From 64e52596abaf4bdd4c17f79c4e8acf25d1a452b4 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Wed, 29 Aug 2018 08:55:49 +0000
Subject: Verify certs (#223)

Ensure that certificates are verified in curl
should close #47 ---
 src/sp_curl_verify_certificates.c | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 src/sp_curl_verify_certificates.c

(limited to 'src/sp_curl_verify_certificates.c')

diff --git a/src/sp_curl_verify_certificates.c b/src/sp_curl_verify_certificates.c
new file mode 100644
index 0000000..057ee29
--- /dev/null
+++ b/src/sp_curl_verify_certificates.c
@@ -0,0 +1,33 @@
+#include "php_snuffleupagus.h"
+#include "sp_config.h"
+
+ZEND_DECLARE_MODULE_GLOBALS(snuffleupagus)
+
+PHP_FUNCTION(sp_curl_setopt) {
+	void (*orig_handler)(INTERNAL_FUNCTION_PARAMETERS);
+	zend_string *protocol_name = NULL;
+	zval *zid, *zvalue;
+	zend_long options;
+
+	ZEND_PARSE_PARAMETERS_START(3, 3)
+		Z_PARAM_RESOURCE(zid)
+		Z_PARAM_LONG(options)
+		Z_PARAM_ZVAL(zvalue)
+	ZEND_PARSE_PARAMETERS_END();
+
+	if (options & CURLOPT_SSL_VERIFYPEER && zval_get_long(zvalue) != 1) {
+			sp_log_err("verify_vertificates", "Please don't deactivate server certificate validation");
+	} else if (options & CURLOPT_SSL_VERIFYHOST && zval_get_long(zvalue) != 2) {
+			sp_log_err("verify_vertificates", "Please don't deactivate client certificate validation");
+	}
+
+	orig_handler(INTERNAL_FUNCTION_PARAM_PASSTHRU);
+}
+
+int hook_curl_verify_certificates() {
+	TSRMLS_FETCH();
+
+  HOOK_FUNCTION("curl_setopt", sp_internal_functions_hook, PHP_FN(sp_curl_setopt));
+
+	return SUCCESS;
+}
-- 
cgit v1.3