1 /*
2 +----------------------------------------------------------------------+
3 | PHP Version 7 |
4 +----------------------------------------------------------------------+
5 | Copyright (c) 1997-2018 The PHP Group |
6 +----------------------------------------------------------------------+
7 | This source file is subject to version 3.01 of the PHP license, |
8 | that is bundled with this package in the file LICENSE, and is |
9 | available through the world-wide-web at the following url: |
10 | http://www.php.net/license/3_01.txt |
11 | If you did not receive a copy of the PHP license and are unable to |
12 | obtain it through the world-wide-web, please send a note to |
13 | license@php.net so we can mail you a copy immediately. |
14 +----------------------------------------------------------------------+
15 | Authors: Rasmus Lerdorf <rasmus@php.net> |
16 | Jim Winstead <jimw@php.net> |
17 | Hartmut Holzgraefe <hholzgra@php.net> |
18 | Wez Furlong <wez@thebrainroom.com> |
19 | Sara Golemon <pollita@php.net> |
20 +----------------------------------------------------------------------+
21 */
22
23 #include "php.h"
24 #include "php_globals.h"
25 #include "php_streams.h"
26 #include "php_network.h"
27 #include "php_ini.h"
28 #include "ext/standard/basic_functions.h"
29 #include "zend_smart_str.h"
30
31 #include <stdio.h>
32 #include <stdlib.h>
33 #include <errno.h>
34 #include <sys/types.h>
35 #include <sys/stat.h>
36 #include <fcntl.h>
37
38 #ifdef PHP_WIN32
39 #define O_RDONLY _O_RDONLY
40 #include "win32/param.h"
41 #else
42 #include <sys/param.h>
43 #endif
44
45 #include "php_standard.h"
46
47 #include <sys/types.h>
48 #if HAVE_SYS_SOCKET_H
49 #include <sys/socket.h>
50 #endif
51
52 #ifdef PHP_WIN32
53 #include <winsock2.h>
54 #else
55 #include <netinet/in.h>
56 #include <netdb.h>
57 #if HAVE_ARPA_INET_H
58 #include <arpa/inet.h>
59 #endif
60 #endif
61
62 #if defined(PHP_WIN32) || defined(__riscos__)
63 #undef AF_UNIX
64 #endif
65
66 #if defined(AF_UNIX)
67 #include <sys/un.h>
68 #endif
69
70 #include "php_fopen_wrappers.h"
71
72 #define HTTP_HEADER_BLOCK_SIZE 1024
73 #define PHP_URL_REDIRECT_MAX 20
74 #define HTTP_HEADER_USER_AGENT 1
75 #define HTTP_HEADER_HOST 2
76 #define HTTP_HEADER_AUTH 4
77 #define HTTP_HEADER_FROM 8
78 #define HTTP_HEADER_CONTENT_LENGTH 16
79 #define HTTP_HEADER_TYPE 32
80 #define HTTP_HEADER_CONNECTION 64
81
82 #define HTTP_WRAPPER_HEADER_INIT 1
83 #define HTTP_WRAPPER_REDIRECTED 2
84
strip_header(char * header_bag,char * lc_header_bag,const char * lc_header_name)85 static inline void strip_header(char *header_bag, char *lc_header_bag,
86 const char *lc_header_name)
87 {
88 char *lc_header_start = strstr(lc_header_bag, lc_header_name);
89 char *header_start = header_bag + (lc_header_start - lc_header_bag);
90
91 if (lc_header_start
92 && (lc_header_start == lc_header_bag || *(lc_header_start-1) == '\n')
93 ) {
94 char *lc_eol = strchr(lc_header_start, '\n');
95 char *eol = header_start + (lc_eol - lc_header_start);
96
97 if (lc_eol) {
98 size_t eollen = strlen(lc_eol);
99
100 memmove(lc_header_start, lc_eol+1, eollen);
101 memmove(header_start, eol+1, eollen);
102 } else {
103 *lc_header_start = '\0';
104 *header_start = '\0';
105 }
106 }
107 }
108
check_has_header(const char * headers,const char * header)109 static zend_bool check_has_header(const char *headers, const char *header) {
110 const char *s = headers;
111 while ((s = strstr(s, header))) {
112 if (s == headers || *(s-1) == '\n') {
113 return 1;
114 }
115 s++;
116 }
117 return 0;
118 }
119
php_stream_url_wrap_http_ex(php_stream_wrapper * wrapper,const char * path,const char * mode,int options,zend_string ** opened_path,php_stream_context * context,int redirect_max,int flags,zval * response_header STREAMS_DC)120 static php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper,
121 const char *path, const char *mode, int options, zend_string **opened_path,
122 php_stream_context *context, int redirect_max, int flags,
123 zval *response_header STREAMS_DC) /* {{{ */
124 {
125 php_stream *stream = NULL;
126 php_url *resource = NULL;
127 int use_ssl;
128 int use_proxy = 0;
129 zend_string *tmp = NULL;
130 char *ua_str = NULL;
131 zval *ua_zval = NULL, *tmpzval = NULL, ssl_proxy_peer_name;
