Make disableTls a core RemoteFilesystem option - per method invites human error
Pádraic Brady
parent
3cd979b324
commit
a2bf14e381
|
|
@ -151,12 +151,14 @@ EOT
|
||||||
$result[] = '<error>Composer is configured to use SSL/TLS protection but the openssl extension is not available.</error>';
|
$result[] = '<error>Composer is configured to use SSL/TLS protection but the openssl extension is not available.</error>';
|
||||||
}
|
}
|
||||||
|
|
||||||
$remoteFilesystemOptions = array();
|
$rfsOptions = array();
|
||||||
|
if ($disableTls) {
|
||||||
if (!is_null($config->get('cafile'))) {
|
if (!is_null($config->get('cafile'))) {
|
||||||
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
|
$rfsOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
try {
|
try {
|
||||||
$this->rfs = new RemoteFilesystem($this->getIO(), $remoteFilesystemOptions, $disableTls);
|
$this->rfs = new RemoteFilesystem($this->getIO(), $rfsOptions, $disableTls);
|
||||||
} catch (TransportException $e) {
|
} catch (TransportException $e) {
|
||||||
if (preg_match('|cafile|', $e->getMessage())) {
|
if (preg_match('|cafile|', $e->getMessage())) {
|
||||||
$result[] = '<error>[' . get_class($e) . '] ' . $e->getMessage() . '</error>';
|
$result[] = '<error>[' . get_class($e) . '] ' . $e->getMessage() . '</error>';
|
||||||
|
|
@ -168,7 +170,7 @@ EOT
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$json = $this->rfs->getContents('packagist.org', $protocol . '://packagist.org/packages.json', false, array(), $disableTls);
|
$json = $this->rfs->getContents('packagist.org', $protocol . '://packagist.org/packages.json', false);
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
array_unshift($result, '[' . get_class($e) . '] ' . $e->getMessage());
|
array_unshift($result, '[' . get_class($e) . '] ' . $e->getMessage());
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -75,12 +75,14 @@ EOT
|
||||||
}
|
}
|
||||||
|
|
||||||
$remoteFilesystemOptions = array();
|
$remoteFilesystemOptions = array();
|
||||||
|
if ($disableTls === false) {
|
||||||
if (!is_null($config->get('cafile'))) {
|
if (!is_null($config->get('cafile'))) {
|
||||||
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
|
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
|
||||||
}
|
}
|
||||||
if (!is_null($input->get('cafile'))) {
|
if (!is_null($input->get('cafile'))) {
|
||||||
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$input->get('cafile')));
|
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$input->get('cafile')));
|
||||||
}
|
}
|
||||||
|
}
|
||||||
try {
|
try {
|
||||||
$remoteFilesystem = new RemoteFilesystem($this->getIO(), $remoteFilesystemOptions, $disableTls);
|
$remoteFilesystem = new RemoteFilesystem($this->getIO(), $remoteFilesystemOptions, $disableTls);
|
||||||
} catch (TransportException $e) {
|
} catch (TransportException $e) {
|
||||||
|
|
|
||||||
|
|
@ -33,6 +33,7 @@ class RemoteFilesystem
|
||||||
private $progress;
|
private $progress;
|
||||||
private $lastProgress;
|
private $lastProgress;
|
||||||
private $options;
|
private $options;
|
||||||
|
private $disableTls = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructor.
|
* Constructor.
|
||||||
|
|
@ -52,9 +53,11 @@ class RemoteFilesystem
|
||||||
$this->options = $this->getTlsDefaults();
|
$this->options = $this->getTlsDefaults();
|
||||||
if (isset($options['ssl']['cafile'])
|
if (isset($options['ssl']['cafile'])
|
||||||
&& (!is_readable($options['ssl']['cafile'])
|
&& (!is_readable($options['ssl']['cafile'])
|
||||||
|| !\openssl_x509_parse(file_get_contents($options['ssl']['cafile'])))) { //check return value and test (it's subject to change)
|
|| !\openssl_x509_parse(file_get_contents($options['ssl']['cafile'])))) {
|
||||||
throw new TransportException('The configured cafile was not valid or could not be read.');
|
throw new TransportException('The configured cafile was not valid or could not be read.');
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
$this->disableTls = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// handle the other externally set options normally.
