ONPHP_METHOD(Ternary, spawn)
{
zval *value, *true, *false, *null, *result, *out;
ONPHP_GET_ARGS("zzz|z", &value, &true, &false, &null);
ALLOC_INIT_ZVAL(result);
ONPHP_MAKE_OBJECT(Ternary, out);
if (ZEND_NUM_ARGS() == 3) {
ALLOC_INIT_ZVAL(null);
ZVAL_NULL(null);
}
if (
is_identical_function(result, value, true TSRMLS_CC)
&& (zval_is_true(result))
) {
ONPHP_UPDATE_PROPERTY_BOOL(out, "trinity", 1);
} else if (
is_identical_function(result, value, false TSRMLS_CC)
&& (zval_is_true(result))
) {
ONPHP_UPDATE_PROPERTY_BOOL(out, "trinity", 0);
} else if (
(
is_identical_function(result, value, null TSRMLS_CC)
&& (zval_is_true(result))
) || (
Z_TYPE_P(null) == IS_NULL
)
) {
ONPHP_UPDATE_PROPERTY_NULL(out, "trinity");
} else {
ONPHP_THROW_NORET(WrongArgumentException, "failed to spawn Ternary");
}
ZVAL_FREE(result);
if (ZEND_NUM_ARGS() == 3) {
ZVAL_FREE(null);
}
if (EG(exception)) {
return;
}
RETURN_ZVAL(out, 1, 1);
}
/* {{{ php_foreach_all
*/
static int php_foreach_all (int instatus, char *inkey, int inkeylen, char *inval, int invallen, char *indata)
{
int is_stop = 0;
zval *args;
zval *retval;
TSRMLS_FETCH();
MAKE_STD_ZVAL(args);
array_init(args);
add_index_long(args, 0, instatus);
add_index_stringl(args, 1, inkey, inkeylen, 1);
add_index_stringl(args, 2, inval, invallen, 1);
php_yp_all_callback *cb = (php_yp_all_callback *) indata;
zend_fcall_info_args(&cb->fci, args TSRMLS_CC);
zend_fcall_info_call(&cb->fci, &cb->fcc, &retval, args TSRMLS_CC);
zend_fcall_info_args_clear(&cb->fci, 1);
if (retval) {
is_stop = zval_is_true(retval);
zval_ptr_dtor(&retval);
}
return is_stop;
}
static int odbc_stmt_set_param(pdo_stmt_t *stmt, zend_long attr, zval *val)
{
SQLRETURN rc;
pdo_odbc_stmt *S = (pdo_odbc_stmt*)stmt->driver_data;
switch (attr) {
case PDO_ATTR_CURSOR_NAME:
convert_to_string(val);
rc = SQLSetCursorName(S->stmt, Z_STRVAL_P(val), Z_STRLEN_P(val));
if (rc == SQL_SUCCESS || rc == SQL_SUCCESS_WITH_INFO) {
return 1;
}
pdo_odbc_stmt_error("SQLSetCursorName");
return 0;
case PDO_ODBC_ATTR_ASSUME_UTF8:
S->assume_utf8 = zval_is_true(val);
return 0;
default:
strcpy(S->einfo.last_err_msg, "Unknown Attribute");
S->einfo.what = "setAttribute";
strcpy(S->einfo.last_state, "IM001");
return -1;
}
}
ONPHP_METHOD(Ternary, decide)
{
zval
*true,
*false,
*null,
*trinity = ONPHP_READ_PROPERTY(getThis(), "trinity");
ONPHP_GET_ARGS("zz|z", &true, &false, &null);
if (Z_TYPE_P(trinity) == IS_BOOL) {
if (zval_is_true(trinity)) {
RETURN_ZVAL(true, 1, 0);
} else {
RETURN_ZVAL(false, 1, 0);
}
} else if (Z_TYPE_P(trinity) == IS_NULL) {
if (ZEND_NUM_ARGS() == 3) {
RETURN_ZVAL(null, 1, 0);
} else {
RETURN_NULL();
}
}
ONPHP_THROW(WrongStateException, NULL);
}
ONPHP_METHOD(Ternary, isFalse)
{
zval *trinity = ONPHP_READ_PROPERTY(getThis(), "trinity");
RETURN_BOOL(
(Z_TYPE_P(trinity) == IS_BOOL)
&& !zval_is_true(trinity)
);
}
static int odbc_handle_set_attr(pdo_dbh_t *dbh, zend_long attr, zval *val)
{
pdo_odbc_db_handle *H = (pdo_odbc_db_handle *)dbh->driver_data;
switch (attr) {
case PDO_ODBC_ATTR_ASSUME_UTF8:
H->assume_utf8 = zval_is_true(val);
return 1;
default:
strcpy(H->einfo.last_err_msg, "Unknown Attribute");
H->einfo.what = "setAttribute";
strcpy(H->einfo.last_state, "IM001");
return -1;
}
}
