public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Remove --disable-tls/--cafile flags and rely solely on config options plus some wording clarifications

pull/4759/head
Jordi Boggiano 2016-01-10 16:35:29 +00:00
parent 5d015defb8
commit f8dff0867c
14 changed files with 40 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
doc/03-cli.md
View File

@ -97,8 +97,6 @@ resolution.
* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to get a faster
autoloader. This is recommended especially for production, but can take
a bit of time to run so it is currently not done by default.
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
* **--classmap-authoritative (-a):** Autoload classes from the classmap only.
Implicitly enables `--optimize-autoloader`.
@ -148,8 +146,6 @@ php composer.phar update vendor/*
Implicitly enables `--optimize-autoloader`.
* **--lock:** Only updates the lock file hash to suppress warning about the
lock file being out of date.
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
* **--with-dependencies:** Add also all dependencies of whitelisted packages to the whitelist.
* **--prefer-stable:** Prefer stable versions of dependencies.
* **--prefer-lowest:** Prefer lowest versions of dependencies. Useful for testing minimal
@ -188,8 +184,6 @@ php composer.phar require vendor/package:2.* vendor/package2:dev-master
* **--update-no-dev:** Run the dependency update with the `--no-dev` option.
* **--update-with-dependencies:** Also update dependencies of the newly
required packages.
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
* **--sort-packages:** Keep packages sorted in `composer.json`.
* **--optimize-autoloader (-o):** Convert PSR-0/4 autoloading to classmap to
get a faster autoloader. This is recommended especially for production, but
@ -265,8 +259,6 @@ You can also search for more than one term by passing multiple arguments.
### Options
* **--only-name (-N):** Search only in name.
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
## show
@ -310,8 +302,6 @@ php composer.phar show monolog/monolog 1.0.2
* **--installed (-i):** List the packages that are installed.
* **--platform (-p):** List only platform packages (php & extensions).
* **--self (-s):** List the root package info.
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
* **--tree (-t):** List the dependencies as a tree. Only usable when giving a single package name or combined with `-i`.
## browse / home
@ -422,8 +412,6 @@ sudo composer self-update
### Options
* **--rollback (-r):** Rollback to the last version you had installed.
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
* **--clean-backups:** Delete old backups during an update. This makes the
current version of Composer the only backup available after the update.
@ -517,8 +505,6 @@ By default the command checks for the packages on packagist.org.
* **--keep-vcs:** Skip the deletion of the VCS metadata for the created
project. This is mostly useful if you run the command in non-interactive
mode.
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
* **--ignore-platform-reqs:** ignore `php`, `hhvm`, `lib-*` and `ext-*`
requirements and force the installation even if the local machine does not
fulfill these.
@ -579,11 +565,6 @@ problems.
php composer.phar diagnose
```
### Options
* **--disable-tls:** Display SSL/TLS peer verification.
* **--cafile:** If specified, use the given certificate file for SSL/TLS peer verification.
## archive
This command is used to generate a zip/tar archive for a given package in a

19
doc/06-config.md
View File

@ -40,6 +40,25 @@ of their API. [Read
more](articles/troubleshooting.md#api-rate-limit-and-oauth-tokens) on how to get
an OAuth token for GitHub.
## gitlab-oauth
A list of domain names and oauth keys. For example using `{"gitlab.com":
"oauthtoken"}` as the value of this option will use `oauthtoken` to access
private repositories on gitlab.
## disable-tls
Defaults to `false`. If set to true all HTTPS URLs will be tried with HTTP
instead and no network level encryption is performed. Enabling this is a
security risk and is NOT recommended. The better way is to enable the
php_openssl extension in php.ini.
## cafile
A way to set the path to the openssl CA file. In PHP 5.6+ you should rather
set this via openssl.cafile in php.ini, although PHP 5.6+ should be able to
detect your system CA file automatically.
## http-basic
A list of domain names and username/passwords to authenticate against them. For

8
res/composer-schema.json
View File

@ -141,6 +141,14 @@
"description": "A hash of domain name => gitlab API oauth tokens, typically {\"gitlab.com\":\"<token>\"}.",
"additionalProperties": true
},
"disable-tls": {
"type": "boolean",
"description": "Defaults to `false`. If set to true all HTTPS URLs will be tried with HTTP instead and no network level encryption is performed. Enabling this is a security risk and is NOT recommended. The better way is to enable the php_openssl extension in php.ini."
},
"cafile": {
"type": "string",
"description": "A way to set the path to the openssl CA file. In PHP 5.6+ you should rather set this via openssl.cafile in php.ini, although PHP 5.6+ should be able to detect your system CA file automatically."
