HTTP: Update Requests to master (0048f3c) which fixes a number of outstanding issues.

Merges [38727] to the 4.6 branch.

Fixes #38070, #37733 by reverting part of [38429] and using the fix in Requests.
Fixes #37992 allowing for connecting to SSL resources on ports other than 443.
Fixes #37991 by not sending default ports in the `Host:` header.
Fixes #37839 to match and decode Chunked responses correctly.
Fixes #38232 allowing a SSL connection to ignore the hostname of the certificate when verification is disabled.


git-svn-id: https://develop.svn.wordpress.org/branches/4.6@38728 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dion Hulse 2016-10-05 03:26:37 +00:00
parent 9df5a81e7c
commit 080ed23b74
5 changed files with 15 additions and 14 deletions

View File

@ -688,10 +688,7 @@ class Requests_IRI {
$isauthority = $this->iuserinfo !== null || $this->ihost !== null || $this->port !== null;
if ($this->ipath !== '' &&
(
$isauthority && (
$this->ipath[0] !== '/' ||
substr($this->ipath, 0, 2) === '//'
) ||
$isauthority && $this->ipath[0] !== '/' ||
(
$this->scheme === null &&
!$isauthority &&

View File

@ -375,8 +375,9 @@ class Requests_Transport_cURL implements Requests_Transport {
curl_setopt($this->handle, CURLOPT_URL, $url);
curl_setopt($this->handle, CURLOPT_REFERER, $url);
curl_setopt($this->handle, CURLOPT_USERAGENT, $options['useragent']);
if (!empty($headers)) {
curl_setopt($this->handle, CURLOPT_HTTPHEADER, $headers);
}
if ($options['protocol_version'] === 1.1) {
curl_setopt($this->handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
}
@ -458,7 +459,7 @@ class Requests_Transport_cURL implements Requests_Transport {
* @param string $data Body data
* @return integer Length of provided data
*/
protected function stream_body($handle, $data) {
public function stream_body($handle, $data) {
$this->hooks->dispatch('request.progress', array($data, $this->response_bytes, $this->response_byte_limit));
$data_length = strlen($data);

View File

@ -70,7 +70,9 @@ class Requests_Transport_fsockopen implements Requests_Transport {
// HTTPS support
if (isset($url_parts['scheme']) && strtolower($url_parts['scheme']) === 'https') {
$remote_socket = 'ssl://' . $host;
if (!isset($url_parts['port'])) {
$url_parts['port'] = 443;
}
$context_options = array(
'verify_peer' => true,
@ -97,6 +99,7 @@ class Requests_Transport_fsockopen implements Requests_Transport {
}
if (isset($options['verifyname']) && $options['verifyname'] === false) {
$context_options['verify_peer_name'] = false;
$verifyname = false;
}
@ -171,7 +174,7 @@ class Requests_Transport_fsockopen implements Requests_Transport {
if (!isset($case_insensitive_headers['Host'])) {
$out .= sprintf('Host: %s', $url_parts['host']);
if ($url_parts['port'] !== 80) {
if (( 'http' === strtolower($url_parts['scheme']) && $url_parts['port'] !== 80 ) || ( 'https' === strtolower($url_parts['scheme']) && $url_parts['port'] !== 443 )) {
$out .= ':' . $url_parts['port'];
}
$out .= "\r\n";

View File

@ -332,6 +332,7 @@ class WP_Http {
// SSL certificate handling
if ( ! $r['sslverify'] ) {
$options['verify'] = false;
$options['verifyname'] = false;
} else {
$options['verify'] = $r['sslcertificates'];
}
@ -362,9 +363,6 @@ class WP_Http {
}
}
// Work around a bug in Requests when the path starts with // See https://github.com/rmccue/Requests/issues/231
$url = preg_replace( '!^(\w+://[^/]+)//(.*)$!i', '$1/$2', $url );
try {
$requests_response = Requests::request( $url, $headers, $data, $type, $options );

View File

@ -749,15 +749,17 @@ class Requests {
* @return string Decoded body
*/
protected static function decode_chunked($data) {
if (!preg_match('/^([0-9a-f]+)[^\r\n]*\r\n/i', trim($data))) {
if (!preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', trim($data))) {
return $data;
}
$decoded = '';
$encoded = $data;
while (true) {
$is_chunked = (bool) preg_match('/^([0-9a-f]+)[^\r\n]*\r\n/i', $encoded, $matches);
$is_chunked = (bool) preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', $encoded, $matches);
if (!$is_chunked) {
// Looks like it's not chunked after all
return $data;