diff options
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | ext/soap/php_http.c | 66 | ||||
| -rw-r--r-- | ext/soap/php_soap.h | 7 | ||||
| -rw-r--r-- | ext/soap/soap.c | 11 |
4 files changed, 86 insertions, 2 deletions
@@ -19,6 +19,10 @@ PHP NEWS . Fixed bug #64342 (ZipArchive::addFile() has to check for file existence). (Anatol) +- SOAP: + . Added SoapClient constructor option 'ssl_method' to specify ssl method. + (Eric Iversen) + - Streams: . Fixed Windows x64 version of stream_socket_pair() and improved error handling (Anatol Belski) diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index d83b85e639..7a109c1966 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -162,6 +162,7 @@ static php_stream* http_connect(zval* this_ptr, php_url *phpurl, int use_ssl, ph zval **proxy_host, **proxy_port, **tmp; char *host; char *name; + char *protocol; long namelen; int port; int old_error_reporting; @@ -189,7 +190,41 @@ static php_stream* http_connect(zval* this_ptr, php_url *phpurl, int use_ssl, ph old_error_reporting = EG(error_reporting); EG(error_reporting) &= ~(E_WARNING|E_NOTICE|E_USER_WARNING|E_USER_NOTICE); - namelen = spprintf(&name, 0, "%s://%s:%d", (use_ssl && !*use_proxy)? "ssl" : "tcp", host, port); + /* Changed ternary operator to an if/else so that additional comparisons can be done on the ssl_method property */ + if (use_ssl && !*use_proxy) { + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_ssl_method", sizeof("_ssl_method"), (void **) &tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_LONG) { + /* uses contants declared in soap.c to determine ssl uri protocol */ + switch (Z_LVAL_PP(tmp)) { + case SOAP_SSL_METHOD_TLS: + protocol = "tls"; + break; + + case SOAP_SSL_METHOD_SSLv2: + protocol = "sslv2"; + break; + + case SOAP_SSL_METHOD_SSLv3: + protocol = "sslv3"; + break; + + case SOAP_SSL_METHOD_SSLv23: + protocol = "ssl"; + break; + + default: + protocol = "ssl"; + break; + + } + } else { + protocol = "ssl"; + } + } else { + protocol = "tcp"; + } + + namelen = spprintf(&name, 0, "%s://%s:%d", protocol, host, port); stream = php_stream_xport_create(name, namelen, REPORT_ERRORS, @@ -237,7 +272,34 @@ static php_stream* http_connect(zval* this_ptr, php_url *phpurl, int use_ssl, ph } /* enable SSL transport layer */ if (stream) { - if (php_stream_xport_crypto_setup(stream, STREAM_CRYPTO_METHOD_SSLv23_CLIENT, NULL TSRMLS_CC) < 0 || + /* if a stream is created without encryption, check to see if SSL method parameter is specified and use + proper encrypyion method based on constants defined in soap.c */ + int crypto_method = STREAM_CRYPTO_METHOD_SSLv23_CLIENT; + if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_ssl_method", sizeof("_ssl_method"), (void **) &tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_LONG) { + switch (Z_LVAL_PP(tmp)) { + case SOAP_SSL_METHOD_TLS: + crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT; + break; + + case SOAP_SSL_METHOD_SSLv2: + crypto_method = STREAM_CRYPTO_METHOD_SSLv2_CLIENT; + break; + + case SOAP_SSL_METHOD_SSLv3: + crypto_method = STREAM_CRYPTO_METHOD_SSLv3_CLIENT; + break; + + case SOAP_SSL_METHOD_SSLv23: + crypto_method = STREAM_CRYPTO_METHOD_SSLv23_CLIENT; + break; + + default: + crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT; + break; + } + } + if (php_stream_xport_crypto_setup(stream, crypto_method, NULL TSRMLS_CC) < 0 || php_stream_xport_crypto_enable(stream, 1 TSRMLS_CC) < 0) { php_stream_close(stream); stream = NULL; diff --git a/ext/soap/php_soap.h b/ext/soap/php_soap.h index 0e37db5d4c..7d0a3c16f1 100644 --- a/ext/soap/php_soap.h +++ b/ext/soap/php_soap.h @@ -149,6 +149,13 @@ struct _soapService { #define WSDL_CACHE_MEMORY 0x2 #define WSDL_CACHE_BOTH 0x3 +/* New SOAP SSL Method Constants */ +#define SOAP_SSL_METHOD_TLS 0 +#define SOAP_SSL_METHOD_SSLv2 1 +#define SOAP_SSL_METHOD_SSLv3 2 +#define SOAP_SSL_METHOD_SSLv23 3 + + ZEND_BEGIN_MODULE_GLOBALS(soap) HashTable defEncNs; /* mapping of default namespaces to prefixes */ HashTable defEnc; diff --git a/ext/soap/soap.c b/ext/soap/soap.c index 7df84e5b2a..cabe5c068b 100644 --- a/ext/soap/soap.c +++ b/ext/soap/soap.c @@ -753,6 +753,12 @@ PHP_MINIT_FUNCTION(soap) REGISTER_LONG_CONSTANT("WSDL_CACHE_MEMORY", WSDL_CACHE_MEMORY, CONST_CS | CONST_PERSISTENT); REGISTER_LONG_CONSTANT("WSDL_CACHE_BOTH", WSDL_CACHE_BOTH, CONST_CS | CONST_PERSISTENT); + /* New SOAP SSL Method Constants */ + REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_TLS", SOAP_SSL_METHOD_TLS, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_SSLv2", SOAP_SSL_METHOD_SSLv2, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_SSLv3", SOAP_SSL_METHOD_SSLv3, CONST_CS | CONST_PERSISTENT); + REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_SSLv23", SOAP_SSL_METHOD_SSLv23, CONST_CS | CONST_PERSISTENT); + old_error_handler = zend_error_cb; zend_error_cb = soap_error_handler; @@ -2497,6 +2503,11 @@ PHP_METHOD(SoapClient, SoapClient) (Z_TYPE_PP(tmp) == IS_BOOL || Z_TYPE_PP(tmp) == IS_LONG) && Z_LVAL_PP(tmp) == 0) { add_property_long(this_ptr, "_keep_alive", 0); } + + if (zend_hash_find(ht, "ssl_method", sizeof("ssl_method"), (void**)&tmp) == SUCCESS && + Z_TYPE_PP(tmp) == IS_LONG) { + add_property_long(this_ptr, "_ssl_method", Z_LVAL_PP(tmp)); + } } else if (Z_TYPE_P(wsdl) == IS_NULL) { php_error_docref(NULL TSRMLS_CC, E_ERROR, "'location' and 'uri' options are required in nonWSDL mode"); } |