1 /*
2 +----------------------------------------------------------------------+
3 | Copyright (c) The PHP Group |
4 +----------------------------------------------------------------------+
5 | This source file is subject to version 3.01 of the PHP license, |
6 | that is bundled with this package in the file LICENSE, and is |
7 | available through the world-wide-web at the following url: |
8 | http://www.php.net/license/3_01.txt |
9 | If you did not receive a copy of the PHP license and are unable to |
10 | obtain it through the world-wide-web, please send a note to |
11 | license@php.net so we can mail you a copy immediately. |
12 +----------------------------------------------------------------------+
13 | Authors: Rasmus Lerdorf <rasmus@php.net> |
14 | Jim Winstead <jimw@php.net> |
15 | Hartmut Holzgraefe <hholzgra@php.net> |
16 | Wez Furlong <wez@thebrainroom.com> |
17 | Sara Golemon <pollita@php.net> |
18 +----------------------------------------------------------------------+
19 */
20
21 #include "php.h"
22 #include "php_globals.h"
23 #include "php_streams.h"
24 #include "php_network.h"
25 #include "php_ini.h"
26 #include "ext/standard/basic_functions.h"
27 #include "zend_smart_str.h"
28
29 #include <stdio.h>
30 #include <stdlib.h>
31 #include <errno.h>
32 #include <sys/types.h>
33 #include <sys/stat.h>
34 #include <fcntl.h>
35
36 #ifdef PHP_WIN32
37 #define O_RDONLY _O_RDONLY
38 #include "win32/param.h"
39 #else
40 #include <sys/param.h>
41 #endif
42
43 #include "php_standard.h"
44
45 #include <sys/types.h>
46 #if HAVE_SYS_SOCKET_H
47 #include <sys/socket.h>
48 #endif
49
50 #ifdef PHP_WIN32
51 #include <winsock2.h>
52 #else
53 #include <netinet/in.h>
54 #include <netdb.h>
55 #if HAVE_ARPA_INET_H
56 #include <arpa/inet.h>
57 #endif
58 #endif
59
60 #if defined(PHP_WIN32) || defined(__riscos__)
61 #undef AF_UNIX
62 #endif
63
64 #if defined(AF_UNIX)
65 #include <sys/un.h>
66 #endif
67
68 #include "php_fopen_wrappers.h"
69
70 #define HTTP_HEADER_BLOCK_SIZE 1024
71 #define PHP_URL_REDIRECT_MAX 20
72 #define HTTP_HEADER_USER_AGENT 1
73 #define HTTP_HEADER_HOST 2
74 #define HTTP_HEADER_AUTH 4
75 #define HTTP_HEADER_FROM 8
76 #define HTTP_HEADER_CONTENT_LENGTH 16
77 #define HTTP_HEADER_TYPE 32
78 #define HTTP_HEADER_CONNECTION 64
79
80 #define HTTP_WRAPPER_HEADER_INIT 1
81 #define HTTP_WRAPPER_REDIRECTED 2
82
strip_header(char * header_bag,char * lc_header_bag,const char * lc_header_name)83 static inline void strip_header(char *header_bag, char *lc_header_bag,
84 const char *lc_header_name)
85 {
86 char *lc_header_start = strstr(lc_header_bag, lc_header_name);
87 if (lc_header_start
88 && (lc_header_start == lc_header_bag || *(lc_header_start-1) == '\n')
89 ) {
90 char *header_start = header_bag + (lc_header_start - lc_header_bag);
91 char *lc_eol = strchr(lc_header_start, '\n');
92
93 if (lc_eol) {
94 char *eol = header_start + (lc_eol - lc_header_start);
95 size_t eollen = strlen(lc_eol);
96
97 memmove(lc_header_start, lc_eol+1, eollen);
98 memmove(header_start, eol+1, eollen);
99 } else {
100 *lc_header_start = '\0';
101 *header_start = '\0';
102 }
103 }
104 }
105
check_has_header(const char * headers,const char * header)106 static zend_bool check_has_header(const char *headers, const char *header) {
107 const char *s = headers;
108 while ((s = strstr(s, header))) {
109 if (s == headers || *(s-1) == '\n') {
110 return 1;
111 }
112 s++;
113 }
114 return 0;
115 }
116
php_stream_url_wrap_http_ex(php_stream_wrapper * wrapper,const char * path,const char * mode,int options,zend_string ** opened_path,php_stream_context * context,int redirect_max,int flags,zval * response_header STREAMS_DC)117 static php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper,
118 const char *path, const char *mode, int options, zend_string **opened_path,
119 php_stream_context *context, int redirect_max, int flags,
120 zval *response_header STREAMS_DC) /* {{{ */
121 {
122 php_stream *stream = NULL;
123 php_url *resource = NULL;
124 int use_ssl;
125 int use_proxy = 0;
126 zend_string *tmp = NULL;
127 char *ua_str = NULL;
128 zval *ua_zval = NULL, *tmpzval = NULL, ssl_proxy_peer_name;
129 char location[HTTP_HEADER_BLOCK_SIZE];
130 int reqok = 0;
