Added SoapClient constructor option 'ssl_method' to specify ssl method

2025-08-16 05:58:45 +02:00 · 2013-04-30 10:24:49 +04:00 · 2013-04-30 10:24:49 +04:00 · c782cf7fb3
commit c782cf7fb3
parent 4b83f4a011
4 changed files with 86 additions and 2 deletions
--- a/4
+++ b/4
@ -19,6 +19,10 @@ PHP                                                                        NEWS
  . Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).
    (Anatol)

+- SOAP:
+  . Added SoapClient constructor option 'ssl_method' to specify ssl method.
+    (Eric Iversen)
+
 - Streams:
  . Fixed Windows x64 version of stream_socket_pair() and improved error handling
    (Anatol Belski)
--- a/ext/soap/php_http.c
+++ b/ext/soap/php_http.c
@ -162,6 +162,7 @@ static php_stream* http_connect(zval* this_ptr, php_url *phpurl, int use_ssl, ph
 	zval **proxy_host, **proxy_port, **tmp;
 	char *host;
 	char *name;
+	char *protocol;
 	long namelen;
 	int port;
 	int old_error_reporting;
@ -189,7 +190,41 @@ static php_stream* http_connect(zval* this_ptr, php_url *phpurl, int use_ssl, ph
 	old_error_reporting = EG(error_reporting);
 	EG(error_reporting) &= ~(E_WARNING|E_NOTICE|E_USER_WARNING|E_USER_NOTICE);

-	namelen = spprintf(&name, 0, "%s://%s:%d", (use_ssl && !*use_proxy)? "ssl" : "tcp", host, port);
+	/* Changed ternary operator to an if/else so that additional comparisons can be done on the ssl_method property */
+	if (use_ssl && !*use_proxy) {
+		if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_ssl_method", sizeof("_ssl_method"), (void **) &tmp) == SUCCESS &&
+			Z_TYPE_PP(tmp) == IS_LONG) {
+			/* uses contants declared in soap.c to determine ssl uri protocol */
+			switch (Z_LVAL_PP(tmp)) {
+				case SOAP_SSL_METHOD_TLS:
+					protocol = "tls";
+					break;
+
+				case SOAP_SSL_METHOD_SSLv2:
+					protocol = "sslv2";
+					break;
+
+				case SOAP_SSL_METHOD_SSLv3:
+					protocol = "sslv3";
+					break;
+
+				case SOAP_SSL_METHOD_SSLv23:
+					protocol = "ssl";
+					break;
+
+				default:
+					protocol = "ssl";
+					break;
+
+			}
+		} else {
+			protocol = "ssl";
+		}
+	} else {
+		protocol = "tcp";
+	}
+
+	namelen = spprintf(&name, 0, "%s://%s:%d", protocol, host, port);

 	stream = php_stream_xport_create(name, namelen,
 		REPORT_ERRORS,
@ -237,7 +272,34 @@ static php_stream* http_connect(zval* this_ptr, php_url *phpurl, int use_ssl, ph
 		}
 		/* enable SSL transport layer */
 		if (stream) {
-			if (php_stream_xport_crypto_setup(stream, STREAM_CRYPTO_METHOD_SSLv23_CLIENT, NULL TSRMLS_CC) < 0 ||
+			/* if a stream is created without encryption, check to see if SSL method parameter is specified and use
+ 			   proper encrypyion method based on constants defined in soap.c */
+			int crypto_method = STREAM_CRYPTO_METHOD_SSLv23_CLIENT;
+			if (zend_hash_find(Z_OBJPROP_P(this_ptr), "_ssl_method", sizeof("_ssl_method"), (void **) &tmp) == SUCCESS &&
+				Z_TYPE_PP(tmp) == IS_LONG) {
+				switch (Z_LVAL_PP(tmp)) {
+					case SOAP_SSL_METHOD_TLS:
+						crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+						break;
+
+					case SOAP_SSL_METHOD_SSLv2:
+						crypto_method = STREAM_CRYPTO_METHOD_SSLv2_CLIENT;
+						break;
+
+					case SOAP_SSL_METHOD_SSLv3:
+						crypto_method = STREAM_CRYPTO_METHOD_SSLv3_CLIENT;
+						break;
+
+					case SOAP_SSL_METHOD_SSLv23:
+						crypto_method = STREAM_CRYPTO_METHOD_SSLv23_CLIENT;
+						break;
+
+					default:
+						crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+						break;
+				}
+			}
+			if (php_stream_xport_crypto_setup(stream, crypto_method, NULL TSRMLS_CC) < 0 ||
 			    php_stream_xport_crypto_enable(stream, 1 TSRMLS_CC) < 0) {
 				php_stream_close(stream);
 				stream = NULL;
--- a/ext/soap/php_soap.h
+++ b/ext/soap/php_soap.h
@ -149,6 +149,13 @@ struct _soapService {
 #define WSDL_CACHE_MEMORY   0x2
 #define WSDL_CACHE_BOTH     0x3

+/* New SOAP SSL Method Constants */
+#define SOAP_SSL_METHOD_TLS     0
+#define SOAP_SSL_METHOD_SSLv2   1
+#define SOAP_SSL_METHOD_SSLv3   2
+#define SOAP_SSL_METHOD_SSLv23  3
+
+
 ZEND_BEGIN_MODULE_GLOBALS(soap)
 	HashTable  defEncNs;     /* mapping of default namespaces to prefixes */
 	HashTable  defEnc;
--- a/ext/soap/soap.c
+++ b/ext/soap/soap.c
@ -753,6 +753,12 @@ PHP_MINIT_FUNCTION(soap)
 	REGISTER_LONG_CONSTANT("WSDL_CACHE_MEMORY", WSDL_CACHE_MEMORY, CONST_CS | CONST_PERSISTENT);
 	REGISTER_LONG_CONSTANT("WSDL_CACHE_BOTH",   WSDL_CACHE_BOTH,   CONST_CS | CONST_PERSISTENT);

+	/* New SOAP SSL Method Constants */
+	REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_TLS",    SOAP_SSL_METHOD_TLS,    CONST_CS | CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_SSLv2",  SOAP_SSL_METHOD_SSLv2,  CONST_CS | CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_SSLv3",  SOAP_SSL_METHOD_SSLv3,  CONST_CS | CONST_PERSISTENT);
+	REGISTER_LONG_CONSTANT("SOAP_SSL_METHOD_SSLv23", SOAP_SSL_METHOD_SSLv23, CONST_CS | CONST_PERSISTENT);
+
 	old_error_handler = zend_error_cb;
 	zend_error_cb = soap_error_handler;

@ -2497,6 +2503,11 @@ PHP_METHOD(SoapClient, SoapClient)
 				(Z_TYPE_PP(tmp) == IS_BOOL || Z_TYPE_PP(tmp) == IS_LONG) && Z_LVAL_PP(tmp) == 0) {
 			add_property_long(this_ptr, "_keep_alive", 0);
 		}
+
+		if (zend_hash_find(ht, "ssl_method", sizeof("ssl_method"), (void**)&tmp) == SUCCESS &&
+			Z_TYPE_PP(tmp) == IS_LONG) {
+			add_property_long(this_ptr, "_ssl_method", Z_LVAL_PP(tmp));
+		}
 	} else if (Z_TYPE_P(wsdl) == IS_NULL) {
 		php_error_docref(NULL TSRMLS_CC, E_ERROR, "'location' and 'uri' options are required in nonWSDL mode");
 	}