Skip to content

Commit d172938

Browse files
devnexendevnexen
committed
reuse existing nullable option section.
and add CURLOPT_PASSWORD to the mix. CURLOPT_XOAUTH2_BEARER already handled.
1 parent 1c25577 commit d172938

File tree

2 files changed

+7
-19
lines changed

2 files changed

+7
-19
lines changed

ext/curl/interface.c

+6-19
Original file line numberDiff line numberDiff line change
@@ -1903,7 +1903,6 @@ static zend_result _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue
19031903
case CURLOPT_COOKIELIST:
19041904
case CURLOPT_FTP_ALTERNATIVE_TO_USER:
19051905
case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5:
1906-
case CURLOPT_PASSWORD:
19071906
case CURLOPT_PROXYPASSWORD:
19081907
case CURLOPT_PROXYUSERNAME:
19091908
case CURLOPT_NOPROXY:
@@ -1996,24 +1995,6 @@ static zend_result _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue
19961995
return ret;
19971996
}
19981997

1999-
case CURLOPT_USERPWD:
2000-
case CURLOPT_USERNAME:
2001-
{
2002-
if (Z_ISNULL_P(zvalue)) {
2003-
// Authorization header would be implictly set
2004-
// with an empty string thus we explictly set the option
2005-
// to null to avoid this unwarranted side effect
2006-
error = curl_easy_setopt(ch->cp, option, NULL);
2007-
} else {
2008-
zend_string *tmp_str;
2009-
zend_string *str = zval_get_tmp_string(zvalue, &tmp_str);
2010-
zend_result ret = php_curl_option_str(ch, option, ZSTR_VAL(str), ZSTR_LEN(str));
2011-
zend_tmp_string_release(tmp_str);
2012-
return ret;
2013-
}
2014-
break;
2015-
}
2016-
20171998
/* Curl nullable string options */
20181999
case CURLOPT_CUSTOMREQUEST:
20192000
case CURLOPT_FTPPORT:
@@ -2037,6 +2018,12 @@ static zend_result _php_curl_setopt(php_curl *ch, zend_long option, zval *zvalue
20372018
case CURLOPT_HSTS:
20382019
#endif
20392020
case CURLOPT_KRBLEVEL:
2021+
// Authorization header would be implictly set
2022+
// with an empty string thus we explictly set the option
2023+
// to null to avoid this unwarranted side effect
2024+
case CURLOPT_USERPWD:
2025+
case CURLOPT_USERNAME:
2026+
case CURLOPT_PASSWORD:
20402027
{
20412028
if (Z_ISNULL_P(zvalue)) {
20422029
error = curl_easy_setopt(ch->cp, option, NULL);

ext/curl/tests/gh18458.phpt

+1
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ var_dump(str_contains($response, "authorization"));
1919

2020
$ch = curl_init("https://localhost/username");
2121
curl_setopt($ch, CURLOPT_USERNAME, null);
22+
curl_setopt($ch, CURLOPT_PASSWORD, null);
2223
curl_setopt($ch, CURLOPT_VERBOSE, true);
2324
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2425
curl_setopt($ch, CURLOPT_STDERR, fopen("php://stdout", "w"));

0 commit comments

Comments
 (0)