[BUGFIX] Fix T3editor after PSR-7 change
[Packages/TYPO3.CMS.git] / typo3 / sysext / openid / lib / php-openid / Auth / Yadis / ParanoidHTTPFetcher.php
1 <?php
2
3 /**
4 * This module contains the CURL-based HTTP fetcher implementation.
5 *
6 * PHP versions 4 and 5
7 *
8 * LICENSE: See the COPYING file included in this distribution.
9 *
10 * @package OpenID
11 * @author JanRain, Inc. <openid@janrain.com>
12 * @copyright 2005-2008 Janrain, Inc.
13 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
14 */
15
16 /**
17 * Interface import
18 */
19 require_once "Auth/Yadis/HTTPFetcher.php";
20
21 require_once "Auth/OpenID.php";
22
23 /**
24 * A paranoid {@link Auth_Yadis_HTTPFetcher} class which uses CURL
25 * for fetching.
26 *
27 * @package OpenID
28 */
29 class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
30 function Auth_Yadis_ParanoidHTTPFetcher()
31 {
32 $this->reset();
33 }
34
35 function reset()
36 {
37 $this->headers = array();
38 $this->data = "";
39 }
40
41 /**
42 * @access private
43 */
44 function _writeHeader($ch, $header)
45 {
46 array_push($this->headers, rtrim($header));
47 return strlen($header);
48 }
49
50 /**
51 * @access private
52 */
53 function _writeData($ch, $data)
54 {
55 if (strlen($this->data) > 1024*Auth_OpenID_FETCHER_MAX_RESPONSE_KB) {
56 return 0;
57 } else {
58 $this->data .= $data;
59 return strlen($data);
60 }
61 }
62
63 /**
64 * Does this fetcher support SSL URLs?
65 */
66 function supportsSSL()
67 {
68 $v = curl_version();
69 if(is_array($v)) {
70 return in_array('https', $v['protocols']);
71 } elseif (is_string($v)) {
72 return preg_match('/OpenSSL/i', $v);
73 } else {
74 return 0;
75 }
76 }
77
78 function get($url, $extra_headers = null)
79 {
80 if (!$this->canFetchURL($url)) {
81 return null;
82 }
83
84 $stop = time() + $this->timeout;
85 $off = $this->timeout;
86
87 $redir = true;
88
89 while ($redir && ($off > 0)) {
90 $this->reset();
91
92 $c = curl_init();
93 if (defined('Auth_OpenID_DISABLE_SSL_VERIFYPEER')
94 && Auth_OpenID_DISABLE_SSL_VERIFYPEER === true) {
95 trigger_error(
96 'You have disabled SSL verifcation, this is a TERRIBLE ' .
97 'idea in almost all cases. Set Auth_OpenID_DISABLE_SSL_' .
98 'VERIFYPEER to false if you want to be safe again',
99 E_USER_WARNING);
100 curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
101 }
102
103 if ($c === false) {
104 Auth_OpenID::log(
105 "curl_init returned false; could not " .
106 "initialize for URL '%s'", $url);
107 return null;
108 }
109
110 if (defined('CURLOPT_NOSIGNAL')) {
111 curl_setopt($c, CURLOPT_NOSIGNAL, true);
112 }
113
114 if (!$this->allowedURL($url)) {
115 Auth_OpenID::log("Fetching URL not allowed: %s",
116 $url);
117 return null;
118 }
119
120 curl_setopt($c, CURLOPT_WRITEFUNCTION,
121 array($this, "_writeData"));
122 curl_setopt($c, CURLOPT_HEADERFUNCTION,
123 array($this, "_writeHeader"));
124
125 if ($extra_headers) {
126 curl_setopt($c, CURLOPT_HTTPHEADER, $extra_headers);
127 }
128
129 $cv = curl_version();
130 if(is_array($cv)) {
131 $curl_user_agent = 'curl/'.$cv['version'];
132 } else {
133 $curl_user_agent = $cv;
134 }
135 curl_setopt($c, CURLOPT_USERAGENT,
136 Auth_OpenID_USER_AGENT.' '.$curl_user_agent);
137 curl_setopt($c, CURLOPT_TIMEOUT, $off);
138 curl_setopt($c, CURLOPT_URL, $url);
139
140 if (defined('Auth_OpenID_VERIFY_HOST')) {
141 // set SSL verification options only if Auth_OpenID_VERIFY_HOST
142 // is explicitly set, otherwise use system default.
