From f2b22b7e7ff26842faec48039917a3d4c6a5f065 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= Date: Fri, 10 Mar 2017 10:25:28 +0100 Subject: [PATCH] - rel 2; Add PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT (backport) --- php-pdo-ssl.patch | 69 +++++++++++++++++++++++++++++++++++++++++++++++ php.spec | 4 ++- 2 files changed, 72 insertions(+), 1 deletion(-) create mode 100644 php-pdo-ssl.patch diff --git a/php-pdo-ssl.patch b/php-pdo-ssl.patch new file mode 100644 index 0000000..803205f --- /dev/null +++ b/php-pdo-ssl.patch @@ -0,0 +1,69 @@ +commit 247ce052cd0fc7d0d8ea1a0e7ea2075e9601766a +Author: Thomas Orozco +Date: Thu Jun 9 10:45:40 2016 +0200 + + Fixed bug #71003: Add PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT + +diff --git a/ext/pdo_mysql/mysql_driver.c b/ext/pdo_mysql/mysql_driver.c +index 021ac89b45..1bf4eb039a 100644 +--- a/ext/pdo_mysql/mysql_driver.c ++++ b/ext/pdo_mysql/mysql_driver.c +@@ -736,6 +736,18 @@ static int pdo_mysql_handle_factory(pdo_dbh_t *dbh, zval *driver_options) + } + } + #endif ++ ++#ifdef PDO_USE_MYSQLND ++ { ++ long ssl_verify_cert = pdo_attr_lval(driver_options, ++ PDO_MYSQL_ATTR_SSL_VERIFY_SERVER_CERT, -1); ++ if (ssl_verify_cert != -1) { ++ connect_opts |= ssl_verify_cert ? ++ CLIENT_SSL_VERIFY_SERVER_CERT: ++ CLIENT_SSL_DONT_VERIFY_SERVER_CERT; ++ } ++ } ++#endif + } + + #ifdef PDO_MYSQL_HAS_CHARSET +diff --git a/ext/pdo_mysql/pdo_mysql.c b/ext/pdo_mysql/pdo_mysql.c +index 32b85ba547..99fb6d3b77 100644 +--- a/ext/pdo_mysql/pdo_mysql.c ++++ b/ext/pdo_mysql/pdo_mysql.c +@@ -128,6 +128,9 @@ static PHP_MINIT_FUNCTION(pdo_mysql) + REGISTER_PDO_CLASS_CONST_LONG("MYSQL_ATTR_SERVER_PUBLIC_KEY", (long)PDO_MYSQL_ATTR_SERVER_PUBLIC_KEY); + #endif + REGISTER_PDO_CLASS_CONST_LONG("MYSQL_ATTR_MULTI_STATEMENTS", (long)PDO_MYSQL_ATTR_MULTI_STATEMENTS); ++#ifdef PDO_USE_MYSQLND ++ REGISTER_PDO_CLASS_CONST_LONG("MYSQL_ATTR_SSL_VERIFY_SERVER_CERT", (long)PDO_MYSQL_ATTR_SSL_VERIFY_SERVER_CERT); ++#endif + + #ifdef PDO_USE_MYSQLND + mysqlnd_reverse_api_register_api(&pdo_mysql_reverse_api TSRMLS_CC); +diff --git a/ext/pdo_mysql/php_pdo_mysql_int.h b/ext/pdo_mysql/php_pdo_mysql_int.h +index f300e044ba..89884120ab 100644 +--- a/ext/pdo_mysql/php_pdo_mysql_int.h ++++ b/ext/pdo_mysql/php_pdo_mysql_int.h +@@ -179,6 +179,9 @@ enum { + PDO_MYSQL_ATTR_SERVER_PUBLIC_KEY, + #endif + PDO_MYSQL_ATTR_MULTI_STATEMENTS, ++#ifdef PDO_USE_MYSQLND ++ PDO_MYSQL_ATTR_SSL_VERIFY_SERVER_CERT, ++#endif + }; + + #endif +diff --git a/ext/pdo_mysql/tests/pdo_mysql_class_constants.phpt b/ext/pdo_mysql/tests/pdo_mysql_class_constants.phpt +index f3d0fa6313..fba1c2433e 100644 +--- a/ext/pdo_mysql/tests/pdo_mysql_class_constants.phpt ++++ b/ext/pdo_mysql/tests/pdo_mysql_class_constants.phpt +@@ -27,6 +27,7 @@ if (!extension_loaded('mysqli') && !extension_loaded('mysqlnd')) { + "MYSQL_ATTR_SSL_CIPHER" => true, + "MYSQL_ATTR_COMPRESS" => true, + "MYSQL_ATTR_MULTI_STATEMENTS" => true, ++ "MYSQL_ATTR_SSL_VERIFY_SERVER_CERT" => true, + ); + + if (!MySQLPDOTest::isPDOMySQLnd()) { diff --git a/php.spec b/php.spec index a932db9..8c0c82b 100644 --- a/php.spec +++ b/php.spec @@ -154,7 +154,7 @@ ERROR: You need to select at least one Apache SAPI to build shared modules. %undefine with_filter %endif -%define rel 1 +%define rel 2 %define orgname php %define ver_suffix 56 %define php_suffix %{!?with_default_php:%{ver_suffix}} @@ -236,6 +236,7 @@ Patch67: mysql-lib-ver-mismatch.patch Patch69: fpm-conf-split.patch Patch70: mysqlnd-ssl.patch Patch72: phar-hash-shared.patch +Patch73: php-pdo-ssl.patch URL: http://php.net/ %{?with_interbase:%{!?with_interbase_inst:BuildRequires: Firebird-devel >= 1.0.2.908-2}} %{?with_pspell:BuildRequires: aspell-devel >= 2:0.50.0} @@ -2129,6 +2130,7 @@ exit 1 %patch70 -p1 %patch72 -p1 +%patch73 -p1 %{__sed} -i -e '/PHP_ADD_LIBRARY_WITH_PATH/s#xmlrpc,#xmlrpc-epi,#' ext/xmlrpc/config.m4 -- 2.44.0