123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267 |
- <?php
- /**
- * This module contains the CURL-based HTTP fetcher implementation.
- *
- * PHP versions 4 and 5
- *
- * LICENSE: See the COPYING file included in this distribution.
- *
- * @package OpenID
- * @author JanRain, Inc. <openid@janrain.com>
- * @copyright 2005-2008 Janrain, Inc.
- * @license http://www.apache.org/licenses/LICENSE-2.0 Apache
- */
- /**
- * Interface import
- */
- require_once "Auth/Yadis/HTTPFetcher.php";
- require_once "Auth/OpenID.php";
- /**
- * A paranoid {@link Auth_Yadis_HTTPFetcher} class which uses CURL
- * for fetching.
- *
- * @package OpenID
- */
- class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher {
- function Auth_Yadis_ParanoidHTTPFetcher()
- {
- $this->reset();
- }
- function reset()
- {
- $this->headers = array();
- $this->data = "";
- }
- /**
- * @access private
- */
- function _writeHeader($ch, $header)
- {
- array_push($this->headers, rtrim($header));
- return strlen($header);
- }
- /**
- * @access private
- */
- function _writeData($ch, $data)
- {
- if (strlen($this->data) > 1024*Auth_OpenID_FETCHER_MAX_RESPONSE_KB) {
- return 0;
- } else {
- $this->data .= $data;
- return strlen($data);
- }
- }
- /**
- * Does this fetcher support SSL URLs?
- */
- function supportsSSL()
- {
- $v = curl_version();
- if(is_array($v)) {
- return in_array('https', $v['protocols']);
- } elseif (is_string($v)) {
- return preg_match('/OpenSSL/i', $v);
- } else {
- return 0;
- }
- }
- function get($url, $extra_headers = null)
- {
- if (!$this->canFetchURL($url)) {
- return null;
- }
- $stop = time() + $this->timeout;
- $off = $this->timeout;
- $redir = true;
- while ($redir && ($off > 0)) {
- $this->reset();
- $c = curl_init();
- if ($c === false) {
- Auth_OpenID::log(
- "curl_init returned false; could not " .
- "initialize for URL '%s'", $url);
- return null;
- }
- if (defined('CURLOPT_NOSIGNAL')) {
- curl_setopt($c, CURLOPT_NOSIGNAL, true);
- }
- if (!$this->allowedURL($url)) {
- Auth_OpenID::log("Fetching URL not allowed: %s",
- $url);
- return null;
- }
- curl_setopt($c, CURLOPT_WRITEFUNCTION,
- array($this, "_writeData"));
- curl_setopt($c, CURLOPT_HEADERFUNCTION,
- array($this, "_writeHeader"));
- if ($extra_headers) {
- curl_setopt($c, CURLOPT_HTTPHEADER, $extra_headers);
- }
- $cv = curl_version();
- if(is_array($cv)) {
- $curl_user_agent = 'curl/'.$cv['version'];
- } else {
- $curl_user_agent = $cv;
- }
- curl_setopt($c, CURLOPT_USERAGENT,
- Auth_OpenID_USER_AGENT.' '.$curl_user_agent);
- curl_setopt($c, CURLOPT_TIMEOUT, $off);
- curl_setopt($c, CURLOPT_URL, $url);
- if (defined('Auth_OpenID_VERIFY_HOST')) {
- // set SSL verification options only if Auth_OpenID_VERIFY_HOST
- // is explicitly set, otherwise use system default.
- if (Auth_OpenID_VERIFY_HOST) {
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
- curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
- if (defined('Auth_OpenID_CAINFO')) {
- curl_setopt($c, CURLOPT_CAINFO, Auth_OpenID_CAINFO);
- }
- } else {
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
- }
- }
- if (defined('Auth_OpenID_HTTP_PROXY')) {
- curl_setopt($c, CURLOPT_PROXY, Auth_OpenID_HTTP_PROXY);
- }
- curl_exec($c);
- $code = curl_getinfo($c, CURLINFO_HTTP_CODE);
- $body = $this->data;
- $headers = $this->headers;
- if (!$code) {
- Auth_OpenID::log("Got no response code when fetching %s", $url);
- Auth_OpenID::log("CURL error (%s): %s",
- curl_errno($c), curl_error($c));
- return null;
- }
- if (in_array($code, array(301, 302, 303, 307))) {
- $url = $this->_findRedirect($headers, $url);
- $redir = true;
- } else {
- $redir = false;
- curl_close($c);
- if (defined('Auth_OpenID_VERIFY_HOST') &&
- Auth_OpenID_VERIFY_HOST == true &&
- $this->isHTTPS($url)) {
- Auth_OpenID::log('OpenID: Verified SSL host %s using '.
- 'curl/get', $url);
- }
- $new_headers = array();
- foreach ($headers as $header) {
- if (strpos($header, ': ')) {
- list($name, $value) = explode(': ', $header, 2);
- $new_headers[$name] = $value;
- }
- }
- return new Auth_Yadis_HTTPResponse($url, $code,
- $new_headers, $body);
- }
- $off = $stop - time();
- }
- return null;
- }
- function post($url, $body, $extra_headers = null)
- {
- if (!$this->canFetchURL($url)) {
- return null;
- }
- $this->reset();
- $c = curl_init();
- if (defined('CURLOPT_NOSIGNAL')) {
- curl_setopt($c, CURLOPT_NOSIGNAL, true);
- }
- if (defined('Auth_OpenID_HTTP_PROXY')) {
- curl_setopt($c, CURLOPT_PROXY, Auth_OpenID_HTTP_PROXY);
- }
- curl_setopt($c, CURLOPT_POST, true);
- curl_setopt($c, CURLOPT_POSTFIELDS, $body);
- curl_setopt($c, CURLOPT_TIMEOUT, $this->timeout);
- curl_setopt($c, CURLOPT_URL, $url);
- curl_setopt($c, CURLOPT_WRITEFUNCTION,
- array($this, "_writeData"));
- if (defined('Auth_OpenID_VERIFY_HOST')) {
- // set SSL verification options only if Auth_OpenID_VERIFY_HOST
- // is explicitly set, otherwise use system default.
- if (Auth_OpenID_VERIFY_HOST) {
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
- curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
- if (defined('Auth_OpenID_CAINFO')) {
- curl_setopt($c, CURLOPT_CAINFO, Auth_OpenID_CAINFO);
- }
- } else {
- curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
- }
- }
- curl_exec($c);
- $code = curl_getinfo($c, CURLINFO_HTTP_CODE);
- if (!$code) {
- Auth_OpenID::log("Got no response code when fetching %s", $url);
- Auth_OpenID::log("CURL error (%s): %s",
- curl_errno($c), curl_error($c));
- return null;
- }
- if (defined('Auth_OpenID_VERIFY_HOST') &&
- Auth_OpenID_VERIFY_HOST == true &&
- $this->isHTTPS($url)) {
- Auth_OpenID::log('OpenID: Verified SSL host %s using '.
- 'curl/post', $url);
- }
- $body = $this->data;
- curl_close($c);
- $new_headers = $extra_headers;
- foreach ($this->headers as $header) {
- if (strpos($header, ': ')) {
- list($name, $value) = explode(': ', $header, 2);
- $new_headers[$name] = $value;
- }
- }
- return new Auth_Yadis_HTTPResponse($url, $code,
- $new_headers, $body);
- }
- }
|