Newer versions of libcurl prevent file:// location response headers by default,
which means that the open_basedir check is unnecessary — the fact
CURLOPT_REDIR_PROTOCOLS can't set CURLPROTO_FILE with open_basedir enabled
means that there's no possibility of breaching the open_basedir restriction,
and this allows HTTP redirects to be followed automatically.
Implements FR #65646 (re-enable CURLOPT_FOLLOWLOCATION with open_basedir or
safe_mode).
At present, when curl_setopt() is called with an option that requires the
creation of a curl_slist, we simply push the new curl_slist onto a list to be
freed when the curl handle is freed. This avoids a memory leak, but means that
repeated calls to curl_setopt() on the same handle with the same option wastes
previously allocated memory on curl_slist structs that will no longer be read.
This commit changes the zend_llist that was previously used to track the lists
to a HashTable keyed by the option number, which means that we can simply
update the hash table each time curl_setopt() is called.
Fixes bug #65458 (curl memory leak).
Add the support for both curl_strerror and curl_multi_strerror.
Those function will return a string describing the error code
passed in the argument errornum
Libcurl is doing connection caching. When easy handle is cleaned up,
if the handle was previously used by the curl_multi_api, the connection
remains open un the curl multi handle is cleaned up. Some protocols are
sending content like the FTP one, and libcurl try to use the
WRITEFUNCTION or the HEADERFUNCTION. Since structures used in those
callback are freed, we need to use an other callback to which avoid
segfaults.
Libcurl commit d021f2e8a00 fix this issue and should be part of 7.28.2
* PHP-5.4:
Update NEWS file
Fixed bug #63352 (Can't enable hostname validation when using curl stream wrappers)
CURL >= 7.28.0 no longer support value 1 for CURLOPT_SSL_VERIFYHOST)
* PHP-5.3:
Update NEWS file
Fixed bug #63352 (Can't enable hostname validation when using curl stream wrappers)
CURL >= 7.28.0 no longer support value 1 for CURLOPT_SSL_VERIFYHOST)
Conflicts:
ext/curl/interface.c
ext/curl/tests/bug63363.phpt
* PHP-5.4:
update NEWS
Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, "") returns false)
appease MSVC (doesnt like unary minus of unsigned ints)
appease MSVC (doesnt like unary minus of unsigned ints)