/** * Contributed by Justin Miller <*****@*****.**> * Requires curl to be built into PHP * NB: CURL versions before 7.11.10 cannot use proxy to talk to https servers! * @access private */ function &sendPayloadCURL($msg, $server, $port, $timeout = 0, $username = '', $password = '', $authtype = 1, $cert = '', $certpass = '', $cacert = '', $cacertdir = '', $proxyhost = '', $proxyport = 0, $proxyusername = '', $proxypassword = '', $proxyauthtype = 1, $method = 'https', $keepalive = false, $key = '', $keypass = '') { if (!function_exists('curl_init')) { $this->errstr = 'CURL unavailable on this install'; $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_curl'], $GLOBALS['xmlrpcstr']['no_curl']); return $r; } if ($method == 'https') { if (($info = curl_version()) && (is_string($info) && strpos($info, 'OpenSSL') === null || is_array($info) && !isset($info['ssl_version']))) { $this->errstr = 'SSL unavailable on this install'; $r = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['no_ssl'], $GLOBALS['xmlrpcstr']['no_ssl']); return $r; } } if ($port == 0) { if ($method == 'http') { $port = 80; } else { $port = 443; } } // Only create the payload if it was not created previously if (empty($msg->payload)) { $msg->createPayload($this->request_charset_encoding); } // Deflate request body and set appropriate request headers $payload = $msg->payload; if (function_exists('gzdeflate') && ($this->request_compression == 'gzip' || $this->request_compression == 'deflate')) { if ($this->request_compression == 'gzip') { $a = @gzencode($payload); if ($a) { $payload = $a; $encoding_hdr = 'Content-Encoding: gzip'; } } else { $a = @gzcompress($payload); if ($a) { $payload = $a; $encoding_hdr = 'Content-Encoding: deflate'; } } } else { $encoding_hdr = ''; } if ($this->debug > 1) { print "<PRE>\n---SENDING---\n" . htmlentities($payload) . "\n---END---\n</PRE>"; // let the client see this now in case http times out... flush(); } if (!$keepalive || !$this->xmlrpc_curl_handle) { $curl = curl_init($method . '://' . $server . ':' . $port . $this->path); if ($keepalive) { $this->xmlrpc_curl_handle = $curl; } } else { $curl = $this->xmlrpc_curl_handle; } // results into variable curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); if ($this->debug) { curl_setopt($curl, CURLOPT_VERBOSE, 1); } curl_setopt($curl, CURLOPT_USERAGENT, $this->user_agent); // required for XMLRPC: post the data curl_setopt($curl, CURLOPT_POST, 1); // the data curl_setopt($curl, CURLOPT_POSTFIELDS, $payload); // return the header too curl_setopt($curl, CURLOPT_HEADER, 1); // NB: if we set an empty string, CURL will add http header indicating // ALL methods it is supporting. This is possibly a better option than // letting the user tell what curl can / cannot do... if (is_array($this->accepted_compression) && count($this->accepted_compression)) { //curl_setopt($curl, CURLOPT_ENCODING, implode(',', $this->accepted_compression)); // empty string means 'any supported by CURL' (shall we catch errors in case CURLOPT_SSLKEY undefined ?) if (count($this->accepted_compression) == 1) { curl_setopt($curl, CURLOPT_ENCODING, $this->accepted_compression[0]); } else { curl_setopt($curl, CURLOPT_ENCODING, ''); } } // extra headers $headers = array('Content-Type: ' . $msg->content_type, 'Accept-Charset: ' . implode(',', $this->accepted_charset_encodings)); if (is_array($this->accepted_content_type) && count($this->accepted_content_type)) { $headers[] = 'Accept: ' . implode(', ', $this->accepted_content_type); } // if no keepalive is wanted, let the server know it in advance if (!$keepalive) { $headers[] = 'Connection: close'; } // request compression header if ($encoding_hdr) { $headers[] = $encoding_hdr; } curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); // timeout is borked if ($timeout) { curl_setopt($curl, CURLOPT_TIMEOUT, $timeout == 1 ? 1 : $timeout - 1); } if ($username && $password) { curl_setopt($curl, CURLOPT_USERPWD, $username . ':' . $password); if (defined('CURLOPT_HTTPAUTH')) { curl_setopt($curl, CURLOPT_HTTPAUTH, $authtype); } else { if ($authtype != 1) { error_log('XML-RPC: ' . __METHOD__ . ': warning. Only Basic auth is supported by the current PHP/curl install'); } } } if ($method == 'https') { // set cert file if ($cert) { curl_setopt($curl, CURLOPT_SSLCERT, $cert); } // set cert password if ($certpass) { curl_setopt($curl, CURLOPT_SSLCERTPASSWD, $certpass); } // whether to verify remote host's cert curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, $this->verifypeer); // set ca certificates file/dir if ($cacert) { curl_setopt($curl, CURLOPT_CAINFO, $cacert); } if ($cacertdir) { curl_setopt($curl, CURLOPT_CAPATH, $cacertdir); } // set key file (shall we catch errors in case CURLOPT_SSLKEY undefined ?) if ($key) { curl_setopt($curl, CURLOPT_SSLKEY, $key); } // set key