},
"http-basic": {
"type": "object",
"description": "A hash of domain name => {\"username\": \"...\", \"password\": \"...\"}.",

2
src/Composer/Command/CreateProjectCommand.php
View File

@ -69,8 +69,6 @@ class CreateProjectCommand extends Command
new InputOption('no-progress', null, InputOption::VALUE_NONE, 'Do not output download progress.'),
new InputOption('keep-vcs', null, InputOption::VALUE_NONE, 'Whether to prevent deletion vcs folder.'),
new InputOption('no-install', null, InputOption::VALUE_NONE, 'Whether to skip installation of the package dependencies.'),
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
new InputOption('ignore-platform-reqs', null, InputOption::VALUE_NONE, 'Ignore platform requirements (php & ext- packages).'),
))
->setHelp(<<<EOT

5
src/Composer/Command/DiagnoseCommand.php
View File

@ -49,10 +49,7 @@ class DiagnoseCommand extends Command
The <info>diagnose</info> command checks common errors to help debugging problems.
EOT
)->setDefinition(array(
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
))
)
;
}

2
src/Composer/Command/InstallCommand.php
View File

@ -46,8 +46,6 @@ class InstallCommand extends Command
new InputOption('no-progress', null, InputOption::VALUE_NONE, 'Do not output download progress.'),
new InputOption('verbose', 'v|vv|vvv', InputOption::VALUE_NONE, 'Shows more details including new commits pulled in when updating packages.'),
new InputOption('optimize-autoloader', 'o', InputOption::VALUE_NONE, 'Optimize autoloader during autoloader dump'),
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
new InputOption('classmap-authoritative', 'a', InputOption::VALUE_NONE, 'Autoload classes from the classmap only. Implicitly enables `--optimize-autoloader`.'),
new InputOption('ignore-platform-reqs', null, InputOption::VALUE_NONE, 'Ignore platform requirements (php & ext- packages).'),
new InputArgument('packages', InputArgument::IS_ARRAY | InputArgument::OPTIONAL, 'Should not be provided, use composer require instead to add a given package to composer.json.'),

2
src/Composer/Command/RequireCommand.php
View File

@ -46,8 +46,6 @@ class RequireCommand extends InitCommand
new InputOption('no-update', null, InputOption::VALUE_NONE, 'Disables the automatic update of the dependencies.'),
new InputOption('update-no-dev', null, InputOption::VALUE_NONE, 'Run the dependency update with the --no-dev option.'),
new InputOption('update-with-dependencies', null, InputOption::VALUE_NONE, 'Allows inherited dependencies to be updated with explicit dependencies.'),
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
new InputOption('ignore-platform-reqs', null, InputOption::VALUE_NONE, 'Ignore platform requirements (php & ext- packages).'),
new InputOption('sort-packages', null, InputOption::VALUE_NONE, 'Sorts packages when adding/updating a new dependency'),
new InputOption('optimize-autoloader', 'o', InputOption::VALUE_NONE, 'Optimize autoloader during autoloader dump'),

2
src/Composer/Command/SearchCommand.php
View File

@ -41,8 +41,6 @@ class SearchCommand extends Command
->setDescription('Search for packages')
->setDefinition(array(
new InputOption('only-name', 'N', InputOption::VALUE_NONE, 'Search only in name'),
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
new InputArgument('tokens', InputArgument::IS_ARRAY | InputArgument::REQUIRED, 'tokens to search for'),
))
->setHelp(<<<EOT

8
src/Composer/Command/SelfUpdateCommand.php
View File

@ -43,8 +43,6 @@ class SelfUpdateCommand extends Command
->setDefinition(array(
new InputOption('rollback', 'r', InputOption::VALUE_NONE, 'Revert to an older installation of composer'),
new InputOption('clean-backups', null, InputOption::VALUE_NONE, 'Delete old backups during an update. This makes the current version of composer the only backup available after the update'),
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
new InputArgument('version', InputArgument::OPTIONAL, 'The version to update to'),
new InputOption('no-progress', null, InputOption::VALUE_NONE, 'Do not output download progress.'),
))
@ -63,17 +61,15 @@ EOT
{
$config = Factory::createConfig();
if($config->get('disable-tls') === true || $input->getOption('disable-tls')) {
if ($config->get('disable-tls') === true) {
$baseUrl = 'http://' . self::HOMEPAGE;
} else {
$baseUrl = 'https://' . self::HOMEPAGE;
}
$io = $this->getIO();
$remoteFilesystem = Factory::createRemoteFilesystem($io, $config);
// TODO: Silent switch probably should be kicking out exception
$baseUrl = (extension_loaded('openssl') ? 'https' : 'http') . '://' . self::HOMEPAGE;
