PHPC-33: Implement X509 support via PHP streams

Author: bjori

src/MongoDB/Manager.c

@@ -24,6 +24,8 @@
 #	include "config.h"
 #endif
 
+/* YCM */
+#include <strings.h>
 /* External libs */
 #include <bson.h>
 #include <mongoc.h>
@@ -78,7 +80,26 @@ PHP_METHOD(Manager, __construct)
 		zval **tmp;
 
 		if (zend_hash_find(Z_ARRVAL_P(driverOptions), "context", strlen("context") + 1, (void**)&tmp) == SUCCESS) {
+			const mongoc_uri_t *muri = mongoc_client_get_uri(intern->client);
+			const char *mech = mongoc_uri_get_auth_mechanism(muri);
 			ctx = php_stream_context_from_zval(*tmp, PHP_FILE_NO_DEFAULT_CONTEXT);
+
+			/* Check if we are doing X509 auth, in which case extract the username (subject) from the cert if no username is provided */
+			if (mech && !strcasecmp(mech, "MONGODB-X509") && !mongoc_uri_get_username(muri)) {
+				zval **pem;
+
+				if (SUCCESS == php_stream_context_get_option(ctx, "ssl", "local_cert", &pem)) {
+					char filename[MAXPATHLEN];
+
+					convert_to_string_ex(pem);
+					if (VCWD_REALPATH(Z_STRVAL_PP(pem), filename)) {
+						mongoc_ssl_opt_t  ssl_options;
+
+						ssl_options.pem_file = filename;
+						mongoc_client_set_ssl_opts(intern->client, &ssl_options);
+					}
+				}
+			}
 		}
 
 		if (zend_hash_find(Z_ARRVAL_P(driverOptions), "debug", strlen("debug") + 1, (void**)&tmp) == SUCCESS) {

tests/connect/standalone-x509-0001.phpt

@@ -45,17 +45,16 @@ $cmd = array(
 );
 
 try {
-    echo "User Created\n";
     $command = new MongoDB\Command($cmd);
-    $result = $adminmanager->executeCommand(DATABASE_NAME, $command);
+    $result = $adminmanager->executeCommand('$external', $command);
     echo "User Created\n";
 } catch(Exception $e) {
     echo get_class($e), ": ", $e->getMessage(), "\n";
 }
 
 try {
     $parsed = parse_url(MONGODB_STANDALONE_X509_URI);
-    $dsn = sprintf("mongodb://%s@%s:%d/%s?ssl=true&authMechanism=MONGODB-X509", urlencode($certusername), $parsed["host"], $parsed["port"], DATABASE_NAME);
+    $dsn = sprintf("mongodb://%s@%s:%d/%s?ssl=true&authMechanism=MONGODB-X509", $certusername, $parsed["host"], $parsed["port"], DATABASE_NAME);
 
     $manager = new MongoDB\Manager($dsn, array(), array("context" => $context, "debug" => STDERR));
 
@@ -67,14 +66,15 @@ try {
     foreach($cursor as $document) {
         var_dump($document["very"]);
     }
+    $command = new MongoDB\Command(array("drop" => COLLECTION_NAME));
+    $result = $manager->executeCommand(DATABASE_NAME, $command);
 } catch(Exception $e) {
     echo get_class($e), ": ", $e->getMessage(), "\n";
 }
 
 try {
-    echo "User dropped\n";
-    $command = new MongoDB\Command(array("drop" => COLLECTION_NAME));
-    $result = $adminmanager->executeCommand(DATABASE_NAME, $command);
+    $command = new MongoDB\Command(array("dropUser" => $certusername));
+    $result = $adminmanager->executeCommand('$external', $command);
     echo "User dropped\n";
 } catch(Exception $e) {
     echo get_class($e), ": ", $e->getMessage(), "\n";

tests/connect/standalone-x509-0002.phpt

@@ -45,9 +45,8 @@ $cmd = array(
 );
 
 try {
-    echo "User Created\n";
     $command = new MongoDB\Command($cmd);
-    $result = $adminmanager->executeCommand(DATABASE_NAME, $command);
+    $result = $adminmanager->executeCommand('$external', $command);
     echo "User Created\n";
 } catch(Exception $e) {
     echo get_class($e), ": ", $e->getMessage(), "\n";
@@ -68,14 +67,15 @@ try {
     foreach($cursor as $document) {
         var_dump($document["very"]);
     }
+    $command = new MongoDB\Command(array("drop" => COLLECTION_NAME));
+    $result = $manager->executeCommand(DATABASE_NAME, $command);
 } catch(Exception $e) {
     echo get_class($e), ": ", $e->getMessage(), "\n";
 }
 
 try {
-    echo "User dropped\n";
-    $command = new MongoDB\Command(array("drop" => COLLECTION_NAME));
-    $result = $adminmanager->executeCommand(DATABASE_NAME, $command);
+    $command = new MongoDB\Command(array("dropUser" => $certusername));
+    $result = $adminmanager->executeCommand('$external', $command);
     echo "User dropped\n";
 } catch(Exception $e) {
     echo get_class($e), ": ", $e->getMessage(), "\n";