|
// handle the other externally set options normally.
|
||||||
|
|
@ -72,9 +75,9 @@ class RemoteFilesystem
|
||||||
*
|
*
|
||||||
* @return bool true
|
* @return bool true
|
||||||
*/
|
*/
|
||||||
public function copy($originUrl, $fileUrl, $fileName, $progress = true, $options = array(), $disableTls = false) //REFACTOR: to constructor for TLS opt
|
public function copy($originUrl, $fileUrl, $fileName, $progress = true, $options = array())
|
||||||
{
|
{
|
||||||
return $this->get($originUrl, $fileUrl, $options, $fileName, $progress, $disableTls);
|
return $this->get($originUrl, $fileUrl, $options, $fileName, $progress);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -87,9 +90,9 @@ class RemoteFilesystem
|
||||||
*
|
*
|
||||||
* @return string The content
|
* @return string The content
|
||||||
*/
|
*/
|
||||||
public function getContents($originUrl, $fileUrl, $progress = true, $options = array(), $disableTls = false)
|
public function getContents($originUrl, $fileUrl, $progress = true, $options = array())
|
||||||
{
|
{
|
||||||
return $this->get($originUrl, $fileUrl, $options, null, $progress, $disableTls);
|
return $this->get($originUrl, $fileUrl, $options, null, $progress);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -116,7 +119,7 @@ class RemoteFilesystem
|
||||||
*
|
*
|
||||||
* @return bool|string
|
* @return bool|string
|
||||||
*/
|
*/
|
||||||
protected function get($originUrl, $fileUrl, $additionalOptions = array(), $fileName = null, $progress = true, $disableTls = false)
|
protected function get($originUrl, $fileUrl, $additionalOptions = array(), $fileName = null, $progress = true)
|
||||||
{
|
{
|
||||||
$this->bytesMax = 0;
|
$this->bytesMax = 0;
|
||||||
$this->originUrl = $originUrl;
|
$this->originUrl = $originUrl;
|
||||||
|
|
@ -130,7 +133,7 @@ class RemoteFilesystem
|
||||||
$this->io->setAuthentication($originUrl, urldecode($match[1]), urldecode($match[2]));
|
$this->io->setAuthentication($originUrl, urldecode($match[1]), urldecode($match[2]));
|
||||||
}
|
}
|
||||||
|
|
||||||
$options = $this->getOptionsForUrl($originUrl, $additionalOptions, $disableTls);
|
$options = $this->getOptionsForUrl($originUrl, $additionalOptions);
|
||||||
|
|
||||||
if ($this->io->isDebug()) {
|
if ($this->io->isDebug()) {
|
||||||
$this->io->write((substr($fileUrl, 0, 4) === 'http' ? 'Downloading ' : 'Reading ') . $fileUrl);
|
$this->io->write((substr($fileUrl, 0, 4) === 'http' ? 'Downloading ' : 'Reading ') . $fileUrl);
|
||||||
|
|
@ -341,7 +344,7 @@ class RemoteFilesystem
|
||||||
}
|
}
|
||||||
|
|
||||||
// Setup remaining TLS options - the matching may need monitoring, esp. www vs none in CN
|
// Setup remaining TLS options - the matching may need monitoring, esp. www vs none in CN
|
||||||
if ($disableTls === false) {
|
if ($this->disableTls === false) {
|
||||||
if (!preg_match("|^https?://|", $originUrl)) {
|
if (!preg_match("|^https?://|", $originUrl)) {
|
||||||
$host = $originUrl;
|
$host = $originUrl;
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ class RemoteFilesystemMock extends RemoteFilesystem
|
||||||
$this->contentMap = $contentMap;
|
$this->contentMap = $contentMap;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getContents($originUrl, $fileUrl, $progress = true, $options = array(), $disableTls = false)
|
public function getContents($originUrl, $fileUrl, $progress = true, $options = array())
|
||||||
{
|
{
|
||||||
if (!empty($this->contentMap[$fileUrl])) {
|
if (!empty($this->contentMap[$fileUrl])) {
|
||||||
return $this->contentMap[$fileUrl];
|
return $this->contentMap[$fileUrl];
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue