# Butt-ugly looking code here, but I need regular expressions to do this.

Re-instated safe-mode realm mangling as it was in php 2 and 3 albeit
in a somewhat more robust way.
@ Re-instated safe-mode realm mangling (Rasmus)

diff --git a/ext/pcre/php_pcre.h b/ext/pcre/php_pcre.h
index f566c263c9b18c3f7398d8125097d160aa26f807..6e550b469da9553e2fe7d8e42f4b1a28217d415c 100644 (file)
--- a/ext/pcre/php_pcre.h
+++ b/ext/pcre/php_pcre.h
@@ -41,6 +41,9 @@ PHP_FUNCTION(preg_split);
 PHP_FUNCTION(preg_quote);
 PHP_FUNCTION(preg_grep);
 
+char *php_pcre_replace(char *regex,   int regex_len, char *subject, int subject_len,
+                       zval *replace_val, int is_callable_replace, int *result_len, int limit TSRMLS_DC);
+
 extern zend_module_entry pcre_module_entry;
 #define pcre_module_ptr &pcre_module_entry
 

diff --git a/main/SAPI.c b/main/SAPI.c
index b4695a57714779c70d81c2a1a536b05bbcead463..76ccad8c0f82345cd987bb0415bada2e5c33873c 100644 (file)
--- a/main/SAPI.c
+++ b/main/SAPI.c
@@ -23,6 +23,9 @@
 
 #include "php.h"
 #include "SAPI.h"
+#include "ext/standard/php_string.h"
+#include "ext/standard/pageinfo.h"
+#include "ext/pcre/php_pcre.h"
 #ifdef ZTS
 #include "TSRM.h"
 #endif
@@ -372,6 +375,8 @@ SAPI_API int sapi_add_header_ex(char *header_line, uint header_line_len, zend_bo
        int retval, free_header = 0;
        sapi_header_struct sapi_header;
        char *colon_offset;
+       int result_len = 0;
+       long myuid = 0L;
 
        if (SG(headers_sent) && !SG(request_info).no_headers) {
                char *output_start_filename = php_get_output_start_filename(TSRMLS_C);
@@ -441,7 +446,59 @@ SAPI_API int sapi_add_header_ex(char *header_line, uint header_line_len, zend_bo
                                        SG(sapi_headers).http_response_code = 302;
                                   }
                        } else if (!STRCASECMP(header_line, "WWW-Authenticate")) { /* HTTP Authentication */
+                               zval *repl_temp;
+                               char *result, *newheader, *ptr = colon_offset+1;
+                               int newlen, ptr_len=0;
+
                                SG(sapi_headers).http_response_code = 401; /* authentication-required */
+                               if(PG(safe_mode)) {
+                                       myuid = php_getuid();
+
+                                       ptr_len = strlen(ptr);
+                                       MAKE_STD_ZVAL(repl_temp);
+                                       Z_STRVAL_P(repl_temp) = emalloc(32);
+                                       Z_STRLEN_P(repl_temp) = sprintf(Z_STRVAL_P(repl_temp), "realm=\"\\1-%ld\"", myuid);
+                                       /* Modify quoted realm value */
+                                       result = php_pcre_replace("/realm=\"(.*?)\"/i", 16,
+                                                                                        ptr, ptr_len,
+                                                                                        repl_temp,
+                                                                                        0, &result_len, -1 TSRMLS_CC);
+                                       if(result_len==ptr_len) {
+                                               efree(result);
+                                               sprintf(Z_STRVAL_P(repl_temp), "realm=\\1-%ld\\2", myuid);
+                                               /* modify unquoted realm value */
+                                               result = php_pcre_replace("/realm=([^\\s]+)(.*)/i", 21, 
+                                                                                               ptr, ptr_len,
+                                                                                               repl_temp,
+                                                                                               0, &result_len, -1 TSRMLS_CC);
+                                               if(result_len==ptr_len) {
+                                                       char *lower_temp = estrdup(ptr);        
+                                                       char conv_temp[32];
+                                                       int conv_len;
+
+                                                       php_strtolower(lower_temp,strlen(lower_temp));
+                                                       /* If there is no realm string at all, append one */
+                                                       if(!strstr(lower_temp,"realm")) {
+                                                               efree(result);
+                                                               conv_len = sprintf(conv_temp," realm=\"%ld\"",myuid);           
+                                                               result = emalloc(ptr_len+conv_len+1);
+                                                               memcpy(result, ptr, ptr_len);   
+                                                               memcpy(result+ptr_len, conv_temp, conv_len);
+                                                               *(result+ptr_len+conv_len) = '\0';
+                                                       }
+                                                       efree(lower_temp);
+                                               }
+                                       }
+                                       newlen = sizeof("WWW-Authenticate: ") + result_len;
+                                       newheader = emalloc(newlen+1);
+                                       sprintf(newheader,"WWW-Authenticate: %s", result);
+                                       efree(header_line);
+                                       sapi_header.header = newheader;
+                                       sapi_header.header_len = newlen;
+                                       efree(result);
+                                       efree(Z_STRVAL_P(repl_temp));
+                                       efree(repl_temp);
+                               }
                        }
                        *colon_offset = ':';
                }