[4629] trunk/htdocs/system/classes: Switch the new proxy support from r4626 to use a config. php value rather than options.

[svn-N...@habariproject.org]

Revision

4629

Author

chrismeller

Date

2010-11-27 04:04:34 +0000 (Sat, 27 Nov 2010)

Log Message

Switch the new proxy support from r4626 to use a config.php value rather than options. Also changes how some of it behaves so it's a little cleaner.

This also fixes a couple of problems with the changes to the cURL options. Notably we do NOT want to use the return transfer option, that was removed for memory reasons.

Modified Paths

• trunk/htdocs/system/classes/curlrequestprocessor.php
• trunk/htdocs/system/classes/remoterequest.php
• trunk/htdocs/system/classes/socketrequestprocessor.php

Diff

Modified: trunk/htdocs/system/classes/curlrequestprocessor.php (4628 => 4629)

--- trunk/htdocs/system/classes/curlrequestprocessor.php	2010-11-27 02:59:32 UTC (rev 4628)
+++ trunk/htdocs/system/classes/curlrequestprocessor.php	2010-11-27 04:04:34 UTC (rev 4629)
@@ -46,12 +46,10 @@
 			CURLOPT_MAXREDIRS		=> $config['max_redirects'], // Maximum number of redirections to follow.
 			CURLOPT_CONNECTTIMEOUT	=> $config['connect_timeout'],
 			CURLOPT_TIMEOUT			=> $config['timeout'],
-			CURLOPT_SSL_VERIFYPEER	=> $config['ssl_verify_peer'],
-			CURLOPT_SSL_VERIFYHOST	=> $config['ssl_verify_host'],
+			CURLOPT_SSL_VERIFYPEER	=> $config['ssl']['verify_peer'],
+			CURLOPT_SSL_VERIFYHOST	=> $config['ssl']['verify_host'],
 			CURLOPT_BUFFERSIZE		=> $config['buffer_size'],
 			CURLOPT_HTTPHEADER		=> $merged_headers,	// headers to send
-			CURLOPT_FOLLOWLOCATION	=> true,
-			CURLOPT_RETURNTRANSFER	=> true,
 		);
 
 		if ( $this->can_followlocation ) {
@@ -68,11 +66,11 @@
 
 		// set proxy, if needed
 		$urlbits = InputFilter::parse_url( $url );
-        if ( $config['proxy_server'] && ! in_array( $urlbits['host'], $config['proxy_exceptions'] ) ) {
-            $options[CURLOPT_PROXY] = $config['proxy_server'] . ':' . $config['proxy_port'];	// Validation of the existence of the port should take place in the Options form
-            if ( $config['proxy_username'] ) {
-                $options[CURLOPT_PROXYUSERPWD] = $config['proxy_username'] . ':' . $config['proxy_password'];
-                switch ( strtolower( $config['proxy_auth_scheme'] ) ) {
+        if ( $config['proxy']['server'] && ! in_array( $urlbits['host'], $config['proxy']['exceptions'] ) ) {
+            $options[CURLOPT_PROXY] = $config['proxy']['server'] . ':' . $config['proxy']['port'];	// Validation of the existence of the port should take place in the Options form
+            if ( $config['proxy']['username'] ) {
+                $options[CURLOPT_PROXYUSERPWD] = $config['proxy']['username'] . ':' . $config['proxy']['password'];
+                switch ( $config['proxy']['auth_type'] ) {
                     case 'basic':
                         $options[CURLOPT_PROXYAUTH] = CURLAUTH_BASIC;
                         break;

Modified: trunk/htdocs/system/classes/remoterequest.php (4628 => 4629)

--- trunk/htdocs/system/classes/remoterequest.php	2010-11-27 02:59:32 UTC (rev 4628)
+++ trunk/htdocs/system/classes/remoterequest.php	2010-11-27 04:04:34 UTC (rev 4629)
@@ -45,25 +45,29 @@
         'connect_timeout'   => 30,
         'timeout'           => 180,
         'buffer_size'       => 16384,
+		'follow_redirects'  => false,
+        'max_redirects'     => 5,
 