131 char *http_header_line = NULL;
132 char tmp_line[128];
133 size_t chunk_size = 0, file_size = 0;
134 int eol_detect = 0;
135 char *transport_string;
136 zend_string *errstr = NULL;
137 size_t transport_len;
138 int have_header = 0;
139 zend_bool request_fulluri = 0, ignore_errors = 0;
140 struct timeval timeout;
141 char *user_headers = NULL;
142 int header_init = ((flags & HTTP_WRAPPER_HEADER_INIT) != 0);
143 int redirected = ((flags & HTTP_WRAPPER_REDIRECTED) != 0);
144 zend_bool follow_location = 1;
145 php_stream_filter *transfer_encoding = NULL;
146 int response_code;
147 smart_str req_buf = {0};
148 zend_bool custom_request_method;
149
150 tmp_line[0] = '\0';
151
152 if (redirect_max < 1) {
153 php_stream_wrapper_log_error(wrapper, options, "Redirection limit reached, aborting");
154 return NULL;
155 }
156
157 resource = php_url_parse(path);
158 if (resource == NULL) {
159 return NULL;
160 }
161
162 if (!zend_string_equals_literal_ci(resource->scheme, "http") &&
163 !zend_string_equals_literal_ci(resource->scheme, "https")) {
164 if (!context ||
165 (tmpzval = php_stream_context_get_option(context, wrapper->wops->label, "proxy")) == NULL ||
166 Z_TYPE_P(tmpzval) != IS_STRING ||
167 Z_STRLEN_P(tmpzval) == 0) {
168 php_url_free(resource);
169 return php_stream_open_wrapper_ex(path, mode, REPORT_ERRORS, NULL, context);
170 }
171 /* Called from a non-http wrapper with http proxying requested (i.e. ftp) */
172 request_fulluri = 1;
173 use_ssl = 0;
174 use_proxy = 1;
175
176 transport_len = Z_STRLEN_P(tmpzval);
177 transport_string = estrndup(Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval));
178 } else {
179 /* Normal http request (possibly with proxy) */
180
181 if (strpbrk(mode, "awx+")) {
182 php_stream_wrapper_log_error(wrapper, options, "HTTP wrapper does not support writeable connections");
183 php_url_free(resource);
184 return NULL;
185 }
186
187 use_ssl = resource->scheme && (ZSTR_LEN(resource->scheme) > 4) && ZSTR_VAL(resource->scheme)[4] == 's';
188 /* choose default ports */
189 if (use_ssl && resource->port == 0)
190 resource->port = 443;
191 else if (resource->port == 0)
192 resource->port = 80;
193
194 if (context &&
195 (tmpzval = php_stream_context_get_option(context, wrapper->wops->label, "proxy")) != NULL &&
196 Z_TYPE_P(tmpzval) == IS_STRING &&
197 Z_STRLEN_P(tmpzval) > 0) {
198 use_proxy = 1;
199 transport_len = Z_STRLEN_P(tmpzval);
200 transport_string = estrndup(Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval));
201 } else {
202 transport_len = spprintf(&transport_string, 0, "%s://%s:%d", use_ssl ? "ssl" : "tcp", ZSTR_VAL(resource->host), resource->port);
203 }
204 }
205
206 if (context && (tmpzval = php_stream_context_get_option(context, wrapper->wops->label, "timeout")) != NULL) {
207 double d = zval_get_double(tmpzval);
208 #ifndef PHP_WIN32
209 timeout.tv_sec = (time_t) d;
210 timeout.tv_usec = (size_t) ((d - timeout.tv_sec) * 1000000);
211 #else
212 timeout.tv_sec = (long) d;
213 timeout.tv_usec = (long) ((d - timeout.tv_sec) * 1000000);
214 #endif
215 } else {
216 #ifndef PHP_WIN32
217 timeout.tv_sec = FG(default_socket_timeout);
218 #else
219 timeout.tv_sec = (long)FG(default_socket_timeout);
220 #endif
221 timeout.tv_usec = 0;
222 }
223
224 stream = php_stream_xport_create(transport_string, transport_len, options,
225 STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT,
226 NULL, &timeout, context, &errstr, NULL);
227
228 if (stream) {
229 php_stream_set_option(stream, PHP_STREAM_OPTION_READ_TIMEOUT, 0, &timeout);
230 }
231
232 if (errstr) {
233 php_stream_wrapper_log_error(wrapper, options, "%s", ZSTR_VAL(errstr));
234 zend_string_release_ex(errstr, 0);
235 errstr = NULL;
236 }
237
238 efree(transport_string);
239
240 if (stream && use_proxy && use_ssl) {
241 smart_str header = {0};
242
243 /* Set peer_name or name verification will try to use the proxy server name */
244 if (!context || (tmpzval = php_stream_context_get_option(context, "ssl", "peer_name")) == NULL) {
245 ZVAL_STR_COPY(&ssl_proxy_peer_name, resource->host);
246 php_stream_context_set_option(PHP_STREAM_CONTEXT(stream), "ssl", "peer_name", &ssl_proxy_peer_name);
247 zval_ptr_dtor(&ssl_proxy_peer_name);