ONPHP_METHOD(Ternary, toString)
{
zval *trinity = ONPHP_READ_PROPERTY(getThis(), "trinity");
if (Z_TYPE_P(trinity) == IS_BOOL) {
if (zval_is_true(trinity)) {
RETURN_STRINGL("true", 4, 1);
} else {
RETURN_STRINGL("false", 5, 1);
}
} else if (Z_TYPE_P(trinity) == IS_NULL) {
RETURN_STRINGL("null", 4, 1);
}
ONPHP_THROW(WrongStateException, NULL);
}
static int dblib_set_attr(pdo_dbh_t *dbh, zend_long attr, zval *val)
{
pdo_dblib_db_handle *H = (pdo_dblib_db_handle *)dbh->driver_data;
switch(attr) {
case PDO_ATTR_DEFAULT_STR_PARAM:
H->assume_national_character_set_strings = zval_get_long(val) == PDO_PARAM_STR_NATL ? 1 : 0;
return 1;
case PDO_ATTR_TIMEOUT:
case PDO_DBLIB_ATTR_QUERY_TIMEOUT:
return SUCCEED == dbsettime(zval_get_long(val)) ? 1 : 0;
case PDO_DBLIB_ATTR_STRINGIFY_UNIQUEIDENTIFIER:
H->stringify_uniqueidentifier = zval_get_long(val);
return 1;
case PDO_DBLIB_ATTR_SKIP_EMPTY_ROWSETS:
H->skip_empty_rowsets = zval_is_true(val);
return 1;
default:
return 0;
}
}
SSL *SSL_new_from_context(SSL_CTX *ctx, stream *stream) /* {{{ */
{
zval **val = NULL;
char *cafile = NULL;
char *capath = NULL;
char *certfile = NULL;
char *cipherlist = NULL;
int ok = 1;
ERR_clear_error();
/* look at context options in the stream and set appropriate verification flags */
if (GET_VER_OPT("verify_peer") && zval_is_true(*val)) {
/* turn on verification callback */
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);
/* CA stuff */
GET_VER_OPT_STRING("cafile", cafile);
GET_VER_OPT_STRING("capath", capath);
if (cafile || capath) {
if (!SSL_CTX_load_verify_locations(ctx, cafile, capath)) {
error_docref(NULL, E_WARNING, "Unable to set verify locations `%s' `%s'", cafile, capath);
return NULL;
}
}
if (GET_VER_OPT("verify_depth")) {
convert_to_long_ex(val);
SSL_CTX_set_verify_depth(ctx, Z_LVAL_PP(val));
}
} else {
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
}
/* callback for the passphrase (for localcert) */
if (GET_VER_OPT("passphrase")) {
SSL_CTX_set_default_passwd_cb_userdata(ctx, stream);
SSL_CTX_set_default_passwd_cb(ctx, passwd_callback);
}
GET_VER_OPT_STRING("ciphers", cipherlist);
if (!cipherlist) {
cipherlist = "DEFAULT";
}
if (SSL_CTX_set_cipher_list(ctx, cipherlist) != 1) {
return NULL;
}
GET_VER_OPT_STRING("local_cert", certfile);
if (certfile) {
X509 *cert = NULL;
EVP_PKEY *key = NULL;
SSL *tmpssl;
char resolved_path_buff[MAXPATHLEN];
const char * private_key = NULL;
if (VCWD_REALPATH(certfile, resolved_path_buff)) {
/* a certificate to use for authentication */
if (SSL_CTX_use_certificate_chain_file(ctx, resolved_path_buff) != 1) {
error_docref(NULL, E_WARNING, "Unable to set local cert chain file `%s'; Check that your cafile/capath settings include details of your certificate and its issuer", certfile);
return NULL;
}
GET_VER_OPT_STRING("local_pk", private_key);
if (private_key) {
char resolved_path_buff_pk[MAXPATHLEN];
if (VCWD_REALPATH(private_key, resolved_path_buff_pk)) {
if (SSL_CTX_use_PrivateKey_file(ctx, resolved_path_buff_pk, SSL_FILETYPE_PEM) != 1) {
error_docref(NULL, E_WARNING, "Unable to set private key file `%s'", resolved_path_buff_pk);
return NULL;
}
}
} else {
if (SSL_CTX_use_PrivateKey_file(ctx, resolved_path_buff, SSL_FILETYPE_PEM) != 1) {
