1
0
Fork 0

Merge branch '1.1'

pull/5473/head
Jordi Boggiano 2016-06-25 15:50:18 +01:00
commit 75074382de
2 changed files with 12 additions and 0 deletions

View File

@ -44,6 +44,11 @@ class Cache
$this->whitelist = $whitelist; $this->whitelist = $whitelist;
$this->filesystem = $filesystem ?: new Filesystem(); $this->filesystem = $filesystem ?: new Filesystem();
if (preg_match('{(^|[\\\\/])(\$null|NUL|/dev/null)([\\\\/]|$)}', $cacheDir)) {
$this->enabled = false;
return;
}
if ( if (
(!is_dir($this->root) && !Silencer::call('mkdir', $this->root, 0777, true)) (!is_dir($this->root) && !Silencer::call('mkdir', $this->root, 0777, true))
|| !is_writable($this->root) || !is_writable($this->root)

View File

@ -645,6 +645,13 @@ class ComposerRepository extends ArrayRepository implements ConfigurableReposito
$json = $rfs->getContents($hostname, $filename, false); $json = $rfs->getContents($hostname, $filename, false);
if ($sha256 && $sha256 !== hash('sha256', $json)) { if ($sha256 && $sha256 !== hash('sha256', $json)) {
// undo downgrade before trying again if http seems to be hijacked or modifying content somehow
if ($this->allowSslDowngrade) {
$this->url = str_replace('http://', 'https://', $this->url);
$this->baseUrl = str_replace('http://', 'https://', $this->baseUrl);
$filename = str_replace('http://', 'https://', $filename);
}
if ($retries) { if ($retries) {
usleep(100000); usleep(100000);