248 }
249
250 smart_str_appendl(&header, "CONNECT ", sizeof("CONNECT ")-1);
251 smart_str_appends(&header, ZSTR_VAL(resource->host));
252 smart_str_appendc(&header, ':');
253 smart_str_append_unsigned(&header, resource->port);
254 smart_str_appendl(&header, " HTTP/1.0\r\n", sizeof(" HTTP/1.0\r\n")-1);
255
256 /* check if we have Proxy-Authorization header */
257 if (context && (tmpzval = php_stream_context_get_option(context, "http", "header")) != NULL) {
258 char *s, *p;
259
260 if (Z_TYPE_P(tmpzval) == IS_ARRAY) {
261 zval *tmpheader = NULL;
262
263 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(tmpzval), tmpheader) {
264 if (Z_TYPE_P(tmpheader) == IS_STRING) {
265 s = Z_STRVAL_P(tmpheader);
266 do {
267 while (*s == ' ' || *s == '\t') s++;
268 p = s;
269 while (*p != 0 && *p != ':' && *p != '\r' && *p !='\n') p++;
270 if (*p == ':') {
271 p++;
272 if (p - s == sizeof("Proxy-Authorization:") - 1 &&
273 zend_binary_strcasecmp(s, sizeof("Proxy-Authorization:") - 1,
274 "Proxy-Authorization:", sizeof("Proxy-Authorization:") - 1) == 0) {
275 while (*p != 0 && *p != '\r' && *p !='\n') p++;
276 smart_str_appendl(&header, s, p - s);
277 smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
278 goto finish;
279 } else {
280 while (*p != 0 && *p != '\r' && *p !='\n') p++;
281 }
282 }
283 s = p;
284 while (*s == '\r' || *s == '\n') s++;
285 } while (*s != 0);
286 }
287 } ZEND_HASH_FOREACH_END();
288 } else if (Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval)) {
289 s = Z_STRVAL_P(tmpzval);
290 do {
291 while (*s == ' ' || *s == '\t') s++;
292 p = s;
293 while (*p != 0 && *p != ':' && *p != '\r' && *p !='\n') p++;
294 if (*p == ':') {
295 p++;
296 if (p - s == sizeof("Proxy-Authorization:") - 1 &&
297 zend_binary_strcasecmp(s, sizeof("Proxy-Authorization:") - 1,
298 "Proxy-Authorization:", sizeof("Proxy-Authorization:") - 1) == 0) {
299 while (*p != 0 && *p != '\r' && *p !='\n') p++;
300 smart_str_appendl(&header, s, p - s);
301 smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
302 goto finish;
303 } else {
304 while (*p != 0 && *p != '\r' && *p !='\n') p++;
305 }
306 }
307 s = p;
308 while (*s == '\r' || *s == '\n') s++;
309 } while (*s != 0);
310 }
311 }
312 finish:
313 smart_str_appendl(&header, "\r\n", sizeof("\r\n")-1);
314
315 if (php_stream_write(stream, ZSTR_VAL(header.s), ZSTR_LEN(header.s)) != ZSTR_LEN(header.s)) {
316 php_stream_wrapper_log_error(wrapper, options, "Cannot connect to HTTPS server through proxy");
317 php_stream_close(stream);
318 stream = NULL;
319 }
320 smart_str_free(&header);
321
322 if (stream) {
323 char header_line[HTTP_HEADER_BLOCK_SIZE];
324
325 /* get response header */
326 while (php_stream_gets(stream, header_line, HTTP_HEADER_BLOCK_SIZE-1) != NULL) {
327 if (header_line[0] == '\n' ||
328 header_line[0] == '\r' ||
329 header_line[0] == '\0') {
330 break;
331 }
332 }
333 }
334
335 /* enable SSL transport layer */
336 if (stream) {
337 if (php_stream_xport_crypto_setup(stream, STREAM_CRYPTO_METHOD_SSLv23_CLIENT, NULL) < 0 ||
338 php_stream_xport_crypto_enable(stream, 1) < 0) {
339 php_stream_wrapper_log_error(wrapper, options, "Cannot connect to HTTPS server through proxy");
340 php_stream_close(stream);
341 stream = NULL;
342 }
343 }
344 }
345
346 if (stream == NULL)
347 goto out;
348
349 /* avoid buffering issues while reading header */
350 if (options & STREAM_WILL_CAST)
351 chunk_size = php_stream_set_chunk_size(stream, 1);
352
353 /* avoid problems with auto-detecting when reading the headers -> the headers
354 * are always in canonical \r\n format */
355 eol_detect = stream->flags & (PHP_STREAM_FLAG_DETECT_EOL | PHP_STREAM_FLAG_EOL_MAC);
356 stream->flags &= ~(PHP_STREAM_FLAG_DETECT_EOL | PHP_STREAM_FLAG_EOL_MAC);
357
358 php_stream_context_set(stream, context);
359
360 php_stream_notify_info(context, PHP_STREAM_NOTIFY_CONNECT, NULL, 0);
361
362 if (header_init && context && (tmpzval = php_stream_context_get_option(context, "http", "max_redirects")) != NULL) {
363 redirect_max = (int)zval_get_long(tmpzval);
364 }
365
366 custom_request_method = 0;
367 if (context && (tmpzval = php_stream_context_get_option(context, "http", "method")) != NULL) {
