- #49253, add support for libcurl's CERTINFO option

ext/curl/interface.c

@@ -629,6 +629,9 @@ PHP_MINIT_FUNCTION(curl)
 	REGISTER_CURL_CONSTANT(CURLINFO_REDIRECT_COUNT);
 	REGISTER_CURL_CONSTANT(CURLINFO_HEADER_OUT);
 	REGISTER_CURL_CONSTANT(CURLINFO_PRIVATE);
+#if LIBCURL_VERSION_NUM >  0x071202
+	REGISTER_CURL_CONSTANT(CURLINFO_CERTINFO);
+#endif
 
 	/* cURL protocol constants (curl_version) */
 	REGISTER_CURL_CONSTANT(CURL_VERSION_IPV6);
@@ -744,6 +747,9 @@ PHP_MINIT_FUNCTION(curl)
 	REGISTER_CURL_CONSTANT(CURLFTPSSL_CONTROL);
 	REGISTER_CURL_CONSTANT(CURLFTPSSL_ALL);
 #endif
+#if LIBCURL_VERSION_NUM >  0x071202
+	REGISTER_CURL_CONSTANT(CURLOPT_CERTINFO);
+#endif
 
 /* SSH support works in 7.19.0+ using libssh2 */
 #if LIBCURL_VERSION_NUM >= 0x071300
@@ -1339,6 +1345,85 @@ static void alloc_curl_handle(php_curl **ch)
 }
 /* }}} */
 
+#if LIBCURL_VERSION_NUM >  0x071202
+/* {{{ split_certinfo
+ */
+static void split_certinfo(char *string, zval *hash)
+{
+	int i;
+	char *org = estrdup(string);
+	char *s = org;
+	char *split;
+
+	if(org) {
+		do {
+			char *key;
+			char *val;
+			char *tmp;
+
+			split = strstr(s, "; ");
+			if(split)
+				*split = '\0';
+
+			key = s;
+			tmp = memchr(key, '=', 64);
+			if(tmp) {
+				*tmp = '\0';
+				val = tmp+1;
+				add_assoc_string(hash, key, val, 1);
+			}
+			s = split+2;
+		} while(split);
+		efree(org);
+	}
+}
+
+/* {{{ create_certinfo
+ */
+static void create_certinfo(struct curl_certinfo *ci, zval *listcode)
+{
+	int i;
+			
+	if(ci) {
+		zval *certhash = NULL;
+		char *tmp;
+		
+		for(i=0; i<ci->num_of_certs; i++) {
+			struct curl_slist *slist;
+			
+			MAKE_STD_ZVAL(certhash);
+			array_init(certhash);
+			for(slist = ci->certinfo[i]; slist; slist = slist->next) {
+				int len;
+				char s[64];
+				char *tmp;
+				strncpy(s, slist->data, 64);
+				tmp = memchr(s, ':', 64);
+				if(tmp) {
+					*tmp = '\0';
+					len = strlen(s);
+					if(!strcmp(s, "Subject") || !strcmp(s, "Issuer")) {
+						zval *hash;
+
+						MAKE_STD_ZVAL(hash);
+						array_init(hash);
+						
+						split_certinfo(&slist->data[len+1], hash);
+						add_assoc_zval(certhash, s, hash);
+					} else {
+						add_assoc_string(certhash, s, &slist->data[len+1], 1);
+					}
+				} else {
+					php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not extract hash key from certificate info"); 
+				}
+			}
+			add_next_index_zval(listcode, certhash);
+		}
+	}
+}
+/* }}} */
+#endif
+
 /* {{{ proto resource curl_init([string url]) U
    Initialize a cURL session */
 PHP_FUNCTION(curl_init)
@@ -1576,6 +1661,9 @@ static int _php_curl_setopt(php_curl *ch, long option, zval **zvalue, zval *retu
 #endif
 #if LIBCURL_VERSION_NUM >= 0x070f01
 		case CURLOPT_FTP_FILEMETHOD:
+#endif
+#if LIBCURL_VERSION_NUM >  0x071202
+		case CURLOPT_CERTINFO:
 #endif
 			convert_to_long_ex(zvalue);
 #if LIBCURL_VERSION_NUM >= 0x71304
@@ -2171,6 +2259,10 @@ PHP_FUNCTION(curl_getinfo)
 		char   *s_code;
 		long    l_code;
 		double  d_code;
+#if LIBCURL_VERSION_NUM >  0x071202
+		struct curl_certinfo *ci = NULL;
+		zval *listcode;
+#endif
 
 		array_init(return_value);
 
@@ -2241,6 +2333,14 @@ PHP_FUNCTION(curl_getinfo)
 		if (curl_easy_getinfo(ch->cp, CURLINFO_REDIRECT_TIME, &d_code) == CURLE_OK) {
 			CAAD("redirect_time", d_code);
 		}
+#if LIBCURL_VERSION_NUM >  0x071202
+		if (curl_easy_getinfo(ch->cp, CURLINFO_CERTINFO, &ci) == CURLE_OK) {
+			MAKE_STD_ZVAL(listcode);
+			array_init(listcode);
+			create_certinfo(ci, listcode);
+			CAAZ("certinfo", listcode);
+		}
+#endif
 		if (ch->header.str_len > 0) {
 			CAAS("request_header", ch->header.str);
 		}
@@ -2300,6 +2400,20 @@ PHP_FUNCTION(curl_getinfo)
 				} else {
 					RETURN_FALSE;
 				}
+#if LIBCURL_VERSION_NUM >  0x071202
+			case CURLINFO_CERTINFO: {
+				struct curl_certinfo *ci = NULL;
+
+				array_init(return_value);
+				
+				if (curl_easy_getinfo(ch->cp, CURLINFO_CERTINFO, &ci) == CURLE_OK) {
+					create_certinfo(ci, return_value);
+				} else {
+					RETURN_FALSE;
+				}
+				break;
+			}
+#endif
 		}
 	}
 }