132 char location[HTTP_HEADER_BLOCK_SIZE];
133 int reqok = 0;
134 char *http_header_line = NULL;
135 char tmp_line[128];
136 size_t chunk_size = 0, file_size = 0;
137 int eol_detect = 0;
138 char *transport_string;
139 zend_string *errstr = NULL;
140 size_t transport_len;
141 int have_header = 0;
142 zend_bool request_fulluri = 0, ignore_errors = 0;
143 struct timeval timeout;
144 char *user_headers = NULL;
145 int header_init = ((flags & HTTP_WRAPPER_HEADER_INIT) != 0);
146 int redirected = ((flags & HTTP_WRAPPER_REDIRECTED) != 0);
147 zend_bool follow_location = 1;
148 php_stream_filter *transfer_encoding = NULL;
149 int response_code;
150 smart_str req_buf = {0};
151 zend_bool custom_request_method;
152
153 tmp_line[0] = '\0';
154
155 if (redirect_max < 1) {
156 php_stream_wrapper_log_error(wrapper, options, "Redirection limit reached, aborting");
157 return NULL;
158 }
159
160 resource = php_url_parse(path);
161 if (resource == NULL) {
162 return NULL;
163 }
164
165 if (!zend_string_equals_literal_ci(resource->scheme, "http") &&
166 !zend_string_equals_literal_ci(resource->scheme, "https")) {
167 if (!context ||
168 (tmpzval = php_stream_context_get_option(context, wrapper->wops->label, "proxy")) == NULL ||
169 Z_TYPE_P(tmpzval) != IS_STRING ||
170 Z_STRLEN_P(tmpzval) == 0) {
171 php_url_free(resource);
172 return php_stream_open_wrapper_ex(path, mode, REPORT_ERRORS, NULL, context);
173 }
174 /* Called from a non-http wrapper with http proxying requested (i.e. ftp) */
175 request_fulluri = 1;
176 use_ssl = 0;
177 use_proxy = 1;
178
179 transport_len = Z_STRLEN_P(tmpzval);
180 transport_string = estrndup(Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval));
181 } else {
182 /* Normal http request (possibly with proxy) */
183
184 if (strpbrk(mode, "awx+")) {
185 php_stream_wrapper_log_error(wrapper, options, "HTTP wrapper does not support writeable connections");
186 php_url_free(resource);
187 return NULL;
188 }
189
190 use_ssl = resource->scheme && (ZSTR_LEN(resource->scheme) > 4) && ZSTR_VAL(resource->scheme)[4] == 's';
191 /* choose default ports */
192 if (use_ssl && resource->port == 0)
193 resource->port = 443;
194 else if (resource->port == 0)
195 resource->port = 80;
196
197 if (context &&
198 (tmpzval = php_stream_context_get_option(context, wrapper->wops->label, "proxy")) != NULL &&
199 Z_TYPE_P(tmpzval) == IS_STRING &&
200 Z_STRLEN_P(tmpzval) > 0) {
201 use_proxy = 1;
202 transport_len = Z_STRLEN_P(tmpzval);
203 transport_string = estrndup(Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval));
204 } else {
205 transport_len = spprintf(&transport_string, 0, "%s://%s:%d", use_ssl ? "ssl" : "tcp", ZSTR_VAL(resource->host), resource->port);
206 }
207 }
208
209 if (context && (tmpzval = php_stream_context_get_option(context, wrapper->wops->label, "timeout")) != NULL) {
210 double d = zval_get_double(tmpzval);
211 #ifndef PHP_WIN32
212 timeout.tv_sec = (time_t) d;
213 timeout.tv_usec = (size_t) ((d - timeout.tv_sec) * 1000000);
214 #else
215 timeout.tv_sec = (long) d;
216 timeout.tv_usec = (long) ((d - timeout.tv_sec) * 1000000);
217 #endif
218 } else {
219 #ifndef PHP_WIN32
220 timeout.tv_sec = FG(default_socket_timeout);
221 #else
222 timeout.tv_sec = (long)FG(default_socket_timeout);
223 #endif
224 timeout.tv_usec = 0;
225 }
226
227 stream = php_stream_xport_create(transport_string, transport_len, options,
228 STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT,
229 NULL, &timeout, context, &errstr, NULL);
230
231 if (stream) {
232 php_stream_set_option(stream, PHP_STREAM_OPTION_READ_TIMEOUT, 0, &timeout);
233 }
234
235 if (errstr) {
236 php_stream_wrapper_log_error(wrapper, options, "%s", ZSTR_VAL(errstr));
237 zend_string_release_ex(errstr, 0);
238 errstr = NULL;
239 }
240
241 efree(transport_string);
242
243 if (stream && use_proxy && use_ssl) {
244 smart_str header = {0};
245
246 /* Set peer_name or name verification will try to use the proxy server name */
247 if (!context || (tmpzval = php_stream_context_get_option(context, "ssl", "peer_name")) == NULL) {
248 ZVAL_STR_COPY(&ssl_proxy_peer_name, resource->host);
249 php_stream_context_set_option(PHP_STREAM_CONTEXT(stream), "ssl", "peer_name", &ssl_proxy_peer_name);