368 if (Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval) > 0) {
369 /* As per the RFC, automatically redirected requests MUST NOT use other methods than
370 * GET and HEAD unless it can be confirmed by the user */
371 if (!redirected
372 || (Z_STRLEN_P(tmpzval) == 3 && memcmp("GET", Z_STRVAL_P(tmpzval), 3) == 0)
373 || (Z_STRLEN_P(tmpzval) == 4 && memcmp("HEAD",Z_STRVAL_P(tmpzval), 4) == 0)
374 ) {
375 custom_request_method = 1;
376 smart_str_append(&req_buf, Z_STR_P(tmpzval));
377 smart_str_appendc(&req_buf, ' ');
378 }
379 }
380 }
381
382 if (!custom_request_method) {
383 smart_str_appends(&req_buf, "GET ");
384 }
385
386 /* Should we send the entire path in the request line, default to no. */
387 if (!request_fulluri && context &&
388 (tmpzval = php_stream_context_get_option(context, "http", "request_fulluri")) != NULL) {
389 request_fulluri = zend_is_true(tmpzval);
390 }
391
392 if (request_fulluri) {
393 /* Ask for everything */
394 smart_str_appends(&req_buf, path);
395 } else {
396 /* Send the traditional /path/to/file?query_string */
397
398 /* file */
399 if (resource->path && ZSTR_LEN(resource->path)) {
400 smart_str_appends(&req_buf, ZSTR_VAL(resource->path));
401 } else {
402 smart_str_appendc(&req_buf, '/');
403 }
404
405 /* query string */
406 if (resource->query) {
407 smart_str_appendc(&req_buf, '?');
408 smart_str_appends(&req_buf, ZSTR_VAL(resource->query));
409 }
410 }
411
412 /* protocol version we are speaking */
413 if (context && (tmpzval = php_stream_context_get_option(context, "http", "protocol_version")) != NULL) {
414 char *protocol_version;
415 spprintf(&protocol_version, 0, "%.1F", zval_get_double(tmpzval));
416
417 smart_str_appends(&req_buf, " HTTP/");
418 smart_str_appends(&req_buf, protocol_version);
419 smart_str_appends(&req_buf, "\r\n");
420 efree(protocol_version);
421 } else {
422 smart_str_appends(&req_buf, " HTTP/1.1\r\n");
423 }
424
425 if (context && (tmpzval = php_stream_context_get_option(context, "http", "header")) != NULL) {
426 tmp = NULL;
427
428 if (Z_TYPE_P(tmpzval) == IS_ARRAY) {
429 zval *tmpheader = NULL;
430 smart_str tmpstr = {0};
431
432 ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(tmpzval), tmpheader) {
433 if (Z_TYPE_P(tmpheader) == IS_STRING) {
434 smart_str_append(&tmpstr, Z_STR_P(tmpheader));
435 smart_str_appendl(&tmpstr, "\r\n", sizeof("\r\n") - 1);
436 }
437 } ZEND_HASH_FOREACH_END();
438 smart_str_0(&tmpstr);
439 /* Remove newlines and spaces from start and end. there's at least one extra \r\n at the end that needs to go. */
440 if (tmpstr.s) {
441 tmp = php_trim(tmpstr.s, NULL, 0, 3);
442 smart_str_free(&tmpstr);
443 }
444 } else if (Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval)) {
445 /* Remove newlines and spaces from start and end php_trim will estrndup() */
446 tmp = php_trim(Z_STR_P(tmpzval), NULL, 0, 3);
447 }
448 if (tmp && ZSTR_LEN(tmp)) {
449 char *s;
450 char *t;
451
452 user_headers = estrndup(ZSTR_VAL(tmp), ZSTR_LEN(tmp));
453
454 if (ZSTR_IS_INTERNED(tmp)) {
455 tmp = zend_string_init(ZSTR_VAL(tmp), ZSTR_LEN(tmp), 0);
456 } else if (GC_REFCOUNT(tmp) > 1) {
457 GC_DELREF(tmp);
458 tmp = zend_string_init(ZSTR_VAL(tmp), ZSTR_LEN(tmp), 0);
459 }
460
461 /* Make lowercase for easy comparison against 'standard' headers */
462 php_strtolower(ZSTR_VAL(tmp), ZSTR_LEN(tmp));
463 t = ZSTR_VAL(tmp);
464
465 if (!header_init) {
466 /* strip POST headers on redirect */
467 strip_header(user_headers, t, "content-length:");
468 strip_header(user_headers, t, "content-type:");
469 }
470
471 if (check_has_header(t, "user-agent:")) {
472 have_header |= HTTP_HEADER_USER_AGENT;
473 }
474 if (check_has_header(t, "host:")) {
475 have_header |= HTTP_HEADER_HOST;
476 }
477 if (check_has_header(t, "from:")) {
478 have_header |= HTTP_HEADER_FROM;
479 }
480 if (check_has_header(t, "authorization:")) {
481 have_header |= HTTP_HEADER_AUTH;
482 }
483 if (check_has_header(t, "content-length:")) {
484 have_header |= HTTP_HEADER_CONTENT_LENGTH;
485 }
486 if (check_has_header(t, "content-type:")) {
487 have_header |= HTTP_HEADER_TYPE;
488 }
489 if (check_has_header(t, "connection:")) {
490 have_header |= HTTP_HEADER_CONNECTION;
491 }
492
