@@ -418,6 +453,10 @@
sock-is_blocked = 1;
sock-chunk_size = FG(def_chunk_size);
sock-timeout.tv_sec = -1;
+#ifdef SSL_CLIENT
+ sock-ssl_ctx = NULL;
+ sock-sslfp = NULL;
+#endif
FG(phpsockbuf) = sock;
return sock;
@@ -451,6 +490,7 @@
sock = php_sockfind(socket FLS_CC);
if(sock) {
ret = 1;
+ SSL_SOCK_CLOSE(sock);
SOCK_DESTROY(sock);
}
@@ -478,6 +518,7 @@
sock = php_sockfind(socket FLS_CC);
if(sock) {
if(!sock-persistent) {
+ SSL_SOCK_CLOSE(sock);
SOCK_CLOSE(sock-socket);
SOCK_DESTROY(sock);
}
@@ -540,6 +581,12 @@
}
/* read at a maximum sock-chunk_size */
+#ifdef SSL_CLIENT
+ if (sock-sslfp) {
+ nr_bytes = SSL_read(sock-sslfp, buf, sock-chunk_size);
+ }
+ else
+#endif
nr_bytes = recv(sock-socket, buf, sock-chunk_size, 0);
if(nr_bytes 0) {
if(sock-writepos + nr_bytes sock-readbuflen) {
@@ -577,6 +624,55 @@
}
return nr_read;
+}
+
+#ifdef
[PHP-DEV] PHP SSL Client
We are not regular PHP developers, but one of our programmers developed a
patch to 4.0.5 that allows PHP to act as an SSL client.
This patch adds the fsockopen_ssl() and pfsockopen_ssl() functions. It
works at a lower level than the curl package and allows you to add SSL to
anything by simply replacing the fsockopen() and pfsockopen() functions.
If you believe that it is useful, feel free to add to the PHP code base.
Best regards,
Jeff Groves
===
--- php-4.0.5/ext/standard/Makefile.org Fri May 25 14:26:19 2001
+++ php-4.0.5/ext/standard/Makefile.in Fri May 25 14:27:41 2001
@@ -17,6 +17,8 @@
include $(top_srcdir)/build/dynlib.mk
+DEFS += -DSSL_CLIENT
+
parsedate.c: $(srcdir)/parsedate.y
$(srcdir)/url_scanner_ex.c: $(srcdir)/url_scanner_ex.re
--- php-4.0.5.org/ext/standard/basic_functions.cWed Mar 28 16:51:34 2001
+++ php-4.0.5/ext/standard/basic_functions.cFri May 25 14:27:20 2001
@@ -445,6 +445,10 @@
/* functions from fsock.c */
PHP_FE(fsockopen, third_and_fourth_args_force_ref)
PHP_FE(pfsockopen, third_and_fourth_args_force_ref)
+#ifdef SSL_CLIENT
+ PHP_FE(fsockopen_ssl, third_and_fourth_args_force_ref)
+ PHP_FE(pfsockopen_ssl, third_and_fourth_args_force_ref)
+#endif
/* functions from pack.c */
PHP_FE(pack,NULL)
--- php-4.0.5.org/ext/standard/fsock.c Thu Apr 26 09:07:57 2001
+++ php-4.0.5/ext/standard/fsock.c Fri May 25 14:30:17 2001
@@ -209,7 +209,7 @@
passed by reference. The error code from the connect call is written
to this variable.
*/
-static void php_fsockopen(INTERNAL_FUNCTION_PARAMETERS, int persistent) {
+static int php_fsockopen(INTERNAL_FUNCTION_PARAMETERS, int persistent) {
pval **args[5];
int *sock=emalloc(sizeof(int));
int *sockp;
@@ -254,7 +254,7 @@
CLOSE_SOCK(0);
*sock = *sockp;
ZEND_REGISTER_RESOURCE(return_value,sock,php_file_le_socket());
- return;
+ return *sock;
}
if (portno) {
@@ -345,6 +345,8 @@
if(key) efree(key);
ZEND_REGISTER_RESOURCE(return_value,sock,php_file_le_socket());
+
+ return *sock;
}
/* }}} */
@@ -363,6 +365,38 @@
}
/* }}} */
+#ifdef SSL_CLIENT
+
+/* {{{ proto int fsockopen_ssl(string hostname, int port [, int errno [,
string errstr [, double timeout]]])
+ Open Internet or Unix domain socket connection */
+PHP_FUNCTION(fsockopen_ssl)
+{
+ int s;
+
+ s = php_fsockopen(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);
+ if (s = 0) {
+ php_sockset_ssl(s);
+ }
+}
+/* }}} */
+/* {{{ proto int pfsockopen_ssl(string hostname, int port [, int errno [,
string errstr [, double timeout]]])
+ Open persistent Internet or Unix domain socket connection */
+PHP_FUNCTION(pfsockopen_ssl)
+{
+ int s;
+
+ s = php_fsockopen(INTERNAL_FUNCTION_PARAM_PASSTHRU, 1);
+ if (s = 0) {
+ php_sockset_ssl(s);
+ }
+}
+/* }}} */
+
+#define SSL_SOCK_CLOSE(sock) if(sock-ssl_ctx) {
SSL_shutdown(sock-sslfp); SSL_free(sock-sslfp);
SSL_CTX_free(sock-ssl_ctx); sock-ssl_ctx = NULL; }
+#else
+#define SSL_SOCK_CLOSE(sock)
+#endif
+
#define SOCK_DESTROY(sock) \
if(sock-readbuf) pefree(sock-readbuf, sock-persistent); \
if(sock-prev) sock-prev-next = sock-next; \
@@ -378,6 +412,7 @@
for(now = FG(phpsockbuf); now; now = next) {
next = now-next;
if(now-persistent == persistent) {
+ SSL_SOCK_CLOSE(now);
SOCK_DESTROY(now);
}
}
@@ -418,6 +453,10 @@
sock-is_blocked = 1;
sock-chunk_size = FG(def_chunk_size);
sock-timeout.tv_sec = -1;
+#ifdef SSL_CLIENT
+ sock-ssl_ctx = NULL;
+ sock-sslfp = NULL;
+#endif
FG(phpsockbuf) = sock;
return sock;
@@ -451,6 +490,7 @@
sock = php_sockfind(socket FLS_CC);
if(sock) {
ret = 1;
+ SSL_SOCK_CLOSE(sock);
SOCK_DESTROY(sock);
}
@@ -478,6 +518,7 @@
sock = php_sockfind(socket FLS_CC);
if(sock) {
if(!sock-persistent) {
+ SSL_SOCK_CLOSE(sock);
SOCK_CLOSE(sock-socket);
SOCK_DESTROY(sock);
}
@@ -540,6 +581,12 @@
}
/* read at a maximum sock-chunk_size */
+#ifdef SSL_CLIENT
+ if (sock-sslfp) {
+ nr_bytes = SSL_read(sock-sslfp, buf, sock-chunk_size);
+ }
+ else
+#endif
nr_bytes = recv(sock-socket, buf, sock-chunk_size, 0);
if(nr_bytes 0) {
if(sock-writepos + nr_bytes sock-readbuflen) {
@@ -577,6 +624,55 @@
}
return nr_read;
+}
+
+#ifdef
