1
0
Fork 0

Make packagist downgrade out of ssl after fetching the main file, since the other files can be verified via sha256

pull/1609/head
Jordi Boggiano 2013-02-21 17:37:18 +01:00
parent 211b69b38b
commit 995dc40130
2 changed files with 8 additions and 0 deletions

View File

@ -39,6 +39,7 @@ class Config
'packagist' => array( 'packagist' => array(
'type' => 'composer', 'type' => 'composer',
'url' => 'https?://packagist.org', 'url' => 'https?://packagist.org',
'allow_ssl_downgrade' => true,
) )
); );

View File

@ -43,6 +43,7 @@ class ComposerRepository extends ArrayRepository implements StreamableRepository
protected $providersByUid = array(); protected $providersByUid = array();
protected $loader; protected $loader;
protected $rootAliases; protected $rootAliases;
protected $allowSslDowngrade = false;
private $rawData; private $rawData;
private $minimalPackages; private $minimalPackages;
private $degradedMode = false; private $degradedMode = false;
@ -68,6 +69,9 @@ class ComposerRepository extends ArrayRepository implements StreamableRepository
if (!isset($repoConfig['options'])) { if (!isset($repoConfig['options'])) {
$repoConfig['options'] = array(); $repoConfig['options'] = array();
} }
if (isset($repoConfig['allow_ssl_downgrade']) && true === $repoConfig['allow_ssl_downgrade']) {
$this->allowSslDowngrade = true;
}
$this->config = $config; $this->config = $config;
$this->options = $repoConfig['options']; $this->options = $repoConfig['options'];
@ -327,6 +331,9 @@ class ComposerRepository extends ArrayRepository implements StreamableRepository
} }
$data = $this->fetchFile($jsonUrl, 'packages.json'); $data = $this->fetchFile($jsonUrl, 'packages.json');
if ($this->allowSslDowngrade) {
$this->url = str_replace('https://', 'http://', $this->url);
}
// TODO remove this BC notify_batch support // TODO remove this BC notify_batch support
if (!empty($data['notify_batch'])) { if (!empty($data['notify_batch'])) {