Commit bfa1325c authored by alain's avatar alain 🐙
Browse files

remove updraft

parent 4ab81fac
<?php
/*
* Copyright 2014 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Curl based implementation of Google_IO.
*
* @author Stuart Langley <slangley@google.com>
*/
if (!class_exists('UDP_Google_Client')) {
require_once dirname(__FILE__) . '/../autoload.php';
}
class UDP_Google_IO_Curl extends UDP_Google_IO_Abstract
{
// cURL hex representation of version 7.30.0
const NO_QUIRK_VERSION = 0x071E00;
private $options = array();
public function __construct(UDP_Google_Client $client)
{
if (!extension_loaded('curl')) {
$error = 'The cURL IO handler requires the cURL extension to be enabled';
$client->getLogger()->critical($error);
throw new UDP_Google_IO_Exception($error);
}
parent::__construct($client);
}
/**
* Execute an HTTP Request
*
* @param Google_Http_Request $request the http request to be executed
* @return array containing response headers, body, and http code
* @throws UDP_Google_IO_Exception on curl or IO error
*/
public function executeRequest(UDP_Google_Http_Request $request)
{
$curl = curl_init();
if ($request->getPostBody()) {
curl_setopt($curl, CURLOPT_POSTFIELDS, $request->getPostBody());
}
$requestHeaders = $request->getRequestHeaders();
if ($requestHeaders && is_array($requestHeaders)) {
$curlHeaders = array();
foreach ($requestHeaders as $k => $v) {
$curlHeaders[] = "$k: $v";
}
curl_setopt($curl, CURLOPT_HTTPHEADER, $curlHeaders);
}
curl_setopt($curl, CURLOPT_URL, $request->getUrl());
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $request->getRequestMethod());
curl_setopt($curl, CURLOPT_USERAGENT, $request->getUserAgent());
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
// 1 is CURL_SSLVERSION_TLSv1, which is not always defined in PHP.
// UpdraftPlus patch
// The SDK leaves this on the default setting in later releases
// curl_setopt($curl, CURLOPT_SSLVERSION, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HEADER, true);
if ($request->canGzip()) {
curl_setopt($curl, CURLOPT_ENCODING, 'gzip,deflate');
}
$options = $this->client->getClassConfig('UDP_Google_IO_Curl', 'options');
if (is_array($options)) {
$this->setOptions($options);
}
foreach ($this->options as $key => $var) {
curl_setopt($curl, $key, $var);
}
if (!isset($this->options[CURLOPT_CAINFO])) {
curl_setopt($curl, CURLOPT_CAINFO, dirname(__FILE__) . '/cacerts.pem');
}
$this->client->getLogger()->debug(
'cURL request',
array(
'url' => $request->getUrl(),
'method' => $request->getRequestMethod(),
'headers' => $requestHeaders,
'body' => $request->getPostBody()
)
);
$response = curl_exec($curl);
if ($response === false) {
$error = curl_error($curl);
$code = curl_errno($curl);
$map = $this->client->getClassConfig('UDP_Google_IO_Exception', 'retry_map');
$this->client->getLogger()->error('cURL ' . $error);
throw new UDP_Google_IO_Exception($error, $code, null, $map);
}
$headerSize = curl_getinfo($curl, CURLINFO_HEADER_SIZE);
list($responseHeaders, $responseBody) = $this->parseHttpResponse($response, $headerSize);
$responseCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
$this->client->getLogger()->debug(
'cURL response',
array(
'code' => $responseCode,
'headers' => $responseHeaders,
'body' => $responseBody,
)
);
return array($responseBody, $responseHeaders, $responseCode);
}
/**
* Set options that update the transport implementation's behavior.
* @param $options
*/
public function setOptions($options)
{
$this->options = $options + $this->options;
}
/**
* Set the maximum request time in seconds.
* @param $timeout in seconds
*/
public function setTimeout($timeout)
{
// Since this timeout is really for putting a bound on the time
// we'll set them both to the same. If you need to specify a longer
// CURLOPT_TIMEOUT, or a higher CONNECTTIMEOUT, the best thing to
// do is use the setOptions method for the values individually.
$this->options[CURLOPT_CONNECTTIMEOUT] = $timeout;
$this->options[CURLOPT_TIMEOUT] = $timeout;
}
/**
* Get the maximum request time in seconds.
* @return timeout in seconds
*/
public function getTimeout()
{
return $this->options[CURLOPT_TIMEOUT];
}
/**
* Test for the presence of a cURL header processing bug
*
* {@inheritDoc}
*
* @return boolean
*/
protected function needsQuirk()
{
$ver = curl_version();
$versionNum = $ver['version_number'];
return $versionNum < UDP_Google_IO_Curl::NO_QUIRK_VERSION;
}
}
<?php
/*
* Copyright 2013 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
if (!class_exists('UDP_Google_Client')) {
require_once dirname(__FILE__) . '/../autoload.php';
}
class UDP_Google_IO_Exception extends Google_Exception implements Google_Task_Retryable
{
/**
* @var array $retryMap Map of errors with retry counts.