250 zval_ptr_dtor(&ssl_proxy_peer_name);
251 }
252
253 smart_str_appendl(&header, "CONNECT ", sizeof("CONNECT ")-1);
254 smart_str_appends(&header, ZSTR_VAL(resource->host));
255 smart_str_appendc(&header, ':');
256 smart_str_append_unsigned(&header, resource->port);
257 smart_str_appendl(&header, " HTTP/1.0\r\n", sizeof(" HTTP/1.0\r\n")-1);
258
259 /* check if we have Proxy-Authorization header */
260 if (context && (tmpzval = php_stream_context_get_option(context, "http", "header")) != NULL) {
261 char *s, *p;
262
263 if (Z_TYPE_P(tmpzval) == IS_ARRAY) {
264 zval *tmpheader = NULL;
265
266 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(tmpzval), tmpheader) {
267 if (Z_TYPE_P(tmpheader) == IS_STRING) {
268 s = Z_STRVAL_P(tmpheader);
269 do {
270 while (*s == ' ' || *s == '\t') s++;
271 p = s;
272 while (*p != 0 && *p != ':' && *p != '\r' && *p !='\n') p++;
273 if (*p == ':') {
274 p++;
275 if (p - s == sizeof("Proxy-Authorization:") - 1 &&
276 zend_binary_strcasecmp(s, sizeof("Proxy-Authorization:") - 1,
277 "Proxy-Authorization:", sizeof("Proxy-Authorization:") - 1) == 0) {
278 while (*p != 0 && *p != '\r' && *p !='\n') p++;
279 smart_str_appendl(&header, s, p - s);
280 smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
281 goto finish;
282 } else {
283 while (*p != 0 && *p != '\r' && *p !='\n') p++;
284 }
285 }
286 s = p;
287 while (*s == '\r' || *s == '\n') s++;
288 } while (*s != 0);
289 }
290 } ZEND_HASH_FOREACH_END();
291 } else if (Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval)) {
292 s = Z_STRVAL_P(tmpzval);
293 do {
294 while (*s == ' ' || *s == '\t') s++;
295 p = s;
296 while (*p != 0 && *p != ':' && *p != '\r' && *p !='\n') p++;
297 if (*p == ':') {
298 p++;
299 if (p - s == sizeof("Proxy-Authorization:") - 1 &&
300 zend_binary_strcasecmp(s, sizeof("Proxy-Authorization:") - 1,
301 "Proxy-Authorization:", sizeof("Proxy-Authorization:") - 1) == 0) {
302 while (*p != 0 && *p != '\r' && *p !='\n') p++;
303 smart_str_appendl(&header, s, p - s);
304 smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
305 goto finish;
306 } else {
307 while (*p != 0 && *p != '\r' && *p !='\n') p++;
308 }
309 }
310 s = p;
311 while (*s == '\r' || *s == '\n') s++;
312 } while (*s != 0);
313 }
314 }
315 finish:
316 smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
317
318 if (php_stream_write(stream, ZSTR_VAL(header.s), ZSTR_LEN(header.s)) != ZSTR_LEN(header.s)) {
319 php_stream_wrapper_log_error(wrapper, options, "Cannot connect to HTTPS server through proxy");
320 php_stream_close(stream);
321 stream = NULL;
322 }
323 smart_str_free(&header);
324
325 if (stream) {
326 char header_line[HTTP_HEADER_BLOCK_SIZE];
327
328 /* get response header */
329 while (php_stream_gets(stream, header_line, HTTP_HEADER_BLOCK_SIZE-1) != NULL) {
330 if (header_line[0] == '\n' ||
331 header_line[0] == '\r' ||
332 header_line[0] == '\0') {
333 break;
334 }
335 }
336 }
337
338 /* enable SSL transport layer */
339 if (stream) {
340 if (php_stream_xport_crypto_setup(stream, STREAM_CRYPTO_METHOD_SSLv23_CLIENT, NULL) < 0 ||
341 php_stream_xport_crypto_enable(stream, 1) < 0) {
342 php_stream_wrapper_log_error(wrapper, options, "Cannot connect to HTTPS server through proxy");
343 php_stream_close(stream);
344 stream = NULL;
345 }
346 }
347 }
348
349 if (stream == NULL)
350 goto out;
351
352 /* avoid buffering issues while reading header */
353 if (options & STREAM_WILL_CAST)
354 chunk_size = php_stream_set_chunk_size(stream, 1);
355
356 /* avoid problems with auto-detecting when reading the headers -> the headers
357 * are always in canonical \r\n format */
358 eol_detect = stream->flags & (PHP_STREAM_FLAG_DETECT_EOL | PHP_STREAM_FLAG_EOL_MAC);
359 stream->flags &= ~(PHP_STREAM_FLAG_DETECT_EOL | PHP_STREAM_FLAG_EOL_MAC);
360
361 php_stream_context_set(stream, context);
362
363 php_stream_notify_info(context, PHP_STREAM_NOTIFY_CONNECT, NULL, 0);
364
365 if (header_init && context && (tmpzval = php_stream_context_get_option(context, "http", "max_redirects")) != NULL) {
366 redirect_max = (int)zval_get_long(tmpzval);
367 }
368
369 custom_request_method = 0;
370 if (context && (tmpzval = php_stream_context_get_option(context, "http", "method")) != NULL) {
