1
0
Fork 0

Make disableTls a core RemoteFilesystem option - per method invites human error

pull/2745/head
Pádraic Brady 2014-02-24 19:15:54 +00:00
parent 3cd979b324
commit a2bf14e381
4 changed files with 25 additions and 18 deletions

View File

@ -151,12 +151,14 @@ EOT
$result[] = '<error>Composer is configured to use SSL/TLS protection but the openssl extension is not available.</error>'; $result[] = '<error>Composer is configured to use SSL/TLS protection but the openssl extension is not available.</error>';
} }
$remoteFilesystemOptions = array(); $rfsOptions = array();
if ($disableTls) {
if (!is_null($config->get('cafile'))) { if (!is_null($config->get('cafile'))) {
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile'))); $rfsOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
}
} }
try { try {
$this->rfs = new RemoteFilesystem($this->getIO(), $remoteFilesystemOptions, $disableTls); $this->rfs = new RemoteFilesystem($this->getIO(), $rfsOptions, $disableTls);
} catch (TransportException $e) { } catch (TransportException $e) {
if (preg_match('|cafile|', $e->getMessage())) { if (preg_match('|cafile|', $e->getMessage())) {
$result[] = '<error>[' . get_class($e) . '] ' . $e->getMessage() . '</error>'; $result[] = '<error>[' . get_class($e) . '] ' . $e->getMessage() . '</error>';
@ -168,7 +170,7 @@ EOT
} }
try { try {
$json = $this->rfs->getContents('packagist.org', $protocol . '://packagist.org/packages.json', false, array(), $disableTls); $json = $this->rfs->getContents('packagist.org', $protocol . '://packagist.org/packages.json', false);
} catch (\Exception $e) { } catch (\Exception $e) {
array_unshift($result, '[' . get_class($e) . '] ' . $e->getMessage()); array_unshift($result, '[' . get_class($e) . '] ' . $e->getMessage());
} }

View File

@ -75,12 +75,14 @@ EOT
} }
$remoteFilesystemOptions = array(); $remoteFilesystemOptions = array();
if ($disableTls === false) {
if (!is_null($config->get('cafile'))) { if (!is_null($config->get('cafile'))) {
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile'))); $remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
} }
if (!is_null($input->get('cafile'))) { if (!is_null($input->get('cafile'))) {
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$input->get('cafile'))); $remoteFilesystemOptions = array('ssl'=>array('cafile'=>$input->get('cafile')));
} }
}
try { try {
$remoteFilesystem = new RemoteFilesystem($this->getIO(), $remoteFilesystemOptions, $disableTls); $remoteFilesystem = new RemoteFilesystem($this->getIO(), $remoteFilesystemOptions, $disableTls);
} catch (TransportException $e) { } catch (TransportException $e) {

View File

@ -33,6 +33,7 @@ class RemoteFilesystem
private $progress; private $progress;
private $lastProgress; private $lastProgress;
private $options; private $options;
private $disableTls = false;
/** /**
* Constructor. * Constructor.
@ -52,9 +53,11 @@ class RemoteFilesystem
$this->options = $this->getTlsDefaults(); $this->options = $this->getTlsDefaults();
if (isset($options['ssl']['cafile']) if (isset($options['ssl']['cafile'])
&& (!is_readable($options['ssl']['cafile']) && (!is_readable($options['ssl']['cafile'])
|| !\openssl_x509_parse(file_get_contents($options['ssl']['cafile'])))) { //check return value and test (it's subject to change) || !\openssl_x509_parse(file_get_contents($options['ssl']['cafile'])))) {
throw new TransportException('The configured cafile was not valid or could not be read.'); throw new TransportException('The configured cafile was not valid or could not be read.');
} }
} else {
$this->disableTls = true;
} }
// handle the other externally set options normally. // handle the other externally set options normally.
@ -72,9 +75,9 @@ class RemoteFilesystem
* *
* @return bool true * @return bool true
*/ */
public function copy($originUrl, $fileUrl, $fileName, $progress = true, $options = array(), $disableTls = false) //REFACTOR: to constructor for TLS opt public function copy($originUrl, $fileUrl, $fileName, $progress = true, $options = array())
{ {
return $this->get($originUrl, $fileUrl, $options, $fileName, $progress, $disableTls); return $this->get($originUrl, $fileUrl, $options, $fileName, $progress);
} }
/** /**
@ -87,9 +90,9 @@ class RemoteFilesystem
* *
* @return string The content * @return string The content
*/ */
public function getContents($originUrl, $fileUrl, $progress = true, $options = array(), $disableTls = false) public function getContents($originUrl, $fileUrl, $progress = true, $options = array())
{ {
return $this->get($originUrl, $fileUrl, $options, null, $progress, $disableTls); return $this->get($originUrl, $fileUrl, $options, null, $progress);
} }
/** /**
@ -116,7 +119,7 @@ class RemoteFilesystem
* *
* @return bool|string * @return bool|string
*/ */
protected function get($originUrl, $fileUrl, $additionalOptions = array(), $fileName = null, $progress = true, $disableTls = false) protected function get($originUrl, $fileUrl, $additionalOptions = array(), $fileName = null, $progress = true)
{ {
$this->bytesMax = 0; $this->bytesMax = 0;
$this->originUrl = $originUrl; $this->originUrl = $originUrl;
@ -130,7 +133,7 @@ class RemoteFilesystem
$this->io->setAuthentication($originUrl, urldecode($match[1]), urldecode($match[2])); $this->io->setAuthentication($originUrl, urldecode($match[1]), urldecode($match[2]));
} }
$options = $this->getOptionsForUrl($originUrl, $additionalOptions, $disableTls); $options = $this->getOptionsForUrl($originUrl, $additionalOptions);
if ($this->io->isDebug()) { if ($this->io->isDebug()) {
$this->io->write((substr($fileUrl, 0, 4) === 'http' ? 'Downloading ' : 'Reading ') . $fileUrl); $this->io->write((substr($fileUrl, 0, 4) === 'http' ? 'Downloading ' : 'Reading ') . $fileUrl);
@ -341,7 +344,7 @@ class RemoteFilesystem
} }
// Setup remaining TLS options - the matching may need monitoring, esp. www vs none in CN // Setup remaining TLS options - the matching may need monitoring, esp. www vs none in CN
if ($disableTls === false) { if ($this->disableTls === false) {
if (!preg_match("|^https?://|", $originUrl)) { if (!preg_match("|^https?://|", $originUrl)) {
$host = $originUrl; $host = $originUrl;
} else { } else {

View File

@ -28,7 +28,7 @@ class RemoteFilesystemMock extends RemoteFilesystem
$this->contentMap = $contentMap; $this->contentMap = $contentMap;
} }
public function getContents($originUrl, $fileUrl, $progress = true, $options = array(), $disableTls = false) public function getContents($originUrl, $fileUrl, $progress = true, $options = array())
{ {
if (!empty($this->contentMap[$fileUrl])) { if (!empty($this->contentMap[$fileUrl])) {
return $this->contentMap[$fileUrl]; return $this->contentMap[$fileUrl];