*/
private $retryMap = array();
/**
* Creates a new IO exception with an optional retry map.
*
* @param string $message
* @param int $code
* @param Exception|null $previous
* @param array|null $retryMap Map of errors with retry counts.
*/
public function __construct(
$message,
$code = 0,
Exception $previous = null,
array $retryMap = null
) {
if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
parent::__construct($message, $code, $previous);
} else {
parent::__construct($message, $code);
}
if (is_array($retryMap)) {
$this->retryMap = $retryMap;
}
}
/**
* Gets the number of times the associated task can be retried.
*
* NOTE: -1 is returned if the task can be retried indefinitely
*
* @return integer
*/
public function allowedRetries()
{
if (isset($this->retryMap[$this->code])) {
return $this->retryMap[$this->code];
}
return 0;
}
}
<?php
/*
* Copyright 2013 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* Http Streams based implementation of Google_IO.
*
* @author Stuart Langley <slangley@google.com>
*/
if (!class_exists('UDP_Google_Client')) {
require_once dirname(__FILE__) . '/../autoload.php';
}
class UDP_Google_IO_Stream extends UDP_Google_IO_Abstract
{
const TIMEOUT = "timeout";
const ZLIB = "compress.zlib://";
private $options = array();
private $trappedErrorNumber;
private $trappedErrorString;
private static $DEFAULT_HTTP_CONTEXT = array(
"follow_location" => 0,
"ignore_errors" => 1,
);
private static $DEFAULT_SSL_CONTEXT = array(
"verify_peer" => true,
);
public function __construct(UDP_Google_Client $client)
{
if (!ini_get('allow_url_fopen')) {
$error = 'The stream IO handler requires the allow_url_fopen runtime ' .
'configuration to be enabled';
$client->getLogger()->critical($error);
throw new UDP_Google_IO_Exception($error);
}
parent::__construct($client);
}
/**
* Execute an HTTP Request
*
* @param Google_Http_Request $request the http request to be executed
* @return array containing response headers, body, and http code
* @throws UDP_Google_IO_Exception on curl or IO error
*/
public function executeRequest(UDP_Google_Http_Request $request)
{
$default_options = stream_context_get_options(stream_context_get_default());
$requestHttpContext = array_key_exists('http', $default_options) ?
$default_options['http'] : array();
if ($request->getPostBody()) {
$requestHttpContext["content"] = $request->getPostBody();
}
$requestHeaders = $request->getRequestHeaders();
if ($requestHeaders && is_array($requestHeaders)) {
$headers = "";
foreach ($requestHeaders as $k => $v) {
$headers .= "$k: $v\r\n";
}
$requestHttpContext["header"] = $headers;
}
$requestHttpContext["method"] = $request->getRequestMethod();
$requestHttpContext["user_agent"] = $request->getUserAgent();
$requestSslContext = array_key_exists('ssl', $default_options) ?
$default_options['ssl'] : array();
# UpdraftPlus patch
// if (!array_key_exists("cafile", $requestSslContext)) {
// $requestSslContext["cafile"] = dirname(__FILE__) . '/cacerts.pem';
// }
$url = $request->getUrl();
if (preg_match('#^https?://([^/]+)/#', $url, $umatches)) { $cname = $umatches[1]; } else { $cname = false; }
# UpdraftPlus patch
// Added
if (empty($this->options['disable_verify_peer'])) {
$requestSslContext['verify_peer'] = true;
if (version_compare(PHP_VERSION, '5.6.0', '>=')) {
if (!empty($cname)) $requestSslContext['peer_name'] = $cname;
} else {
if (!empty($cname)) {
$requestSslContext['CN_match'] = $cname;
$retry_on_fail = true;
}
}
} else {
$requestSslContext['allow_self_signed'] = true;
}
if (!empty($this->options['cafile'])) $requestSslContext['cafile'] = $this->options['cafile'];
$options = array(
"http" => array_merge(
self::$DEFAULT_HTTP_CONTEXT,
$requestHttpContext
),
"ssl" => array_merge(
# UpdraftPlus patch
// self::$DEFAULT_SSL_CONTEXT,
$requestSslContext
)
);
$context = stream_context_create($options);
# UpdraftPlus patch
// $url = $request->getUrl();
if ($request->canGzip()) {
$url = self::ZLIB . $url;
}
$this->client->getLogger()->debug(
'Stream request',
array(
'url' => $url,
'method' => $request->getRequestMethod(),
'headers' => $requestHeaders,
'body' => $request->getPostBody()
)
);
// We are trapping any thrown errors in this method only and
// throwing an exception.
$this->trappedErrorNumber = null;
$this->trappedErrorString = null;
// START - error trap.
set_error_handler(array($this, 'trapError'));
$fh = fopen($url, 'r', false, $context);
# UpdraftPLus patch
if (!$fh && isset($retry_on_fail) && !empty($cname) && 'www.googleapis.com' == $cname) {
// Reset
$this->trappedErrorNumber = null;
$this->trappedErrorString = null;
global $updraftplus;
$updraftplus->log("Using Stream, and fopen failed; retrying different CN match to try to overcome");
// www.googleapis.com does not match the cert now being presented - *.storage.googleapis.com; presumably, PHP's stream handler isn't handling alternative names properly. Rather than turn off all verification, let's retry with a new name to match.
