HTTP: Update Requests to master (0048f3c) which fixes a number of outstanding issues.

Merges [38727] to the 4.6 branch.

Fixes #38070, #37733 by reverting part of [38429] and using the fix in Requests.
Fixes #37992 allowing for connecting to SSL resources on ports other than 443.
Fixes #37991 by not sending default ports in the `Host:` header.
Fixes #37839 to match and decode Chunked responses correctly.
Fixes #38232 allowing a SSL connection to ignore the hostname of the certificate when verification is disabled.


git-svn-id: https://develop.svn.wordpress.org/branches/4.6@38728 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dion Hulse 2016-10-05 03:26:37 +00:00
parent 9df5a81e7c
commit 080ed23b74
5 changed files with 15 additions and 14 deletions

View File

@ -688,10 +688,7 @@ class Requests_IRI {
$isauthority = $this->iuserinfo !== null || $this->ihost !== null || $this->port !== null; $isauthority = $this->iuserinfo !== null || $this->ihost !== null || $this->port !== null;
if ($this->ipath !== '' && if ($this->ipath !== '' &&
( (
$isauthority && ( $isauthority && $this->ipath[0] !== '/' ||
$this->ipath[0] !== '/' ||
substr($this->ipath, 0, 2) === '//'
) ||
( (
$this->scheme === null && $this->scheme === null &&
!$isauthority && !$isauthority &&

View File

@ -375,8 +375,9 @@ class Requests_Transport_cURL implements Requests_Transport {
curl_setopt($this->handle, CURLOPT_URL, $url); curl_setopt($this->handle, CURLOPT_URL, $url);
curl_setopt($this->handle, CURLOPT_REFERER, $url); curl_setopt($this->handle, CURLOPT_REFERER, $url);
curl_setopt($this->handle, CURLOPT_USERAGENT, $options['useragent']); curl_setopt($this->handle, CURLOPT_USERAGENT, $options['useragent']);
if (!empty($headers)) {
curl_setopt($this->handle, CURLOPT_HTTPHEADER, $headers); curl_setopt($this->handle, CURLOPT_HTTPHEADER, $headers);
}
if ($options['protocol_version'] === 1.1) { if ($options['protocol_version'] === 1.1) {
curl_setopt($this->handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); curl_setopt($this->handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
} }
@ -458,7 +459,7 @@ class Requests_Transport_cURL implements Requests_Transport {
* @param string $data Body data * @param string $data Body data
* @return integer Length of provided data * @return integer Length of provided data
*/ */
protected function stream_body($handle, $data) { public function stream_body($handle, $data) {
$this->hooks->dispatch('request.progress', array($data, $this->response_bytes, $this->response_byte_limit)); $this->hooks->dispatch('request.progress', array($data, $this->response_bytes, $this->response_byte_limit));
$data_length = strlen($data); $data_length = strlen($data);

View File

@ -70,7 +70,9 @@ class Requests_Transport_fsockopen implements Requests_Transport {
// HTTPS support // HTTPS support
if (isset($url_parts['scheme']) && strtolower($url_parts['scheme']) === 'https') { if (isset($url_parts['scheme']) && strtolower($url_parts['scheme']) === 'https') {
$remote_socket = 'ssl://' . $host; $remote_socket = 'ssl://' . $host;
if (!isset($url_parts['port'])) {
$url_parts['port'] = 443; $url_parts['port'] = 443;
}
$context_options = array( $context_options = array(
'verify_peer' => true, 'verify_peer' => true,
@ -97,6 +99,7 @@ class Requests_Transport_fsockopen implements Requests_Transport {
} }
if (isset($options['verifyname']) && $options['verifyname'] === false) { if (isset($options['verifyname']) && $options['verifyname'] === false) {
$context_options['verify_peer_name'] = false;
$verifyname = false; $verifyname = false;
} }
@ -171,7 +174,7 @@ class Requests_Transport_fsockopen implements Requests_Transport {
if (!isset($case_insensitive_headers['Host'])) { if (!isset($case_insensitive_headers['Host'])) {
$out .= sprintf('Host: %s', $url_parts['host']); $out .= sprintf('Host: %s', $url_parts['host']);
if ($url_parts['port'] !== 80) { if (( 'http' === strtolower($url_parts['scheme']) && $url_parts['port'] !== 80 ) || ( 'https' === strtolower($url_parts['scheme']) && $url_parts['port'] !== 443 )) {
$out .= ':' . $url_parts['port']; $out .= ':' . $url_parts['port'];
} }
$out .= "\r\n"; $out .= "\r\n";

View File

@ -332,6 +332,7 @@ class WP_Http {
// SSL certificate handling // SSL certificate handling
if ( ! $r['sslverify'] ) { if ( ! $r['sslverify'] ) {
$options['verify'] = false; $options['verify'] = false;
$options['verifyname'] = false;
} else { } else {
$options['verify'] = $r['sslcertificates']; $options['verify'] = $r['sslcertificates'];
} }
@ -362,9 +363,6 @@ class WP_Http {
} }
} }
// Work around a bug in Requests when the path starts with // See https://github.com/rmccue/Requests/issues/231
$url = preg_replace( '!^(\w+://[^/]+)//(.*)$!i', '$1/$2', $url );
try { try {
$requests_response = Requests::request( $url, $headers, $data, $type, $options ); $requests_response = Requests::request( $url, $headers, $data, $type, $options );

View File

@ -749,15 +749,17 @@ class Requests {
* @return string Decoded body * @return string Decoded body
*/ */
protected static function decode_chunked($data) { protected static function decode_chunked($data) {
if (!preg_match('/^([0-9a-f]+)[^\r\n]*\r\n/i', trim($data))) { if (!preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', trim($data))) {
return $data; return $data;
} }
$decoded = ''; $decoded = '';
$encoded = $data; $encoded = $data;
while (true) { while (true) {
$is_chunked = (bool) preg_match('/^([0-9a-f]+)[^\r\n]*\r\n/i', $encoded, $matches); $is_chunked = (bool) preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', $encoded, $matches);
if (!$is_chunked) { if (!$is_chunked) {
// Looks like it's not chunked after all // Looks like it's not chunked after all
return $data; return $data;