493 /* remove Proxy-Authorization header */
494 if (use_proxy && use_ssl && (s = strstr(t, "proxy-authorization:")) &&
495 (s == t || *(s-1) == '\n')) {
496 char *p = s + sizeof("proxy-authorization:") - 1;
497
498 while (s > t && (*(s-1) == ' ' || *(s-1) == '\t')) s--;
499 while (*p != 0 && *p != '\r' && *p != '\n') p++;
500 while (*p == '\r' || *p == '\n') p++;
501 if (*p == 0) {
502 if (s == t) {
503 efree(user_headers);
504 user_headers = NULL;
505 } else {
506 while (s > t && (*(s-1) == '\r' || *(s-1) == '\n')) s--;
507 user_headers[s - t] = 0;
508 }
509 } else {
510 memmove(user_headers + (s - t), user_headers + (p - t), strlen(p) + 1);
511 }
512 }
513
514 }
515 if (tmp) {
516 zend_string_release_ex(tmp, 0);
517 }
518 }
519
520 /* auth header if it was specified */
521 if (((have_header & HTTP_HEADER_AUTH) == 0) && resource->user) {
522 /* make scratch large enough to hold the whole URL (over-estimate) */
523 size_t scratch_len = strlen(path) + 1;
524 char *scratch = emalloc(scratch_len);
525 zend_string *stmp;
526
527 /* decode the strings first */
528 php_url_decode(ZSTR_VAL(resource->user), ZSTR_LEN(resource->user));
529
530 strcpy(scratch, ZSTR_VAL(resource->user));
531 strcat(scratch, ":");
532
533 /* Note: password is optional! */
534 if (resource->pass) {
535 php_url_decode(ZSTR_VAL(resource->pass), ZSTR_LEN(resource->pass));
536 strcat(scratch, ZSTR_VAL(resource->pass));
537 }
538
539 stmp = php_base64_encode((unsigned char*)scratch, strlen(scratch));
540
541 smart_str_appends(&req_buf, "Authorization: Basic ");
542 smart_str_appends(&req_buf, ZSTR_VAL(stmp));
543 smart_str_appends(&req_buf, "\r\n");
544
545 php_stream_notify_info(context, PHP_STREAM_NOTIFY_AUTH_REQUIRED, NULL, 0);
546
547 zend_string_free(stmp);
548 efree(scratch);
549 }
550
551 /* if the user has configured who they are, send a From: line */
552 if (!(have_header & HTTP_HEADER_FROM) && FG(from_address)) {
553 smart_str_appends(&req_buf, "From: ");
554 smart_str_appends(&req_buf, FG(from_address));
555 smart_str_appends(&req_buf, "\r\n");
556 }
557
558 /* Send Host: header so name-based virtual hosts work */
559 if ((have_header & HTTP_HEADER_HOST) == 0) {
560 smart_str_appends(&req_buf, "Host: ");
561 smart_str_appends(&req_buf, ZSTR_VAL(resource->host));
562 if ((use_ssl && resource->port != 443 && resource->port != 0) ||
563 (!use_ssl && resource->port != 80 && resource->port != 0)) {
564 smart_str_appendc(&req_buf, ':');
565 smart_str_append_unsigned(&req_buf, resource->port);
566 }
567 smart_str_appends(&req_buf, "\r\n");
568 }
569
570 /* Send a Connection: close header to avoid hanging when the server
571 * interprets the RFC literally and establishes a keep-alive connection,
572 * unless the user specifically requests something else by specifying a
573 * Connection header in the context options. Send that header even for
574 * HTTP/1.0 to avoid issues when the server respond with a HTTP/1.1
575 * keep-alive response, which is the preferred response type. */
576 if ((have_header & HTTP_HEADER_CONNECTION) == 0) {
577 smart_str_appends(&req_buf, "Connection: close\r\n");
578 }
579
580 if (context &&
581 (ua_zval = php_stream_context_get_option(context, "http", "user_agent")) != NULL &&
582 Z_TYPE_P(ua_zval) == IS_STRING) {
583 ua_str = Z_STRVAL_P(ua_zval);
584 } else if (FG(user_agent)) {
585 ua_str = FG(user_agent);
586 }
587
588 if (((have_header & HTTP_HEADER_USER_AGENT) == 0) && ua_str) {
589 #define _UA_HEADER "User-Agent: %s\r\n"
590 char *ua;
591 size_t ua_len;
592
593 ua_len = sizeof(_UA_HEADER) + strlen(ua_str);
594
595 /* ensure the header is only sent if user_agent is not blank */
596 if (ua_len > sizeof(_UA_HEADER)) {
597 ua = emalloc(ua_len + 1);
598 if ((ua_len = slprintf(ua, ua_len, _UA_HEADER, ua_str)) > 0) {
599 ua[ua_len] = 0;
600 smart_str_appendl(&req_buf, ua, ua_len);
601 } else {
602 php_error_docref(NULL, E_WARNING, "Cannot construct User-agent header");
603 }
604 efree(ua);
605 }
606 }
607
608 if (user_headers) {
609 /* A bit weird, but some servers require that Content-Length be sent prior to Content-Type for POST
610 * see bug #44603 for details. Since Content-Type maybe part of user's headers we need to do this check first.