-		// These are configured via the Options page.
-        'proxy_server'      => '',
-        'proxy_port'        => '',
-        'proxy_username'    => '',
-        'proxy_password'    => '',
-        'proxy_auth_scheme' => 'basic',
-		'proxy_exceptions'  => array(),
+		// These are configured in the main config file
+		'proxy' => array(
+			'server' => null,
+			'port' => null,
+			'username' => null,
+			'password' => null,
+			'auth_type' => 'basic',
+			'exceptions' => array(),
+		),
 
 		// TODO: These don't apply to SocketRequestProcessor yet
-        'ssl_verify_peer'   => false,
-        'ssl_verify_host'   => false,
-        'ssl_cafile'        => null,
-        'ssl_capath'        => null,
-        'ssl_local_cert'    => null,
-        'ssl_passphrase'    => null,
-
-        'follow_redirects'  => false,
-        'max_redirects'     => 5
+		'ssl' => array(
+			'verify_peer' => true,
+			'verify_host' => 2,		// 1 = check CN of ssl cert, 2 = check and verify @see http://php.net/curl_setopt
+			'cafile' => null,
+			'capath' => null,
+			'local_cert' => null,
+			'passphrase' => null,
+			
+		),
     );
 
 	/**
@@ -77,19 +81,29 @@
 		$this->url = $url;
 		$this->set_timeout( $timeout );
 		
-		// If the proxy option is set, set it now for the request
+		// load the proxy configuration, if it exists
+		$proxy = Config::get( 'proxy', null );		// return null if it's not set
+		if ( $proxy != null ) {
+			
+			$this->set_config( array( 'proxy' => (array)$proxy ) );
+			
+		}
 		
-		if ( $proxy_server = Options::get( 'proxy_server' ) ) {
-			$this->set_config( array(
-					'proxy_server' => $proxy_server,
-					'proxy_port' => Options::get( 'proxy_port' ),
-					'proxy_username' => Options::get( 'proxy_username' ),
-					'proxy_password' => Options::get( 'proxy_password' ),
-					'proxy_auth_scheme' => Options::get( 'proxy_auth_scheme' ),
-					'proxy_exceptions' => array_merge( preg_split( '/,\ ?/', Options::get( 'proxy_exceptions' ) ), array( 'localhost', '127.0.0.1', $_SERVER['SERVER_NAME'], $_SERVER['SERVER_ADDR'] ) ),
-					)
-			);
+		// populate the default proxy exceptions list, since we can't up there
+		$this->config['proxy']['exceptions'] = array_merge( $this->config['proxy']['exceptions'], array(
+			'localhost',
+			'127.0.0.1',
+			'::1',		// ipv6 localhost
+		) );
+		
+		// these next two could be duplicates of 'localhost' and 127.0.0.1 / ::1 if you're on localhost - that's ok
+		if ( isset( $_SERVER['SERVER_NAME'] ) ) {
+			$this->config['proxy']['exceptions'][] = $_SERVER['SERVER_NAME'];
 		}
+		
+		if ( isset( $_SERVER['SERVER_ADDR'] ) ) {
+			$this->config['proxy']['exceptions'][] = $_SERVER['SERVER_ADDR'];
+		}
 
 		$this->user_agent .= '/' . Version::HABARI_VERSION;
 		$this->add_header( array( 'User-Agent' => $this->user_agent ) );
@@ -128,12 +142,7 @@
             }
 
         } else {
-            if ( !array_key_exists( $config, $this->config ) ) {
-				// We only trigger an error here as using an unknow config param isn't fatal
-				trigger_error( "Unknown configuration parameter '{$config}'", E_USER_WARNING );
-            } else {
-				$this->config[$config] = $value;
-			}
+        	$this->config[ $config ] = $value;
         }
     }
 	