error_docref(NULL, E_WARNING, "Unable to set private key file `%s'", resolved_path_buff);
return NULL;
}
}
tmpssl = SSL_new(ctx);
cert = SSL_get_certificate(tmpssl);
if (cert) {
key = X509_get_pubkey(cert);
EVP_PKEY_copy_parameters(key, SSL_get_privatekey(tmpssl));
EVP_PKEY_free(key);
}
SSL_free(tmpssl);
if (!SSL_CTX_check_private_key(ctx)) {
error_docref(NULL, E_WARNING, "Private key does not match certificate!");
}
}
}
if (ok) {
SSL *ssl = SSL_new(ctx);
if (ssl) {
/* map SSL => stream */
SSL_set_ex_data(ssl, ssl_stream_data_index, stream);
}
return ssl;
}
return NULL;
}
int openssl_apply_verification_policy(SSL *ssl, X509 *peer, stream *stream) /* {{{ */
{
zval **val = NULL;
char *cnmatch = NULL;
X509_NAME *name;
char buf[1024];
int err;
/* verification is turned off */
if (!(GET_VER_OPT("verify_peer") && zval_is_true(*val))) {
return 0;
}
if (peer == NULL) {
error_docref(NULL, E_WARNING, "Could not get peer certificate");
return -1;
}
err = SSL_get_verify_result(ssl);
switch (err) {
case X509_V_OK:
/* fine */
break;
case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
if (GET_VER_OPT("allow_self_signed") && zval_is_true(*val)) {
/* allowed */
break;
}
/* not allowed, so fall through */
default:
error_docref(NULL, E_WARNING, "Could not verify peer: code:%d %s", err, X509_verify_cert_error_string(err));
return -1;
}
/* if the cert passed the usual checks, apply our own local policies now */
name = X509_get_subject_name(peer);
/* Does the common name match ? (used primarily for https://) */
GET_VER_OPT_STRING("CN_match", cnmatch);
if (cnmatch) {
int match = 0;
int name_len = X509_NAME_get_text_by_NID(name, NID_commonName, buf, sizeof(buf));
if (name_len == -1) {
error_docref(NULL, E_WARNING, "Unable to locate peer certificate CN");
return -1;
} else if (name_len != strlen(buf)) {
error_docref(NULL, E_WARNING, "Peer certificate CN=`%.*s' is malformed", name_len, buf);
return -1;
}
match = strcmp(cnmatch, buf) == 0;
if (!match && strlen(buf) > 3 && buf[0] == '*' && buf[1] == '.') {
/* Try wildcard */
if (strchr(buf+2, '.')) {
char *tmp = strstr(cnmatch, buf+1);
match = tmp && strcmp(tmp, buf+2) && tmp == strchr(cnmatch, '.');
}
}
if (!match) {
/* didn't match */
error_docref(NULL, E_WARNING, "Peer certificate CN=`%.*s' did not match expected CN=`%s'", name_len, buf, cnmatch);
return -1;
}
}
return 0;
}
static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) /* {{{ */
{
void *stream;
SSL *ssl;
X509 *err_cert;
int err, depth, ret;
ret = preverify_ok;
/* determine the status for the current cert */
err_cert = X509_STORE_CTX_get_current_cert(ctx);
err = X509_STORE_CTX_get_error(ctx);
depth = X509_STORE_CTX_get_error_depth(ctx);
/* conjure the stream & context to use */
ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
stream = SSL_get_ex_data(ssl, ssl_stream_data_index);
/* if allow_self_signed is set, make sure that verification succeeds */
if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT && GET_VER_OPT("allow_self_signed") && zval_is_true(*val)) {
ret = 1;
}
/* check the depth */
if (GET_VER_OPT("verify_depth")) {
convert_to_long_ex(val);
if (depth > Z_LVAL_PP(val)) {
ret = 0;
X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_CHAIN_TOO_LONG);
}
}
return ret;
}