371 if (Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval) > 0) {
372 /* As per the RFC, automatically redirected requests MUST NOT use other methods than
373 * GET and HEAD unless it can be confirmed by the user */
374 if (!redirected
375 || (Z_STRLEN_P(tmpzval) == 3 && memcmp("GET", Z_STRVAL_P(tmpzval), 3) == 0)
376 || (Z_STRLEN_P(tmpzval) == 4 && memcmp("HEAD",Z_STRVAL_P(tmpzval), 4) == 0)
377 ) {
378 custom_request_method = 1;
379 smart_str_append(&req_buf, Z_STR_P(tmpzval));
380 smart_str_appendc(&req_buf, ' ');
381 }
382 }
383 }
384
385 if (!custom_request_method) {
386 smart_str_appends(&req_buf, "GET ");
387 }
388
389 /* Should we send the entire path in the request line, default to no. */
390 if (!request_fulluri && context &&
391 (tmpzval = php_stream_context_get_option(context, "http", "request_fulluri")) != NULL) {
392 request_fulluri = zend_is_true(tmpzval);
393 }
394
395 if (request_fulluri) {
396 /* Ask for everything */
397 smart_str_appends(&req_buf, path);
398 } else {
399 /* Send the traditional /path/to/file?query_string */
400
401 /* file */
402 if (resource->path && ZSTR_LEN(resource->path)) {
403 smart_str_appends(&req_buf, ZSTR_VAL(resource->path));
404 } else {
405 smart_str_appendc(&req_buf, '/');
406 }
407
408 /* query string */
409 if (resource->query) {
410 smart_str_appendc(&req_buf, '?');
411 smart_str_appends(&req_buf, ZSTR_VAL(resource->query));
412 }
413 }
414
415 /* protocol version we are speaking */
416 if (context && (tmpzval = php_stream_context_get_option(context, "http", "protocol_version")) != NULL) {
417 char *protocol_version;
418 spprintf(&protocol_version, 0, "%.1F", zval_get_double(tmpzval));
419
420 smart_str_appends(&req_buf, " HTTP/");
421 smart_str_appends(&req_buf, protocol_version);
422 smart_str_appends(&req_buf, "\r\n");
423 efree(protocol_version);
424 } else {
425 smart_str_appends(&req_buf, " HTTP/1.0\r\n");
426 }
427
428 if (context && (tmpzval = php_stream_context_get_option(context, "http", "header")) != NULL) {
429 tmp = NULL;
430
431 if (Z_TYPE_P(tmpzval) == IS_ARRAY) {
432 zval *tmpheader = NULL;
433 smart_str tmpstr = {0};
434
435 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(tmpzval), tmpheader) {
436 if (Z_TYPE_P(tmpheader) == IS_STRING) {
437 smart_str_append(&tmpstr, Z_STR_P(tmpheader));
438 smart_str_appendl(&tmpstr, "\r\n", sizeof("\r\n") - 1);
439 }
440 } ZEND_HASH_FOREACH_END();
441 smart_str_0(&tmpstr);
442 /* Remove newlines and spaces from start and end. there's at least one extra \r\n at the end that needs to go. */
443 if (tmpstr.s) {
444 tmp = php_trim(tmpstr.s, NULL, 0, 3);
445 smart_str_free(&tmpstr);
446 }
447 } else if (Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval)) {
448 /* Remove newlines and spaces from start and end php_trim will estrndup() */
449 tmp = php_trim(Z_STR_P(tmpzval), NULL, 0, 3);
450 }
451 if (tmp && ZSTR_LEN(tmp)) {
452 char *s;
453 char *t;
454
455 user_headers = estrndup(ZSTR_VAL(tmp), ZSTR_LEN(tmp));
456
457 if (ZSTR_IS_INTERNED(tmp)) {
458 tmp = zend_string_init(ZSTR_VAL(tmp), ZSTR_LEN(tmp), 0);
459 } else if (GC_REFCOUNT(tmp) > 1) {
460 GC_DELREF(tmp);
461 tmp = zend_string_init(ZSTR_VAL(tmp), ZSTR_LEN(tmp), 0);
462 }
463
464 /* Make lowercase for easy comparison against 'standard' headers */
465 php_strtolower(ZSTR_VAL(tmp), ZSTR_LEN(tmp));
466 t = ZSTR_VAL(tmp);
467
468 if (!header_init) {
469 /* strip POST headers on redirect */
470 strip_header(user_headers, t, "content-length:");
471 strip_header(user_headers, t, "content-type:");
472 }
473
474 if (check_has_header(t, "user-agent:")) {
475 have_header |= HTTP_HEADER_USER_AGENT;
476 }
477 if (check_has_header(t, "host:")) {
478 have_header |= HTTP_HEADER_HOST;
479 }
480 if (check_has_header(t, "from:")) {
481 have_header |= HTTP_HEADER_FROM;
482 }
483 if (check_has_header(t, "authorization:")) {
484 have_header |= HTTP_HEADER_AUTH;
485 }
486 if (check_has_header(t, "content-length:")) {
487 have_header |= HTTP_HEADER_CONTENT_LENGTH;
488 }
489 if (check_has_header(t, "content-type:")) {
490 have_header |= HTTP_HEADER_TYPE;
491 }
492 if (check_has_header(t, "connection:")) {
493 have_header |= HTTP_HEADER_CONNECTION;
494 }