$options['ssl']['CN_match'] = 'www.storage.googleapis.com';
$context = stream_context_create($options);
$fh = fopen($url, 'r', false, $context);
}
restore_error_handler();
// END - error trap.
if ($this->trappedErrorNumber) {
$error = sprintf(
"HTTP Error: Unable to connect: '%s'",
$this->trappedErrorString
);
$this->client->getLogger()->error('Stream ' . $error);
throw new UDP_Google_IO_Exception($error, $this->trappedErrorNumber);
}
$response_data = false;
$respHttpCode = self::UNKNOWN_CODE;
if ($fh) {
if (isset($this->options[self::TIMEOUT])) {
stream_set_timeout($fh, $this->options[self::TIMEOUT]);
}
$response_data = stream_get_contents($fh);
fclose($fh);
$respHttpCode = $this->getHttpResponseCode($http_response_header);
}
if (false === $response_data) {
$error = sprintf(
"HTTP Error: Unable to connect: '%s'",
$respHttpCode
);
$this->client->getLogger()->error('Stream ' . $error);
throw new UDP_Google_IO_Exception($error, $respHttpCode);
}
$responseHeaders = $this->getHttpResponseHeaders($http_response_header);
$this->client->getLogger()->debug(
'Stream response',
array(
'code' => $respHttpCode,
'headers' => $responseHeaders,
'body' => $response_data,
)
);
return array($response_data, $responseHeaders, $respHttpCode);
}
/**
* Set options that update the transport implementation's behavior.
* @param $options
*/
public function setOptions($options)
{
$this->options = $options + $this->options;
}
/**
* Method to handle errors, used for error handling around
* stream connection methods.
*/
public function trapError($errno, $errstr)
{
$this->trappedErrorNumber = $errno;
$this->trappedErrorString = $errstr;
}
/**
* Set the maximum request time in seconds.
* @param $timeout in seconds
*/
public function setTimeout($timeout)
{
$this->options[self::TIMEOUT] = $timeout;
}
/**
* Get the maximum request time in seconds.
* @return timeout in seconds
*/
public function getTimeout()
{
return $this->options[self::TIMEOUT];
}
/**
* Test for the presence of a cURL header processing bug
*
* {@inheritDoc}
*
* @return boolean
*/
protected function needsQuirk()
{
return false;
}
protected function getHttpResponseCode($response_headers)
{
$header_count = count($response_headers);
for ($i = 0; $i < $header_count; $i++) {
$header = $response_headers[$i];
if (strncasecmp("HTTP", $header, strlen("HTTP")) == 0) {
$response = explode(' ', $header);
return $response[1];
}
}
return self::UNKNOWN_CODE;
}
}
# Issuer: CN=GTE CyberTrust Global Root O=GTE Corporation OU=GTE CyberTrust Solutions, Inc.
# Subject: CN=GTE CyberTrust Global Root O=GTE Corporation OU=GTE CyberTrust Solutions, Inc.
# Label: "GTE CyberTrust Global Root"
# Serial: 421
# MD5 Fingerprint: ca:3d:d3:68:f1:03:5c:d0:32:fa:b8:2b:59:e8:5a:db
# SHA1 Fingerprint: 97:81:79:50:d8:1c:96:70:cc:34:d8:09:cf:79:44:31:36:7e:f4:74
# SHA256 Fingerprint: a5:31:25:18:8d:21:10:aa:96:4b:02:c7:b7:c6:da:32:03:17:08:94:e5:fb:71:ff:fb:66:67:d5:e6:81:0a:36
-----BEGIN CERTIFICATE-----
MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD
VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV
UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH
iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS
r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4
04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r
GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9
3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P
lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/
-----END CERTIFICATE-----
# Issuer: CN=Thawte Server CA O=Thawte Consulting cc OU=Certification Services Division
# Subject: CN=Thawte Server CA O=Thawte Consulting cc OU=Certification Services Division
# Label: "Thawte Server CA"
# Serial: 1
# MD5 Fingerprint: c5:70:c4:a2:ed:53:78:0c:c8:10:53:81:64:cb:d0:1d
# SHA1 Fingerprint: 23:e5:94:94:51:95:f2:41:48:03:b4:d5:64:d2:a3:a3:f5:d8:8b:8c
# SHA256 Fingerprint: b4:41:0b:73:e2:e6:ea:ca:47:fb:c4:2f:8f:a4:01:8a:f4:38:1d:c5:4c:fa:a8:44:50:46:1e:ed:09:45:4d:e9
-----BEGIN CERTIFICATE-----
MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
-----END CERTIFICATE-----
# Issuer: CN=Thawte Premium Server CA O=Thawte Consulting cc OU=Certification Services Division