143 if (Auth_OpenID_VERIFY_HOST) {
144 curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
145 curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
146 if (defined('Auth_OpenID_CAINFO')) {
147 curl_setopt($c, CURLOPT_CAINFO, Auth_OpenID_CAINFO);
148 }
149 } else {
150 curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
151 }
152 }
153 if (defined('Auth_OpenID_HTTP_PROXY')) {
154 curl_setopt($c, CURLOPT_PROXY, Auth_OpenID_HTTP_PROXY);
155 }
156
157 // <TYPO3-specific>
158 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyServer']) {
159 curl_setopt($c, CURLOPT_PROXY, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyServer']);
160
161 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyTunnel']) {
162 curl_setopt($c, CURLOPT_HTTPPROXYTUNNEL, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyTunnel']);
163 }
164 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyUserPass']) {
165 curl_setopt($c, CURLOPT_PROXYUSERPWD, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyUserPass']);
166 }
167 }
168 // </TYPO3-specific>
169
170 curl_exec($c);
171
172 $code = curl_getinfo($c, CURLINFO_HTTP_CODE);
173 $body = $this->data;
174 $headers = $this->headers;
175
176 if (!$code) {
177 Auth_OpenID::log("Got no response code when fetching %s", $url);
178 Auth_OpenID::log("CURL error (%s): %s",
179 curl_errno($c), curl_error($c));
180 return null;
181 }
182
183 if (in_array($code, array(301, 302, 303, 307))) {
184 $url = $this->_findRedirect($headers, $url);
185 $redir = true;
186 } else {
187 $redir = false;
188 curl_close($c);
189
190 if (defined('Auth_OpenID_VERIFY_HOST') &&
191 Auth_OpenID_VERIFY_HOST == true &&
192 $this->isHTTPS($url)) {
193 Auth_OpenID::log('OpenID: Verified SSL host %s using '.
194 'curl/get', $url);
195 }
196 $new_headers = array();
197
198 foreach ($headers as $header) {
199 if (strpos($header, ': ')) {
200 list($name, $value) = explode(': ', $header, 2);
201 $new_headers[$name] = $value;
202 }
203 }
204
205 return new Auth_Yadis_HTTPResponse($url, $code,
206 $new_headers, $body);
207 }
208
209 $off = $stop - time();
210 }
211
212 return null;
213 }
214
215 function post($url, $body, $extra_headers = null)
216 {
217 if (!$this->canFetchURL($url)) {
218 return null;
219 }
220
221 $this->reset();
222
223 $c = curl_init();
224
225 if (defined('CURLOPT_NOSIGNAL')) {
226 curl_setopt($c, CURLOPT_NOSIGNAL, true);
227 }
228
229 if (defined('Auth_OpenID_HTTP_PROXY')) {
230 curl_setopt($c, CURLOPT_PROXY, Auth_OpenID_HTTP_PROXY);
231 }
232
233 // <TYPO3-specific>
234 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyServer']) {
235 curl_setopt($c, CURLOPT_PROXY, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyServer']);
236
237 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyTunnel']) {
238 curl_setopt($c, CURLOPT_HTTPPROXYTUNNEL, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyTunnel']);
239 }
240 if ($GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyUserPass']) {
241 curl_setopt($c, CURLOPT_PROXYUSERPWD, $GLOBALS['TYPO3_CONF_VARS']['SYS']['curlProxyUserPass']);
242 }
243 }
244 // </TYPO3-specific>
245
246 curl_setopt($c, CURLOPT_POST, true);
247 curl_setopt($c, CURLOPT_POSTFIELDS, $body);
248 curl_setopt($c, CURLOPT_TIMEOUT, $this->timeout);
249 curl_setopt($c, CURLOPT_URL, $url);
250 curl_setopt($c, CURLOPT_WRITEFUNCTION,
251 array($this, "_writeData"));
252
253 if (defined('Auth_OpenID_VERIFY_HOST')) {
254 // set SSL verification options only if Auth_OpenID_VERIFY_HOST
255 // is explicitly set, otherwise use system default.
256 if (Auth_OpenID_VERIFY_HOST) {
257 curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
258 curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
259 if (defined('Auth_OpenID_CAINFO')) {
260 curl_setopt($c, CURLOPT_CAINFO, Auth_OpenID_CAINFO);
261 }
262 } else {
263 curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
264 }
265 }
266
267 curl_exec($c);
268
269 $code = curl_getinfo($c, CURLINFO_HTTP_CODE);
270
271 if (!$code) {
272 Auth_OpenID::log("Got no response code when fetching %s", $url);
273 Auth_OpenID::log("CURL error (%s): %s",
274 curl_errno($c), curl_error($c));
275 return null;
276 }
277
278 if (defined('Auth_OpenID_VERIFY_HOST') &&
279 Auth_OpenID_VERIFY_HOST == true &&
280 $this->isHTTPS($url)) {
281 Auth_OpenID::log('OpenID: Verified SSL host %s using '.
282 'curl/post', $url);
283 }
284 $body = $this->data;
285
286 curl_close($c);
287
288 $new_headers = $extra_headers;
289
290 foreach ($this->headers as $header) {
291 if (strpos($header, ': ')) {
292 list($name, $value) = explode(': ', $header, 2);
293 $new_headers[$name] = $value;
294 }
295
296 }
297
298 return new Auth_Yadis_HTTPResponse($url, $code,
299 $new_headers, $body);
300 }
301 }
302