- missed in previous commit

[packages/php.git] / php-mysql-ssl-context.patch

diff --git a/php-mysql-ssl-context.patch b/php-mysql-ssl-context.patch
new file mode 100644 (file)
index 0000000..c8ff48d
--- /dev/null
+++ b/php-mysql-ssl-context.patch
@@ -0,0 +1,36 @@
+; obey default context options
+; https://bugs.php.net/bug.php?id=68344
+diff -urbB php-5.6.12/ext/mysqlnd/mysqlnd_net.c php-5.6.12/ext/mysqlnd/mysqlnd_net.c
+--- php-5.6.12/ext/mysqlnd/mysqlnd_net.c       2015-08-06 09:55:57.000000000 +0200
++++ php-5.6.12/ext/mysqlnd/mysqlnd_net.c       2015-08-10 13:25:30.187912101 +0200
+@@ -29,6 +29,7 @@
+ #include "mysqlnd_ext_plugin.h"
+ #include "php_network.h"
+ #include "zend_ini.h"
++#include "ext/standard/file.h"
+ #ifdef MYSQLND_COMPRESSION_ENABLED
+ #include <zlib.h>
+ #endif
+@@ -868,6 +868,21 @@ MYSQLND_METHOD(mysqlnd_net, enable_ssl)(
+               DBG_RETURN(FAIL);
+       }
+ 
++      if (FG(default_context)) {
++              zval **tmpzval = NULL;
++              int i = 0;
++              /* copy values from default stream settings */
++              char *opts[] = { "allow_self_signed", "cafile", "capath", "ciphers", "CN_match",
++                      "disable_compression", "local_cert", "local_pk", "no_ticket", "passphrase",
++                      "peer_fingerprint", "peer_name", "SNI_enabled", "SNI_server_certs", "SNI_server_name",
++                      "verify_depth", "verify_peer", "verify_peer_name", NULL };
++              while (opts[i]) {
++                      if (php_stream_context_get_option(FG(default_context), "ssl", opts[i], &tmpzval) == SUCCESS)
++                              php_stream_context_set_option(context, "ssl", opts[i], *tmpzval);
++                      i++;
++              }
++      }
++
+       if (net->data->options.ssl_key) {
+               zval key_zval;
+               ZVAL_STRING(&key_zval, net->data->options.ssl_key, 0);
+