495
496 /* remove Proxy-Authorization header */
497 if (use_proxy && use_ssl && (s = strstr(t, "proxy-authorization:")) &&
498 (s == t || *(s-1) == '\n')) {
499 char *p = s + sizeof("proxy-authorization:") - 1;
500
501 while (s > t && (*(s-1) == ' ' || *(s-1) == '\t')) s--;
502 while (*p != 0 && *p != '\r' && *p != '\n') p++;
503 while (*p == '\r' || *p == '\n') p++;
504 if (*p == 0) {
505 if (s == t) {
506 efree(user_headers);
507 user_headers = NULL;
508 } else {
509 while (s > t && (*(s-1) == '\r' || *(s-1) == '\n')) s--;
510 user_headers[s - t] = 0;
511 }
512 } else {
513 memmove(user_headers + (s - t), user_headers + (p - t), strlen(p) + 1);
514 }
515 }
516
517 }
518 if (tmp) {
519 zend_string_release_ex(tmp, 0);
520 }
521 }
522
523 /* auth header if it was specified */
524 if (((have_header & HTTP_HEADER_AUTH) == 0) && resource->user) {
525 /* make scratch large enough to hold the whole URL (over-estimate) */
526 size_t scratch_len = strlen(path) + 1;
527 char *scratch = emalloc(scratch_len);
528 zend_string *stmp;
529
530 /* decode the strings first */
531 php_url_decode(ZSTR_VAL(resource->user), ZSTR_LEN(resource->user));
532
533 strcpy(scratch, ZSTR_VAL(resource->user));
534 strcat(scratch, ":");
535
536 /* Note: password is optional! */
537 if (resource->pass) {
538 php_url_decode(ZSTR_VAL(resource->pass), ZSTR_LEN(resource->pass));
539 strcat(scratch, ZSTR_VAL(resource->pass));
540 }
541
542 stmp = php_base64_encode((unsigned char*)scratch, strlen(scratch));
543
544 smart_str_appends(&req_buf, "Authorization: Basic ");
545 smart_str_appends(&req_buf, ZSTR_VAL(stmp));
546 smart_str_appends(&req_buf, "\r\n");
547
548 php_stream_notify_info(context, PHP_STREAM_NOTIFY_AUTH_REQUIRED, NULL, 0);
549
550 zend_string_free(stmp);
551 efree(scratch);
552 }
553
554 /* if the user has configured who they are, send a From: line */
555 if (!(have_header & HTTP_HEADER_FROM) && FG(from_address)) {
556 smart_str_appends(&req_buf, "From: ");
557 smart_str_appends(&req_buf, FG(from_address));
558 smart_str_appends(&req_buf, "\r\n");
559 }
560
561 /* Send Host: header so name-based virtual hosts work */
562 if ((have_header & HTTP_HEADER_HOST) == 0) {
563 smart_str_appends(&req_buf, "Host: ");
564 smart_str_appends(&req_buf, ZSTR_VAL(resource->host));
565 if ((use_ssl && resource->port != 443 && resource->port != 0) ||
566 (!use_ssl && resource->port != 80 && resource->port != 0)) {
567 smart_str_appendc(&req_buf, ':');
568 smart_str_append_unsigned(&req_buf, resource->port);
569 }
570 smart_str_appends(&req_buf, "\r\n");
571 }
572
573 /* Send a Connection: close header to avoid hanging when the server
574 * interprets the RFC literally and establishes a keep-alive connection,
575 * unless the user specifically requests something else by specifying a
576 * Connection header in the context options. Send that header even for
577 * HTTP/1.0 to avoid issues when the server respond with a HTTP/1.1
578 * keep-alive response, which is the preferred response type. */
579 if ((have_header & HTTP_HEADER_CONNECTION) == 0) {
580 smart_str_appends(&req_buf, "Connection: close\r\n");
581 }
582
583 if (context &&
584 (ua_zval = php_stream_context_get_option(context, "http", "user_agent")) != NULL &&
585 Z_TYPE_P(ua_zval) == IS_STRING) {
586 ua_str = Z_STRVAL_P(ua_zval);
587 } else if (FG(user_agent)) {
588 ua_str = FG(user_agent);
589 }
590
591 if (((have_header & HTTP_HEADER_USER_AGENT) == 0) && ua_str) {
592 #define _UA_HEADER "User-Agent: %s\r\n"
593 char *ua;
594 size_t ua_len;
595
596 ua_len = sizeof(_UA_HEADER) + strlen(ua_str);
597
598 /* ensure the header is only sent if user_agent is not blank */
599 if (ua_len > sizeof(_UA_HEADER)) {
600 ua = emalloc(ua_len + 1);
601 if ((ua_len = slprintf(ua, ua_len, _UA_HEADER, ua_str)) > 0) {
602 ua[ua_len] = 0;
603 smart_str_appendl(&req_buf, ua, ua_len);
604 } else {
605 php_error_docref(NULL, E_WARNING, "Cannot construct User-agent header");
606 }
607 efree(ua);
608 }
609 }
610
611 if (user_headers) {
612 /* A bit weird, but some servers require that Content-Length be sent prior to Content-Type for POST
613 * see bug #44603 for details. Since Content-Type maybe part of user's headers we need to do this check first.