611 */
612 if (
613 header_init &&
614 context &&
615 !(have_header & HTTP_HEADER_CONTENT_LENGTH) &&
616 (tmpzval = php_stream_context_get_option(context, "http", "content")) != NULL &&
617 Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval) > 0
618 ) {
619 smart_str_appends(&req_buf, "Content-Length: ");
620 smart_str_append_unsigned(&req_buf, Z_STRLEN_P(tmpzval));
621 smart_str_appends(&req_buf, "\r\n");
622 have_header |= HTTP_HEADER_CONTENT_LENGTH;
623 }
624
625 smart_str_appends(&req_buf, user_headers);
626 smart_str_appends(&req_buf, "\r\n");
627 efree(user_headers);
628 }
629
630 /* Request content, such as for POST requests */
631 if (header_init && context &&
632 (tmpzval = php_stream_context_get_option(context, "http", "content")) != NULL &&
633 Z_TYPE_P(tmpzval) == IS_STRING && Z_STRLEN_P(tmpzval) > 0) {
634 if (!(have_header & HTTP_HEADER_CONTENT_LENGTH)) {
635 smart_str_appends(&req_buf, "Content-Length: ");
636 smart_str_append_unsigned(&req_buf, Z_STRLEN_P(tmpzval));
637 smart_str_appends(&req_buf, "\r\n");
638 }
639 if (!(have_header & HTTP_HEADER_TYPE)) {
640 smart_str_appends(&req_buf, "Content-Type: application/x-www-form-urlencoded\r\n");
641 php_error_docref(NULL, E_NOTICE, "Content-type not specified assuming application/x-www-form-urlencoded");
642 }
643 smart_str_appends(&req_buf, "\r\n");
644 smart_str_appendl(&req_buf, Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval));
645 } else {
646 smart_str_appends(&req_buf, "\r\n");
647 }
648
649 /* send it */
650 php_stream_write(stream, ZSTR_VAL(req_buf.s), ZSTR_LEN(req_buf.s));
651
652 location[0] = '\0';
653
654 if (Z_ISUNDEF_P(response_header)) {
655 array_init(response_header);
656 }
657
658 {
659 /* get response header */
660 size_t tmp_line_len;
661 if (!php_stream_eof(stream) &&
662 php_stream_get_line(stream, tmp_line, sizeof(tmp_line) - 1, &tmp_line_len) != NULL) {
663 zval http_response;
664
665 if (tmp_line_len > 9) {
666 response_code = atoi(tmp_line + 9);
667 } else {
668 response_code = 0;
669 }
670 if (context && NULL != (tmpzval = php_stream_context_get_option(context, "http", "ignore_errors"))) {
671 ignore_errors = zend_is_true(tmpzval);
672 }
673 /* when we request only the header, don't fail even on error codes */
674 if ((options & STREAM_ONLY_GET_HEADERS) || ignore_errors) {
675 reqok = 1;
676 }
677
678 /* status codes of 1xx are "informational", and will be followed by a real response
679 * e.g "100 Continue". RFC 7231 states that unexpected 1xx status MUST be parsed,
680 * and MAY be ignored. As such, we need to skip ahead to the "real" status*/
681 if (response_code >= 100 && response_code < 200 && response_code != 101) {
682 /* consume lines until we find a line starting 'HTTP/1' */
683 while (
684 !php_stream_eof(stream)
685 && php_stream_get_line(stream, tmp_line, sizeof(tmp_line) - 1, &tmp_line_len) != NULL
686 && ( tmp_line_len < sizeof("HTTP/1") - 1 || strncasecmp(tmp_line, "HTTP/1", sizeof("HTTP/1") - 1) )
687 );
688
689 if (tmp_line_len > 9) {
690 response_code = atoi(tmp_line + 9);
691 } else {
692 response_code = 0;
693 }
694 }
695 /* all status codes in the 2xx range are defined by the specification as successful;
696 * all status codes in the 3xx range are for redirection, and so also should never
697 * fail */
698 if (response_code >= 200 && response_code < 400) {
699 reqok = 1;
700 } else {
701 switch(response_code) {
702 case 403:
703 php_stream_notify_error(context, PHP_STREAM_NOTIFY_AUTH_RESULT,
704 tmp_line, response_code);
705 break;
706 default:
707 /* safety net in the event tmp_line == NULL */
708 if (!tmp_line_len) {
709 tmp_line[0] = '\0';
710 }
711 php_stream_notify_error(context, PHP_STREAM_NOTIFY_FAILURE,
712 tmp_line, response_code);
713 }
714 }
715 if (tmp_line_len >= 1 && tmp_line[tmp_line_len - 1] == '\n') {
716 --tmp_line_len;
717 if (tmp_line_len >= 1 &&tmp_line[tmp_line_len - 1] == '\r') {
718 --tmp_line_len;
719 }
720 } else {
721 // read and discard rest of status line
722 char *line = php_stream_get_line(stream, NULL, 0, NULL);
723 efree(line);
724 }
725 ZVAL_STRINGL(&http_response, tmp_line, tmp_line_len);
726 zend_hash_next_index_insert(Z_ARRVAL_P(response_header), &http_response);
727 } else {
728 php_stream_close(stream);
729 stream = NULL;
730 php_stream_wrapper_log_error(wrapper, options, "HTTP request failed!");
731 goto out;
732 }
733 }
734
735 /* read past HTTP headers */
736
737 while (!php_stream_eof(stream)) {
738 size_t http_header_line_length;
739
740 if (http_header_line != NULL) {
741 efree(http_header_line);
742 }
743 if ((http_header_line = php_stream_get_line(stream, NULL, 0, &http_header_line_length)) && *http_header_line != '\n' && *http_header_line != '\r') {
