diff options
| author | Jani Taskinen <jani@php.net> | 2010-01-25 16:28:13 +0000 |
|---|---|---|
| committer | Jani Taskinen <jani@php.net> | 2010-01-25 16:28:13 +0000 |
| commit | 5952473b7a79d4b71aa8be68714ebddf6b2c83a9 (patch) | |
| tree | afa490f6137de88bb050839cbb66a3571698df8f | |
| parent | 5eb4db5e8fa197339fdd28f23f447da777623f2b (diff) | |
| download | php-git-5952473b7a79d4b71aa8be68714ebddf6b2c83a9.tar.gz | |
- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP authentication)
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | ext/standard/http_fopen_wrapper.c | 12 |
2 files changed, 10 insertions, 4 deletions
@@ -18,6 +18,8 @@ PHP NEWS - Fixed possible crash when a error/warning is raised during php startup. (Pierre) +- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP + authentication). (Jani) - Fixed bug #50787 (stream_set_write_buffer() has no effect on socket streams). (vnegrier at optilian dot com, Ilia) - Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c index a3dcca415f..68098451b3 100644 --- a/ext/standard/http_fopen_wrapper.c +++ b/ext/standard/http_fopen_wrapper.c @@ -416,15 +416,19 @@ php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, } /* auth header if it was specified */ - if (((have_header & HTTP_HEADER_AUTH) == 0) && resource->user && resource->pass) { + if (((have_header & HTTP_HEADER_AUTH) == 0) && resource->user) { /* decode the strings first */ php_url_decode(resource->user, strlen(resource->user)); - php_url_decode(resource->pass, strlen(resource->pass)); /* scratch is large enough, since it was made large enough for the whole URL */ strcpy(scratch, resource->user); strcat(scratch, ":"); - strcat(scratch, resource->pass); + + /* Note: password is optional! */ + if (resource->pass) { + php_url_decode(resource->pass, strlen(resource->pass)); + strcat(scratch, resource->pass); + } tmp = (char*)php_base64_encode((unsigned char*)scratch, strlen(scratch), NULL); @@ -746,7 +750,7 @@ php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, s++; \ } \ } \ -} \ +} /* check for control characters in login, password & path */ if (strncasecmp(new_path, "http://", sizeof("http://") - 1) || strncasecmp(new_path, "https://", sizeof("https://") - 1)) { CHECK_FOR_CNTRL_CHARS(resource->user) |