614 */
615 if (
616 header_init &&
617 context &&
618 !(have_header & HTTP_HEADER_CONTENT_LENGTH) &&
619 (tmpzval = php_stream_context_get_option(context, "http", "content")) != NULL &&
620 Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval) > 0
621 ) {
622 smart_str_appends(&req_buf, "Content-Length: ");
623 smart_str_append_unsigned(&req_buf, Z_STRLEN_P(tmpzval));
624 smart_str_appends(&req_buf, "\r\n");
625 have_header |= HTTP_HEADER_CONTENT_LENGTH;
626 }
627
628 smart_str_appends(&req_buf, user_headers);
629 smart_str_appends(&req_buf, "\r\n");
630 efree(user_headers);
631 }
632
633 /* Request content, such as for POST requests */
634 if (header_init && context &&
635 (tmpzval = php_stream_context_get_option(context, "http", "content")) != NULL &&
636 Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval) > 0) {
637 if (!(have_header & HTTP_HEADER_CONTENT_LENGTH)) {
638 smart_str_appends(&req_buf, "Content-Length: ");
639 smart_str_append_unsigned(&req_buf, Z_STRLEN_P(tmpzval));
640 smart_str_appends(&req_buf, "\r\n");
641 }
642 if (!(have_header & HTTP_HEADER_TYPE)) {
643 smart_str_appends(&req_buf, "Content-Type: application/x-www-form-urlencoded\r\n");
644 php_error_docref(NULL, E_NOTICE, "Content-type not specified assuming application/x-www-form-urlencoded");
645 }
646 smart_str_appends(&req_buf, "\r\n");
647 smart_str_appendl(&req_buf, Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval));
648 } else {
649 smart_str_appends(&req_buf, "\r\n");
650 }
651
652 /* send it */
653 php_stream_write(stream, ZSTR_VAL(req_buf.s), ZSTR_LEN(req_buf.s));
654
655 location[0] = '\0';
656
657 if (Z_ISUNDEF_P(response_header)) {
658 array_init(response_header);
659 }
660
661 if (!php_stream_eof(stream)) {
662 size_t tmp_line_len;
663 /* get response header */
664
665 if (php_stream_get_line(stream, tmp_line, sizeof(tmp_line) - 1, &tmp_line_len) != NULL) {
666 zval http_response;
667
668 if (tmp_line_len > 9) {
669 response_code = atoi(tmp_line + 9);
670 } else {
671 response_code = 0;
672 }
673 if (context && NULL != (tmpzval = php_stream_context_get_option(context, "http", "ignore_errors"))) {
674 ignore_errors = zend_is_true(tmpzval);
675 }
676 /* when we request only the header, don't fail even on error codes */
677 if ((options & STREAM_ONLY_GET_HEADERS) || ignore_errors) {
678 reqok = 1;
679 }
680
681 /* status codes of 1xx are "informational", and will be followed by a real response
682 * e.g "100 Continue". RFC 7231 states that unexpected 1xx status MUST be parsed,
683 * and MAY be ignored. As such, we need to skip ahead to the "real" status*/
684 if (response_code >= 100 && response_code < 200) {
685 /* consume lines until we find a line starting 'HTTP/1' */
686 while (
687 !php_stream_eof(stream)
688 && php_stream_get_line(stream, tmp_line, sizeof(tmp_line) - 1, &tmp_line_len) != NULL
689 && ( tmp_line_len < sizeof("HTTP/1") - 1 || strncasecmp(tmp_line, "HTTP/1", sizeof("HTTP/1") - 1) )
690 );
691
692 if (tmp_line_len > 9) {
693 response_code = atoi(tmp_line + 9);
694 } else {
695 response_code = 0;
696 }
697 }
698 /* all status codes in the 2xx range are defined by the specification as successful;
699 * all status codes in the 3xx range are for redirection, and so also should never
700 * fail */
701 if (response_code >= 200 && response_code < 400) {
702 reqok = 1;
703 } else {
704 switch(response_code) {
705 case 403:
706 php_stream_notify_error(context, PHP_STREAM_NOTIFY_AUTH_RESULT,
707 tmp_line, response_code);
708 break;
709 default:
710 /* safety net in the event tmp_line == NULL */
711 if (!tmp_line_len) {
712 tmp_line[0] = '\0';
713 }
714 php_stream_notify_error(context, PHP_STREAM_NOTIFY_FAILURE,
715 tmp_line, response_code);
716 }
717 }
718 if (tmp_line_len >= 1 && tmp_line[tmp_line_len - 1] == '\n') {
719 --tmp_line_len;
720 if (tmp_line_len >= 1 &&tmp_line[tmp_line_len - 1] == '\r') {
721 --tmp_line_len;
722 }
723 }
724 ZVAL_STRINGL(&http_response, tmp_line, tmp_line_len);
725 zend_hash_next_index_insert(Z_ARRVAL_P(response_header), &http_response);
726 } else {
727 php_stream_close(stream);
728 stream = NULL;
729 php_stream_wrapper_log_error(wrapper, options, "HTTP request failed!");
730 goto out;
731 }
732 } else {
733 php_stream_wrapper_log_error(wrapper, options, "HTTP request failed, unexpected end of socket!");
734 goto out;
735 }
736
737 /* read past HTTP headers */
738
739 http_header_line = emalloc(HTTP_HEADER_BLOCK_SIZE);
740
741 while (!php_stream_eof(stream)) {
742 size_t http_header_line_length;
743
744 if (php_stream_get_line(stream, http_header_line, HTTP_HEADER_BLOCK_SIZE, &http_header_line_length) && *http_header_line != '\n' && *http_header_line != '\r') {
745 char *e = http_header_line + http_header_line_length - 1;
746 char *http_header_value;
747 if (*e != '\n') {
748 do { /* partial header */