744 char *e = http_header_line + http_header_line_length - 1;
745 char *http_header_value;
746
747 while (e >= http_header_line && (*e == '\n' || *e == '\r')) {
748 e--;
749 }
750
751 /* The primary definition of an HTTP header in RFC 7230 states:
752 * > Each header field consists of a case-insensitive field name followed
753 * > by a colon (":"), optional leading whitespace, the field value, and
754 * > optional trailing whitespace. */
755
756 /* Strip trailing whitespace */
757 while (e >= http_header_line && (*e == ' ' || *e == '\t')) {
758 e--;
759 }
760
761 /* Terminate header line */
762 e++;
763 *e = '\0';
764 http_header_line_length = e - http_header_line;
765
766 http_header_value = memchr(http_header_line, ':', http_header_line_length);
767 if (http_header_value) {
768 http_header_value++; /* Skip ':' */
769
770 /* Strip leading whitespace */
771 while (http_header_value < e
772 && (*http_header_value == ' ' || *http_header_value == '\t')) {
773 http_header_value++;
774 }
775 } else {
776 /* There is no colon. Set the value to the end of the header line, which is
777 * effectively an empty string. */
778 http_header_value = e;
779 }
780
781 if (!strncasecmp(http_header_line, "Location:", sizeof("Location:")-1)) {
782 if (context && (tmpzval = php_stream_context_get_option(context, "http", "follow_location")) != NULL) {
783 follow_location = zval_is_true(tmpzval);
784 } else if (!((response_code >= 300 && response_code < 304)
785 || 307 == response_code || 308 == response_code)) {
786 /* we shouldn't redirect automatically
787 if follow_location isn't set and response_code not in (300, 301, 302, 303 and 307)
788 see http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.1
789 RFC 7238 defines 308: http://tools.ietf.org/html/rfc7238 */
790 follow_location = 0;
791 }
792 strlcpy(location, http_header_value, sizeof(location));
793 } else if (!strncasecmp(http_header_line, "Content-Type:", sizeof("Content-Type:")-1)) {
794 php_stream_notify_info(context, PHP_STREAM_NOTIFY_MIME_TYPE_IS, http_header_value, 0);
795 } else if (!strncasecmp(http_header_line, "Content-Length:", sizeof("Content-Length:")-1)) {
796 file_size = atoi(http_header_value);
797 php_stream_notify_file_size(context, file_size, http_header_line, 0);
798 } else if (
799 !strncasecmp(http_header_line, "Transfer-Encoding:", sizeof("Transfer-Encoding:")-1)
800 && !strncasecmp(http_header_value, "Chunked", sizeof("Chunked")-1)
801 ) {
802
803 /* create filter to decode response body */
804 if (!(options & STREAM_ONLY_GET_HEADERS)) {
805 zend_long decode = 1;
806
807 if (context && (tmpzval = php_stream_context_get_option(context, "http", "auto_decode")) != NULL) {
808 decode = zend_is_true(tmpzval);
809 }
810 if (decode) {
811 transfer_encoding = php_stream_filter_create("dechunk", NULL, php_stream_is_persistent(stream));
812 if (transfer_encoding) {
813 /* don't store transfer-encodeing header */
814 continue;
815 }
816 }
817 }
818 }
819
820 {
821 zval http_header;
822 ZVAL_STRINGL(&http_header, http_header_line, http_header_line_length);
823 zend_hash_next_index_insert(Z_ARRVAL_P(response_header), &http_header);
824 }
825 } else {
826 break;
827 }
828 }
829
830 if (!reqok || (location[0] != '\0' && follow_location)) {
831 if (!follow_location || (((options & STREAM_ONLY_GET_HEADERS) || ignore_errors) && redirect_max <= 1)) {
832 goto out;
833 }
834
835 if (location[0] != '\0')
836 php_stream_notify_info(context, PHP_STREAM_NOTIFY_REDIRECTED, location, 0);
837
838 php_stream_close(stream);
839 stream = NULL;
840
841 if (transfer_encoding) {
842 php_stream_filter_free(transfer_encoding);
843 transfer_encoding = NULL;
844 }
845
846 if (location[0] != '\0') {
847
848 char new_path[HTTP_HEADER_BLOCK_SIZE];
849 char loc_path[HTTP_HEADER_BLOCK_SIZE];
850
851 *new_path='\0';
852 if (strlen(location)<8 || (strncasecmp(location, "http://", sizeof("http://")-1) &&
853 strncasecmp(location, "https://", sizeof("https://")-1) &&
854 strncasecmp(location, "ftp://", sizeof("ftp://")-1) &&
855 strncasecmp(location, "ftps://", sizeof("ftps://")-1)))
856 {
857 if (*location != '/') {
858 if (*(location+1) != '\0' && resource->path) {
859 char *s = strrchr(ZSTR_VAL(resource->path), '/');
860 if (!s) {
861 s = ZSTR_VAL(resource->path);
862 if (!ZSTR_LEN(resource->path)) {
863 zend_string_release_ex(resource->path, 0);
864 resource->path = zend_string_init("/", 1, 0);
865 s = ZSTR_VAL(resource->path);
866 } else {
867 *s = '/';
868 }
869 }
870 s[1] = '\0';
871 if (resource->path &&
872 ZSTR_VAL(resource->path)[0] == '/' &&
873 ZSTR_VAL(resource->path)[1] == '\0') {
874 snprintf(loc_path, sizeof(loc_path) - 1, "%s%s", ZSTR_VAL(resource->path), location);
875 } else {
