/**
* Contributed by Justin Miller <*****@*****.**>
* Requires curl to be built into PHP
* NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers!
*
* @param Request $req
* @param string $server
* @param int $port
* @param int $timeout
* @param string $username
* @param string $password
* @param int $authType
* @param string $cert
* @param string $certPass
* @param string $caCert
* @param string $caCertDir
* @param string $proxyHost
* @param int $proxyPort
* @param string $proxyUsername
* @param string $proxyPassword
* @param int $proxyAuthType
* @param string $method
* @param bool $keepAlive
* @param string $key
* @param string $keyPass
* @param int $sslVersion
* @return Response
*/
protected function sendPayloadCURL($req, $server, $port, $timeout = 0, $username = '', $password = '', $authType = 1, $cert = '', $certPass = '', $caCert = '', $caCertDir = '', $proxyHost = '', $proxyPort = 0, $proxyUsername = '', $proxyPassword = '', $proxyAuthType = 1, $method = 'https', $keepAlive = false, $key = '', $keyPass = '', $sslVersion = 0)
{
if (!function_exists('curl_init')) {
$this->errstr = 'CURL unavailable on this install';
return new Response(0, PhpXmlRpc::$xmlrpcerr['no_curl'], PhpXmlRpc::$xmlrpcstr['no_curl']);
}
if ($method == 'https') {
if (($info = curl_version()) && (is_string($info) && strpos($info, 'OpenSSL') === null || is_array($info) && !isset($info['ssl_version']))) {
$this->errstr = 'SSL unavailable on this install';
return new Response(0, PhpXmlRpc::$xmlrpcerr['no_ssl'], PhpXmlRpc::$xmlrpcstr['no_ssl']);
}
}
if ($port == 0) {
if ($method == 'http') {
$port = 80;
} else {
$port = 443;
}
}
// Only create the payload if it was not created previously
if (empty($req->payload)) {
$req->createPayload($this->request_charset_encoding);
}
// Deflate request body and set appropriate request headers
$payload = $req->payload;
if (function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) {
if ($this->request_compression == 'gzip') {
$a = @gzencode($payload);
if ($a) {
$payload = $a;
$encodingHdr = 'Content-Encoding: gzip';
}
} else {
$a = @gzcompress($payload);
if ($a) {
$payload = $a;
$encodingHdr = 'Content-Encoding: deflate';
}
}
} else {
$encodingHdr = '';
}
if ($this->debug > 1) {
Logger::instance()->debugMessage("---SENDING---\n{$payload}\n---END---");
}
if (!$keepAlive || !$this->xmlrpc_curl_handle) {
$curl = curl_init($method . '://' . $server . ':' . $port . $this->path);
if ($keepAlive) {
$this->xmlrpc_curl_handle = $curl;
}
} else {
$curl = $this->xmlrpc_curl_handle;
}
// results into variable
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
if ($this->debug > 1) {
curl_setopt($curl, CURLOPT_VERBOSE, true);
/// @todo allow callers to redirect curlopt_stderr to some stream which can be buffered
}
curl_setopt($curl, CURLOPT_USERAGENT, $this->user_agent);
// required for XMLRPC: post the data
curl_setopt($curl, CURLOPT_POST, 1);
// the data
curl_setopt($curl, CURLOPT_POSTFIELDS, $payload);
// return the header too
curl_setopt($curl, CURLOPT_HEADER, 1);
// NB: if we set an empty string, CURL will add http header indicating
// ALL methods it is supporting. This is possibly a better option than
// letting the user tell what curl can / cannot do...