749 if (php_stream_get_line(stream, http_header_line, HTTP_HEADER_BLOCK_SIZE, &http_header_line_length) == NULL) {
750 php_stream_wrapper_log_error(wrapper, options, "Failed to read HTTP headers");
751 goto out;
752 }
753 e = http_header_line + http_header_line_length - 1;
754 } while (*e != '\n');
755 continue;
756 }
757 while (e >= http_header_line && (*e == '\n' || *e == '\r')) {
758 e--;
759 }
760
761 /* The primary definition of an HTTP header in RFC 7230 states:
762 * > Each header field consists of a case-insensitive field name followed
763 * > by a colon (":"), optional leading whitespace, the field value, and
764 * > optional trailing whitespace. */
765
766 /* Strip trailing whitespace */
767 while (e >= http_header_line && (*e == ' ' || *e == '\t')) {
768 e--;
769 }
770
771 /* Terminate header line */
772 e++;
773 *e = '\0';
774 http_header_line_length = e - http_header_line;
775
776 http_header_value = memchr(http_header_line, ':', http_header_line_length);
777 if (http_header_value) {
778 http_header_value++; /* Skip ':' */
779
780 /* Strip leading whitespace */
781 while (http_header_value < e
782 && (*http_header_value == ' ' || *http_header_value == '\t')) {
783 http_header_value++;
784 }
785 } else {
786 /* There is no colon. Set the value to the end of the header line, which is
787 * effectively an empty string. */
788 http_header_value = e;
789 }
790
791 if (!strncasecmp(http_header_line, "Location:", sizeof("Location:")-1)) {
792 if (context && (tmpzval = php_stream_context_get_option(context, "http", "follow_location")) != NULL) {
793 follow_location = zval_is_true(tmpzval);
794 } else if (!((response_code >= 300 && response_code < 304)
795 || 307 == response_code || 308 == response_code)) {
796 /* we shouldn't redirect automatically
797 if follow_location isn't set and response_code not in (300, 301, 302, 303 and 307)
798 see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.1
799 RFC 7238 defines 308: http://tools.ietf.org/html/rfc7238 */
800 follow_location = 0;
801 }
802 strlcpy(location, http_header_value, sizeof(location));
803 } else if (!strncasecmp(http_header_line, "Content-Type:", sizeof("Content-Type:")-1)) {
804 php_stream_notify_info(context, PHP_STREAM_NOTIFY_MIME_TYPE_IS, http_header_value, 0);
805 } else if (!strncasecmp(http_header_line, "Content-Length:", sizeof("Content-Length:")-1)) {
806 file_size = atoi(http_header_value);
807 php_stream_notify_file_size(context, file_size, http_header_line, 0);
808 } else if (
809 !strncasecmp(http_header_line, "Transfer-Encoding:", sizeof("Transfer-Encoding:")-1)
810 && !strncasecmp(http_header_value, "Chunked", sizeof("Chunked")-1)
811 ) {
812
813 /* create filter to decode response body */
814 if (!(options & STREAM_ONLY_GET_HEADERS)) {
815 zend_long decode = 1;
816
817 if (context && (tmpzval = php_stream_context_get_option(context, "http", "auto_decode")) != NULL) {
818 decode = zend_is_true(tmpzval);
819 }
820 if (decode) {
821 transfer_encoding = php_stream_filter_create("dechunk", NULL, php_stream_is_persistent(stream));
822 if (transfer_encoding) {
823 /* don't store transfer-encodeing header */
824 continue;
825 }
826 }
827 }
828 }
829
830 {
831 zval http_header;
832 ZVAL_STRINGL(&http_header, http_header_line, http_header_line_length);
833 zend_hash_next_index_insert(Z_ARRVAL_P(response_header), &http_header);
834 }
835 } else {
836 break;
837 }
838 }
839
840 if (!reqok || (location[0] != '\0' && follow_location)) {
841 if (!follow_location || (((options & STREAM_ONLY_GET_HEADERS) || ignore_errors) && redirect_max <= 1)) {
842 goto out;
843 }
844
845 if (location[0] != '\0')
846 php_stream_notify_info(context, PHP_STREAM_NOTIFY_REDIRECTED, location, 0);
847
848 php_stream_close(stream);
849 stream = NULL;
850
851 if (location[0] != '\0') {
852
853 char new_path[HTTP_HEADER_BLOCK_SIZE];
854 char loc_path[HTTP_HEADER_BLOCK_SIZE];
855
856 *new_path='\0';
857 if (strlen(location)<8 || (strncasecmp(location, "http://", sizeof("http://")-1) &&
858 strncasecmp(location, "https://", sizeof("https://")-1) &&
859 strncasecmp(location, "ftp://", sizeof("ftp://")-1) &&
860 strncasecmp(location, "ftps://", sizeof("ftps://")-1)))
861 {
862 if (*location != '/') {
863 if (*(location+1) != '\0' && resource->path) {
864 char *s = strrchr(ZSTR_VAL(resource->path), '/');
865 if (!s) {
866 s = ZSTR_VAL(resource->path);
867 if (!ZSTR_LEN(resource->path)) {
868 zend_string_release_ex(resource->path, 0);
869 resource->path = zend_string_init("/", 1, 0);
870 s = ZSTR_VAL(resource->path);
871 } else {
872 *s = '/';
873 }
874 }
875 s[1] = '\0';
876 if (resource->path &&
877 ZSTR_VAL(resource->path)[0] == '/' &&
878 ZSTR_VAL(resource->path)[1] == '\0') {
879 snprintf(loc_path, sizeof(loc_path) - 1, "%s%s", ZSTR_VAL(resource->path), location);
880 } else {
881 snprintf(loc_path, sizeof(loc_path) - 1, "%s/%s", ZSTR_VAL(resource->path), location);
882 }
883 } else {