876 snprintf(loc_path, sizeof(loc_path) - 1, "%s/%s", ZSTR_VAL(resource->path), location);
877 }
878 } else {
879 snprintf(loc_path, sizeof(loc_path) - 1, "/%s", location);
880 }
881 } else {
882 strlcpy(loc_path, location, sizeof(loc_path));
883 }
884 if ((use_ssl && resource->port != 443) || (!use_ssl && resource->port != 80)) {
885 snprintf(new_path, sizeof(new_path) - 1, "%s://%s:%d%s", ZSTR_VAL(resource->scheme), ZSTR_VAL(resource->host), resource->port, loc_path);
886 } else {
887 snprintf(new_path, sizeof(new_path) - 1, "%s://%s%s", ZSTR_VAL(resource->scheme), ZSTR_VAL(resource->host), loc_path);
888 }
889 } else {
890 strlcpy(new_path, location, sizeof(new_path));
891 }
892
893 php_url_free(resource);
894 /* check for invalid redirection URLs */
895 if ((resource = php_url_parse(new_path)) == NULL) {
896 php_stream_wrapper_log_error(wrapper, options, "Invalid redirect URL! %s", new_path);
897 goto out;
898 }
899
900 #define CHECK_FOR_CNTRL_CHARS(val) { \
901 if (val) { \
902 unsigned char *s, *e; \
903 ZSTR_LEN(val) = php_url_decode(ZSTR_VAL(val), ZSTR_LEN(val)); \
904 s = (unsigned char*)ZSTR_VAL(val); e = s + ZSTR_LEN(val); \
905 while (s < e) { \
906 if (iscntrl(*s)) { \
907 php_stream_wrapper_log_error(wrapper, options, "Invalid redirect URL! %s", new_path); \
908 goto out; \
909 } \
910 s++; \
911 } \
912 } \
913 }
914 /* check for control characters in login, password & path */
915 if (strncasecmp(new_path, "http://", sizeof("http://") - 1) || strncasecmp(new_path, "https://", sizeof("https://") - 1)) {
916 CHECK_FOR_CNTRL_CHARS(resource->user);
917 CHECK_FOR_CNTRL_CHARS(resource->pass);
918 CHECK_FOR_CNTRL_CHARS(resource->path);
919 }
920 stream = php_stream_url_wrap_http_ex(
921 wrapper, new_path, mode, options, opened_path, context,
922 --redirect_max, HTTP_WRAPPER_REDIRECTED, response_header STREAMS_CC);
923 } else {
924 php_stream_wrapper_log_error(wrapper, options, "HTTP request failed! %s", tmp_line);
925 }
926 }
927 out:
928
929 smart_str_free(&req_buf);
930
931 if (http_header_line) {
932 efree(http_header_line);
933 }
934
935 if (resource) {
936 php_url_free(resource);
937 }
938
939 if (stream) {
940 if (header_init) {
941 ZVAL_COPY(&stream->wrapperdata, response_header);
942 }
943 php_stream_notify_progress_init(context, 0, file_size);
944
945 /* Restore original chunk size now that we're done with headers */
946 if (options & STREAM_WILL_CAST)
947 php_stream_set_chunk_size(stream, (int)chunk_size);
948
949 /* restore the users auto-detect-line-endings setting */
950 stream->flags |= eol_detect;
951
952 /* as far as streams are concerned, we are now at the start of
953 * the stream */
954 stream->position = 0;
955
956 /* restore mode */
957 strlcpy(stream->mode, mode, sizeof(stream->mode));
958
959 if (transfer_encoding) {
960 php_stream_filter_append(&stream->readfilters, transfer_encoding);
961 }
962 }
963
964 return stream;
965 }
966 /* }}} */
967
php_stream_url_wrap_http(php_stream_wrapper * wrapper,const char * path,const char * mode,int options,zend_string ** opened_path,php_stream_context * context STREAMS_DC)968 php_stream *php_stream_url_wrap_http(php_stream_wrapper *wrapper, const char *path, const char *mode, int options, zend_string **opened_path, php_stream_context *context STREAMS_DC) /* {{{ */
969 {
970 php_stream *stream;
971 zval headers;
972 ZVAL_UNDEF(&headers);
973
974 stream = php_stream_url_wrap_http_ex(
975 wrapper, path, mode, options, opened_path, context,
976 PHP_URL_REDIRECT_MAX, HTTP_WRAPPER_HEADER_INIT, &headers STREAMS_CC);
977
978 if (!Z_ISUNDEF(headers)) {
979 if (FAILURE == zend_set_local_var_str(
980 "http_response_header", sizeof("http_response_header")-1, &headers, 0)) {
981 zval_ptr_dtor(&headers);
982 }
983 }
984
985 return stream;
986 }
987 /* }}} */
988
php_stream_http_stream_stat(php_stream_wrapper * wrapper,php_stream * stream,php_stream_statbuf * ssb)989 static int php_stream_http_stream_stat(php_stream_wrapper *wrapper, php_stream *stream, php_stream_statbuf *ssb) /* {{{ */
990 {
991 /* one day, we could fill in the details based on Date: and Content-Length:
992 * headers. For now, we return with a failure code to prevent the underlying
993 * file's details from being used instead. */
994 return -1;
995 }
996 /* }}} */
997
998 static const php_stream_wrapper_ops http_stream_wops = {
999 php_stream_url_wrap_http,
1000 NULL, /* stream_close */
1001 php_stream_http_stream_stat,
1002 NULL, /* stat_url */
1003 NULL, /* opendir */
1004 "http",
1005 NULL, /* unlink */
1006 NULL, /* rename */
1007 NULL, /* mkdir */
1008 NULL, /* rmdir */
1009 NULL
1010 };
1011
1012 PHPAPI const php_stream_wrapper php_stream_http_wrapper = {
1013 &http_stream_wops,
1014 NULL,
1015 1 /* is_url */
1016 };
1017