$cacheDir = $config->get('cache-dir');
$rollbackDir = $config->get('home');
$localFilename = realpath($_SERVER['argv'][0]) ?: $_SERVER['argv'][0];

2
src/Composer/Command/ShowCommand.php
View File

@ -56,8 +56,6 @@ class ShowCommand extends Command
new InputOption('available', 'a', InputOption::VALUE_NONE, 'List available packages only'),
new InputOption('self', 's', InputOption::VALUE_NONE, 'Show the root package information'),
new InputOption('name-only', 'N', InputOption::VALUE_NONE, 'List package names only'),
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
new InputOption('path', 'P', InputOption::VALUE_NONE, 'Show package paths'),
new InputOption('tree', 't', InputOption::VALUE_NONE, 'List the dependencies as a tree'),
))

2
src/Composer/Command/UpdateCommand.php
View File

@ -52,8 +52,6 @@ class UpdateCommand extends Command
new InputOption('with-dependencies', null, InputOption::VALUE_NONE, 'Add also all dependencies of whitelisted packages to the whitelist.'),
new InputOption('verbose', 'v|vv|vvv', InputOption::VALUE_NONE, 'Shows more details including new commits pulled in when updating packages.'),
new InputOption('optimize-autoloader', 'o', InputOption::VALUE_NONE, 'Optimize autoloader during autoloader dump.'),
new InputOption('disable-tls', null, InputOption::VALUE_NONE, 'Disable SSL/TLS protection for HTTPS requests'),
new InputOption('cafile', null, InputOption::VALUE_REQUIRED, 'The path to a valid CA certificate file for SSL/TLS certificate verification'),
new InputOption('classmap-authoritative', 'a', InputOption::VALUE_NONE, 'Autoload classes from the classmap only. Implicitly enables `--optimize-autoloader`.'),
new InputOption('ignore-platform-reqs', null, InputOption::VALUE_NONE, 'Ignore platform requirements (php & ext- packages).'),
new InputOption('prefer-stable', null, InputOption::VALUE_NONE, 'Prefer stable versions of dependencies.'),

14
src/Composer/Factory.php
View File

@ -521,25 +521,25 @@ class Factory
$disableTls = true;
} elseif (!extension_loaded('openssl')) {
throw new \RuntimeException('The openssl extension is required for SSL/TLS protection but is not available. '
. 'You can disable this error, at your own risk, by passing the \'--disable-tls\' option to this command.');
. 'You can disable this error, at your own risk, by setting the \'disable-tls\' option to true.');
}
$remoteFilesystemOptions = array();
if ($disableTls === false) {
if (isset($config) && !empty($config->get('cafile'))) {
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$config->get('cafile')));
}
if (!empty($io->getInputOption('cafile'))) {
$remoteFilesystemOptions = array('ssl'=>array('cafile'=>$io->getInputOption('cafile')));
$remoteFilesystemOptions = array('ssl' => array('cafile' => $config->get('cafile')));
}
$remoteFilesystemOptions = array_merge_recursive($remoteFilesystemOptions, $options);
}
try {
$remoteFilesystem = new RemoteFilesystem($io, $remoteFilesystemOptions, $disableTls);
$remoteFilesystem = new RemoteFilesystem($io, $config, $remoteFilesystemOptions, $disableTls);
} catch (TransportException $e) {
if (preg_match('|cafile|', $e->getMessage())) {
$io->write('<error>Unable to locate a valid CA certificate file. You must set a valid \'cafile\' option.</error>');
$io->write('<error>A valid CA certificate file is required for SSL/TLS protection.</error>');
$io->write('<error>You can disable this error, at your own risk, by passing the \'--disable-tls\' option to this command.</error>');
if (PHP_VERSION_ID < 50600) {
$io->write('<error>It is recommended you upgrade to PHP 5.6+ which can detect your system CA file automatically.</error>');
}
$io->write('<error>You can disable this error, at your own risk, by setting the \'disable-tls\' option to true.</error>');
}
throw $e;
}

1
src/Composer/Util/ConfigValidator.php
View File

@ -19,6 +19,7 @@ use Composer\Json\JsonValidationException;
use Composer\IO\IOInterface;
use Composer\Json\JsonFile;
use Composer\Spdx\SpdxLicenses;
use Composer\Factory;
/**
* Validates a composer configuration.

3
src/Composer/Util/GitLab.php
View File

@ -14,6 +14,7 @@ namespace Composer\Util;
use Composer\IO\IOInterface;
use Composer\Config;
use Composer\Factory;
use Composer\Downloader\TransportException;
use Composer\Json\JsonFile;
@ -40,7 +41,7 @@ class GitLab
$this->io = $io;
$this->config = $config;
$this->process = $process ?: new ProcessExecutor();
$this->remoteFilesystem = $remoteFilesystem ?: new RemoteFilesystem($io, $config);
$this->remoteFilesystem = $remoteFilesystem ?: Factory::createRemoteFilesystem($this->io, $config);
}
/**