Modified: trunk/htdocs/system/classes/socketrequestprocessor.php (4628 => 4629)

--- trunk/htdocs/system/classes/socketrequestprocessor.php	2010-11-27 02:59:32 UTC (rev 4628)
+++ trunk/htdocs/system/classes/socketrequestprocessor.php	2010-11-27 04:04:34 UTC (rev 4629)
@@ -42,6 +42,7 @@
 
 	/**
 	 * @todo Does not honor timeouts on the actual request, only on the connect() call.
+	 * @todo Does not use MultiByte-safe methods for parsing input and output - we don't know what the data we're screwing up is!
 	 */
 	private function _work( $method, $urlbits, $headers, $body, $config )
 	{
@@ -65,9 +66,9 @@
 			$transport = $urlbits['scheme'];
 		}
 		
-		if ( $config['proxy_server'] && ! in_array( $urlbits['host'], $config['proxy_exceptions'] ) ) {
+		if ( $config['proxy']['server'] && ! in_array( $urlbits['host'], $config['proxy']['exceptions'] ) ) {
 			// TODO: Still implementing this.
-			$fp = @fsockopen( $transport . '://' . $config['proxy_server'], $config['proxy_port'], $_errno, $_errstr, $config['connect_timeout'] );
+			$fp = @fsockopen( $transport . '://' . $config['proxy']['server'], $config['proxy']['port'], $_errno, $_errstr, $config['connect_timeout'] );
 		}
 		else {
 			$fp = @fsockopen( $transport . '://' . $urlbits['host'], $urlbits['port'], $_errno, $_errstr, $config['connection_timeout'] );
@@ -75,7 +76,7 @@
 
 		if ( $fp === false ) {
 			if ( $config['proxy_server'] ) {
-				throw new Exception( _t( 'Error %d: %s while connecting to %s:%d', array( $_errno, $_errstr, $config['proxy_server'], $config['proxy_port'] ) ) );
+				throw new Exception( _t( 'Error %d: %s while connecting to %s:%d', array( $_errno, $_errstr, $config['proxy']['server'], $config['proxy']['port'] ) ) );
 			}
 			else {
 				throw new Exception( _t( 'Error %d: %s while connecting to %s:%d', array( $_errno, $_errstr, $urlbits['host'], $urlbits['port'] ) ) );
@@ -86,11 +87,11 @@
 		stream_set_timeout( $fp, $config['timeout'] );
 
 		// fix headers
-		if ( $config['proxy_server'] && ! in_array( $urlbits['host'], $config['proxy_exceptions'] ) ) {
-			$headers['Host'] = "{$config['proxy_server']}:{$config['proxy_port']}";
-			if ( $config['proxy_username'] ) {
+		if ( $config['proxy']['server'] && ! in_array( $urlbits['host'], $config['proxy']['exceptions'] ) ) {
+			$headers['Host'] = "{$config['proxy']['server']}:{$config['proxy']['port']}";
+			if ( $config['proxy']['username'] ) {
 				// TODO: Decide if we're going to implement other Proxy authentication schemes. Curl already has support for most authentication mechanism, most of which are very complicated to implement manually.
-				$headers['Proxy-Authorization'] = 'Basic ' . base64_encode( " {$config['proxy_username']}:{$config['proxy_password']}" );
+				$headers['Proxy-Authorization'] = 'Basic ' . base64_encode( " {$config['proxy']['username']}:{$config['proxy']['password']}" );
 			}
 		} else {
 			$headers['Host'] = $urlbits['host'];
@@ -109,7 +110,7 @@
 			$resource.= '?' . $urlbits['query'];
 		}
 		
-		if ( $config['proxy_server'] && ! in_array( $urlbits['host'], $config['proxy_exceptions'] ) ) {
+		if ( $config['proxy']['server'] && ! in_array( $urlbits['host'], $config['proxy']['exceptions'] ) ) {
 			$resource = $urlbits['scheme'] . '://' . $urlbits['host'] . $resource;
 		}