if (is_array($this->accepted_compression) && count($this->accepted_compression)) {
//curl_setopt($curl, CURLOPT_ENCODING, implode(',', $this->accepted_compression));
// empty string means 'any supported by CURL' (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if (count($this->accepted_compression) == 1) {
curl_setopt($curl, CURLOPT_ENCODING, $this->accepted_compression[0]);
} else {
curl_setopt($curl, CURLOPT_ENCODING, '');
}
}
// extra headers
$headers = array('Content-Type: ' . $req->content_type, 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings));
// if no keepalive is wanted, let the server know it in advance
if (!$keepAlive) {
$headers[] = 'Connection: close';
}
// request compression header
if ($encodingHdr) {
$headers[] = $encodingHdr;
}
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
// timeout is borked
if ($timeout) {
curl_setopt($curl, CURLOPT_TIMEOUT, $timeout == 1 ? 1 : $timeout - 1);
}
if ($username && $password) {
curl_setopt($curl, CURLOPT_USERPWD, $username . ':' . $password);
if (defined('CURLOPT_HTTPAUTH')) {
curl_setopt($curl, CURLOPT_HTTPAUTH, $authType);
} elseif ($authType != 1) {
error_log('XML-RPC: ' . __METHOD__ . ': warning. Only Basic auth is supported by the current PHP/curl install');
}
}
if ($method == 'https') {
// set cert file
if ($cert) {
curl_setopt($curl, CURLOPT_SSLCERT, $cert);
}
// set cert password
if ($certPass) {
curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $certPass);
}
// whether to verify remote host's cert
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verifypeer);
// set ca certificates file/dir
if ($caCert) {
curl_setopt($curl, CURLOPT_CAINFO, $caCert);
}
if ($caCertDir) {
curl_setopt($curl, CURLOPT_CAPATH, $caCertDir);
}
// set key file (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if ($key) {
curl_setopt($curl, CURLOPT_SSLKEY, $key);
}
// set key password (shall we catch errors in case CURLOPT_SSLKEY undefined ?)
if ($keyPass) {
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keyPass);
}
// whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);
// allow usage of different SSL versions
curl_setopt($curl, CURLOPT_SSLVERSION, $sslVersion);
}
// proxy info
if ($proxyHost) {
if ($proxyPort == 0) {
$proxyPort = 8080;
// NB: even for HTTPS, local connection is on port 8080
}
curl_setopt($curl, CURLOPT_PROXY, $proxyHost . ':' . $proxyPort);
if ($proxyUsername) {
curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxyUsername . ':' . $proxyPassword);
if (defined('CURLOPT_PROXYAUTH')) {
curl_setopt($curl, CURLOPT_PROXYAUTH, $proxyAuthType);
} elseif ($proxyAuthType != 1) {
error_log('XML-RPC: ' . __METHOD__ . ': warning. Only Basic auth to proxy is supported by the current PHP/curl install');
}
}
}
// NB: should we build cookie http headers by hand rather than let CURL do it?
// the following code does not honour 'expires', 'path' and 'domain' cookie attributes
// set to client obj the the user...
if (count($this->cookies)) {
$cookieHeader = '';
foreach ($this->cookies as $name => $cookie) {
$cookieHeader .= $name . '=' . $cookie['value'] . '; ';
}
curl_setopt($curl, CURLOPT_COOKIE, substr($cookieHeader, 0, -2));
}
foreach ($this->extracurlopts as $opt => $val) {
curl_setopt($curl, $opt, $val);
}
$result = curl_exec($curl);
if ($this->debug > 1) {
$message = "---CURL INFO---\n";
foreach (curl_getinfo($curl) as $name => $val) {
if (is_array($val)) {
$val = implode("\n", $val);
}
$message .= $name . ': ' . $val . "\n";
}
$message .= "---END---";
Logger::instance()->debugMessage($message);
}
if (!$result) {
/// @todo we should use a better check here - what if we get back '' or '0'?
$this->errstr = 'no response';
$resp = new Response(0, PhpXmlRpc::$xmlrpcerr['curl_fail'], PhpXmlRpc::$xmlrpcstr['curl_fail'] . ': ' . curl_error($curl));
curl_close($curl);
if ($keepAlive) {
$this->xmlrpc_curl_handle = null;
}
} else {
if (!$keepAlive) {
curl_close($curl);
}
$resp = $req->parseResponse($result, true, $this->return_type);
// if we got back a 302, we can not reuse the curl handle for later calls
if ($resp->faultCode() == PhpXmlRpc::$xmlrpcerr['http_error'] && $keepAlive) {
curl_close($curl);
$this->xmlrpc_curl_handle = null;
}
}
return $resp;
}