password (shall we catch errors in case CURLOPT_SSLKEY undefined ?) if ($keypass) { curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass); } // whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost); } // proxy info if ($proxyhost) { if ($proxyport == 0) { $proxyport = 8080; // NB: even for HTTPS, local connection is on port 8080 } curl_setopt($curl, CURLOPT_PROXY, $proxyhost . ':' . $proxyport); //curl_setopt($curl, CURLOPT_PROXYPORT,$proxyport); if ($proxyusername) { curl_setopt($curl, CURLOPT_PROXYUSERPWD, $proxyusername . ':' . $proxypassword); if (defined('CURLOPT_PROXYAUTH')) { curl_setopt($curl, CURLOPT_PROXYAUTH, $proxyauthtype); } else { if ($proxyauthtype != 1) { error_log('XML-RPC: ' . __METHOD__ . ': warning. Only Basic auth to proxy is supported by the current PHP/curl install'); } } } } // NB: should we build cookie http headers by hand rather than let CURL do it? // the following code does not honour 'expires', 'path' and 'domain' cookie attributes // set to client obj the the user... if (count($this->cookies)) { $cookieheader = ''; foreach ($this->cookies as $name => $cookie) { $cookieheader .= $name . '=' . $cookie['value'] . '; '; } curl_setopt($curl, CURLOPT_COOKIE, substr($cookieheader, 0, -2)); } foreach ($this->extracurlopts as $opt => $val) { curl_setopt($curl, $opt, $val); } $result = curl_exec($curl); if ($this->debug > 1) { print "<PRE>\n---CURL INFO---\n"; foreach (curl_getinfo($curl) as $name => $val) { if (is_array($val)) { $val = implode("\n", $val); } print $name . ': ' . htmlentities($val) . "\n"; } print "---END---\n</PRE>"; } if (!$result) { $this->errstr = 'no response'; $resp = new xmlrpcresp(0, $GLOBALS['xmlrpcerr']['curl_fail'], $GLOBALS['xmlrpcstr']['curl_fail'] . ': ' . curl_error($curl)); curl_close($curl); if ($keepalive) { $this->xmlrpc_curl_handle = null; } } else { if (!$keepalive) { curl_close($curl); } $resp =& $msg->parseResponse($result, true, $this->return_type); // if we got back a 302, we can not reuse the curl handle for later calls if ($resp->faultCode() == $GLOBALS['xmlrpcerr']['http_error'] && $keepalive) { curl_close($curl); $this->xmlrpc_curl_handle = null; } } return $resp; }
/** * Handles RPC request methods * @param {xmlrpcmsg} $request XML-RPC Request Object */ public function handleRPCMethod(xmlrpcmsg $request) { $username = $request->getParam(1)->getval(); $password = $request->getParam(2)->getval(); if ($this->authenticate($username, $password)) { $method = str_replace(array('blogger.', 'metaWeblog.', 'kapost.'), '', $request->methodname); if (!in_array($request->methodname, $this->exposed_methods) || !method_exists($this, $method)) { return $this->httpError(403, _t('KapostService.METHOD_NOT_ALLOWED', '_Action "{method}" is not allowed on class Kapost Service.', array('method' => $request->methodname))); } //Pack params into call to method if they are not the authentication parameters $params = array(); for ($i = 0; $i < $request->getNumParams(); $i++) { if ($i != 1 && $i != 2) { $params[] = php_xmlrpc_decode($request->getParam($i)); } } //Convert the custom fields to an associtive array if (array_key_exists(1, $params) && is_array($params[1]) && array_key_exists('custom_fields', $params[1])) { $params[1]['custom_fields'] = $this->struct_to_assoc($params[1]['custom_fields']); } //If transactions are supported start one for newPost and editPost if (($method == 'newPost' || $method == 'editPost') && DB::getConn()->supportsTransactions()) { DB::getConn()->transactionStart(); } //Call the method $response = call_user_func_array(array($this, $method), $params); if ($response instanceof xmlrpcresp) { //If transactions are supported check the response and rollback in the case of a fault if (($method == 'newPost' || $method == 'editPost' || $method == 'newMediaObject') && DB::getConn()->supportsTransactions()) { if ($response->faultCode() != 0) { DB::getConn()->transactionRollback(); } else { DB::getConn()->transactionEnd(); } } return $response; //Response is already encoded so return } //Encode the response $response = php_xmlrpc_encode($response); if (is_object($response) && $response instanceof xmlrpcval) { $response = new xmlrpcresp($response); if (($method == 'newPost' || $method == 'editPost' || $method == 'newMediaObject') && DB::getConn()->supportsTransactions()) { if ($response->faultCode() != 0) { DB::getConn()->transactionRollback(); } else { DB::getConn()->transactionEnd(); } } return $response; } return $this->httpError(500, _t('KapostService.INVALID_RESPONSE', '_Invalid response returned from {method}, response was: {response}', array('method' => $method, 'response' => print_r($response, true)))); } return $this->httpError(401, _t('KapostService.AUTH_FAIL', '_Authentication Failed, please check the App Center credentials for the SilverStripe end point.')); }