archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'PHP-7.4' into PHP-8.0

Browse source 
* PHP-7.4:
  Fix #67792: HTTP Authorization schemes are treated as case-sensitive
This commit is contained in:
Christoph M. Becker 2021-04-23 15:56:33 +02:00
commit 23a192d12d
No known key found for this signature in database
GPG key ID: D66C9593118BCCB6
3 changed files with 43 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
NEWS
View file

@ -5,6 +5,8 @@ PHP NEWS
- Core:
. Fixed bug #80960 (opendir() warning wrong info when failed on Windows).
(cmb)
. Fixed bug #67792 (HTTP Authorization schemes are treated as case-sensitive).
(cmb)
- pgsql:
. Fixed php_pgsql_fd_cast() wrt. php_stream_can_cast(). (cmb)

7
main/main.c
View file

@ -2575,12 +2575,13 @@ PHPAPI void php_handle_aborted_connection(void)
PHPAPI int php_handle_auth_data(const char *auth)
{
int ret = -1;
size_t auth_len = auth != NULL ? strlen(auth) : 0;
if (auth && auth[0] != '\0' && strncmp(auth, "Basic ", 6) == 0) {
if (auth && auth_len > 0 && zend_binary_strncasecmp(auth, auth_len, "Basic ", sizeof("Basic ")-1, sizeof("Basic ")-1) == 0) {
char *pass;
zend_string *user;
user = php_base64_decode((const unsigned char*)auth + 6, strlen(auth) - 6);
user = php_base64_decode((const unsigned char*)auth + 6, auth_len - 6);
if (user) {
pass = strchr(ZSTR_VAL(user), ':');
if (pass) {
@ -2599,7 +2600,7 @@ PHPAPI int php_handle_auth_data(const char *auth)
SG(request_info).auth_digest = NULL;
}
if (ret == -1 && auth && auth[0] != '\0' && strncmp(auth, "Digest ", 7) == 0) {
if (ret == -1 && auth && auth_len > 0 && zend_binary_strncasecmp(auth, auth_len, "Digest ", sizeof("Digest ")-1, sizeof("Digest ")-1) == 0) {
SG(request_info).auth_digest = estrdup(auth + 7);
ret = 0;
}

37
sapi/cli/tests/php_cli_server_021.phpt Normal file
View file

@ -0,0 +1,37 @@
--TEST--
Digest Authentication
--SKIPIF--
<?php
include "skipif.inc";
?>
--FILE--
<?php
include "php_cli_server.inc";
php_cli_server_start('var_dump(!isset($_SERVER["PHP_AUTH_USER"]), !isset($_SERVER["PHP_AUTH_PW"]), $_SERVER["PHP_AUTH_DIGEST"]);');
$host = PHP_CLI_SERVER_HOSTNAME;
$fp = php_cli_server_connect();
if(fwrite($fp, <<<HEADER
GET / HTTP/1.1
Host: {$host}
Authorization: digest username="Mufasa", realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="/dir/index.html", qop=auth, nc=00000001, cnonce="0a4f113b", response="6629fae49393a05397450978507c4ef1", opaque="5ccc069c403ebaf9f0171e9517f40e41"
HEADER
)) {
fpassthru($fp);
}
?>
--EXPECTF--
HTTP/1.1 200 OK
Host: %s
Date: %s
Connection: close
X-Powered-By: PHP/%s
Content-type: text/html; charset=UTF-8
bool(true)
bool(true)
string(242) "username="Mufasa", realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="/dir/index.html", qop=auth, nc=00000001, cnonce="0a4f113b", response="6629fae49393a05397450978507c4ef1", opaque="5ccc069c403ebaf9f0171e9517f40e41""