Skip to content

Commit 517f800

Browse files
adoyadoy
committed
CURL >= 7.28.0 no longer support value 1 for CURLOPT_SSL_VERIFYHOST)
Fixed bug #63795
1 parent 63659ce commit 517f800

File tree

3 files changed

+78
-1
lines changed

3 files changed

+78
-1
lines changed

ext/curl/interface.c

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1679,6 +1679,16 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu
16791679
CURLcode error=CURLE_OK;
16801680

16811681
switch (option) {
1682+
case CURLOPT_SSL_VERIFYHOST:
1683+
if(Z_BVAL_PP(zvalue) == 1) {
1684+
#if LIBCURL_VERSION_NUM <= 0x071c00 /* 7.28.0 */
1685+
php_error_docref(NULL TSRMLS_CC, E_NOTICE, "CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead");
1686+
#else
1687+
php_error_docref(NULL TSRMLS_CC, E_NOTICE, "CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead");
1688+
error = curl_easy_setopt(ch->cp, option, 2);
1689+
break;
1690+
#endif
1691+
}
16821692
case CURLOPT_INFILESIZE:
16831693
case CURLOPT_VERBOSE:
16841694
case CURLOPT_HEADER:
@@ -1717,7 +1727,6 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu
17171727
#if LIBCURL_VERSION_NUM > 0x071002
17181728
case CURLOPT_CONNECTTIMEOUT_MS:
17191729
#endif
1720-
case CURLOPT_SSL_VERIFYHOST:
17211730
case CURLOPT_SSL_VERIFYPEER:
17221731
case CURLOPT_DNS_USE_GLOBAL_CACHE:
17231732
case CURLOPT_NOSIGNAL:

ext/curl/tests/bug63363.phpt

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
--TEST--
2+
Bug #63363 (CURL silently accepts boolean value for SSL_VERIFYHOST)
3+
--SKIPIF--
4+
<?php
5+
if (!extension_loaded("curl")) {
6+
exit("skip curl extension not loaded");
7+
}
8+
$curl_version = curl_version();
9+
if ($curl_version['version_number'] >= 0x071c01) {
10+
exit("skip: test valid for libcurl < 7.28.1");
11+
}
12+
?>
13+
--FILE--
14+
<?php
15+
$ch = curl_init();
16+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false));
17+
/* Case that should throw an error */
18+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true));
19+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0));
20+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1));
21+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2));
22+
23+
curl_close($ch);
24+
?>
25+
--EXPECTF--
26+
bool(true)
27+
28+
Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead in %s on line %d
29+
bool(true)
30+
bool(true)
31+
32+
Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead in %s on line %d
33+
bool(true)
34+
bool(true)

ext/curl/tests/bug63795.phpt

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
--TEST--
2+
Bug #63795 (CURL >= 7.28.0 no longer support value 1 for CURLOPT_SSL_VERIFYHOST)
3+
--SKIPIF--
4+
<?php
5+
if (!extension_loaded("curl")) {
6+
exit("skip curl extension not loaded");
7+
}
8+
$curl_version = curl_version();
9+
if ($curl_version['version_number'] < 0x071c01) {
10+
exit("skip: test valid for libcurl >= 7.28.1");
11+
}
12+
?>
13+
--FILE--
14+
<?php
15+
$ch = curl_init();
16+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false));
17+
/* Case that should throw an error */
18+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true));
19+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0));
20+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1));
21+
var_dump(curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2));
22+
23+
curl_close($ch);
24+
?>
25+
--EXPECTF--
26+
bool(true)
27+
28+
Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead in %s on line %d
29+
bool(true)
30+
bool(true)
31+
32+
Notice: curl_setopt(): CURLOPT_SSL_VERIFYHOST no longer accepts the value 1, value 2 will be used instead in %s on line %d
33+
bool(true)
34+
bool(true)

0 commit comments

Comments
 (0)