884 snprintf(loc_path, sizeof(loc_path) - 1, "/%s", location);
885 }
886 } else {
887 strlcpy(loc_path, location, sizeof(loc_path));
888 }
889 if ((use_ssl && resource->port != 443) || (!use_ssl && resource->port != 80)) {
890 snprintf(new_path, sizeof(new_path) - 1, "%s://%s:%d%s", ZSTR_VAL(resource->scheme), ZSTR_VAL(resource->host), resource->port, loc_path);
891 } else {
892 snprintf(new_path, sizeof(new_path) - 1, "%s://%s%s", ZSTR_VAL(resource->scheme), ZSTR_VAL(resource->host), loc_path);
893 }
894 } else {
895 strlcpy(new_path, location, sizeof(new_path));
896 }
897
898 php_url_free(resource);
899 /* check for invalid redirection URLs */
900 if ((resource = php_url_parse(new_path)) == NULL) {
901 php_stream_wrapper_log_error(wrapper, options, "Invalid redirect URL! %s", new_path);
902 goto out;
903 }
904
905 #define CHECK_FOR_CNTRL_CHARS(val) { \
906 if (val) { \
907 unsigned char *s, *e; \
908 ZSTR_LEN(val) = php_url_decode(ZSTR_VAL(val), ZSTR_LEN(val)); \
909 s = (unsigned char*)ZSTR_VAL(val); e = s + ZSTR_LEN(val); \
910 while (s < e) { \
911 if (iscntrl(*s)) { \
912 php_stream_wrapper_log_error(wrapper, options, "Invalid redirect URL! %s", new_path); \
913 goto out; \
914 } \
915 s++; \
916 } \
917 } \
918 }
919 /* check for control characters in login, password & path */
920 if (strncasecmp(new_path, "http://", sizeof("http://") - 1) || strncasecmp(new_path, "https://", sizeof("https://") - 1)) {
921 CHECK_FOR_CNTRL_CHARS(resource->user);
922 CHECK_FOR_CNTRL_CHARS(resource->pass);
923 CHECK_FOR_CNTRL_CHARS(resource->path);
924 }
925 stream = php_stream_url_wrap_http_ex(
926 wrapper, new_path, mode, options, opened_path, context,
927 --redirect_max, HTTP_WRAPPER_REDIRECTED, response_header STREAMS_CC);
928 } else {
929 php_stream_wrapper_log_error(wrapper, options, "HTTP request failed! %s", tmp_line);
930 }
931 }
932 out:
933
934 smart_str_free(&req_buf);
935
936 if (http_header_line) {
937 efree(http_header_line);
938 }
939
940 if (resource) {
941 php_url_free(resource);
942 }
943
944 if (stream) {
945 if (header_init) {
946 ZVAL_COPY(&stream->wrapperdata, response_header);
947 }
948 php_stream_notify_progress_init(context, 0, file_size);
949
950 /* Restore original chunk size now that we're done with headers */
951 if (options & STREAM_WILL_CAST)
952 php_stream_set_chunk_size(stream, (int)chunk_size);
953
954 /* restore the users auto-detect-line-endings setting */
955 stream->flags |= eol_detect;
956
957 /* as far as streams are concerned, we are now at the start of
958 * the stream */
959 stream->position = 0;
960
961 /* restore mode */
962 strlcpy(stream->mode, mode, sizeof(stream->mode));
963
964 if (transfer_encoding) {
965 php_stream_filter_append(&stream->readfilters, transfer_encoding);
966 }
967 } else {
968 if (transfer_encoding) {
969 php_stream_filter_free(transfer_encoding);
970 }
971 }
972
973 return stream;
974 }
975 /* }}} */
976
php_stream_url_wrap_http(php_stream_wrapper * wrapper,const char * path,const char * mode,int options,zend_string ** opened_path,php_stream_context * context STREAMS_DC)977 php_stream *php_stream_url_wrap_http(php_stream_wrapper *wrapper, const char *path, const char *mode, int options, zend_string **opened_path, php_stream_context *context STREAMS_DC) /* {{{ */
978 {
979 php_stream *stream;
980 zval headers;
981 ZVAL_UNDEF(&headers);
982
983 stream = php_stream_url_wrap_http_ex(
984 wrapper, path, mode, options, opened_path, context,
985 PHP_URL_REDIRECT_MAX, HTTP_WRAPPER_HEADER_INIT, &headers STREAMS_CC);
986
987 if (!Z_ISUNDEF(headers)) {
988 if (FAILURE == zend_set_local_var_str(
989 "http_response_header", sizeof("http_response_header")-1, &headers, 1)) {
990 zval_ptr_dtor(&headers);
991 }
992 }
993
994 return stream;
995 }
996 /* }}} */
997
php_stream_http_stream_stat(php_stream_wrapper * wrapper,php_stream * stream,php_stream_statbuf * ssb)998 static int php_stream_http_stream_stat(php_stream_wrapper *wrapper, php_stream *stream, php_stream_statbuf *ssb) /* {{{ */
999 {
1000 /* one day, we could fill in the details based on Date: and Content-Length:
1001 * headers. For now, we return with a failure code to prevent the underlying
1002 * file's details from being used instead. */
1003 return -1;
1004 }
1005 /* }}} */
1006
1007 static const php_stream_wrapper_ops http_stream_wops = {
1008 php_stream_url_wrap_http,
1009 NULL, /* stream_close */
1010 php_stream_http_stream_stat,
1011 NULL, /* stat_url */
1012 NULL, /* opendir */
1013 "http",
1014 NULL, /* unlink */
1015 NULL, /* rename */
1016 NULL, /* mkdir */
1017 NULL, /* rmdir */
1018 NULL
1019 };
1020
1021 PHPAPI const php_stream_wrapper php_stream_http_wrapper = {
1022 &http_stream_wops,
1023 NULL,
1024 1 /* is_url */
1025 };
1026
1027 /*
1028 * Local variables:
1029 * tab-width: 4
1030 * c-basic-offset: 4
1031 * End:
1032 * vim600: sw=4 ts=4 fdm=marker
1033 * vim<600: sw=4 ts=4
1034 */
1035