/**
* Test if an open base dir has been defined.
* If so, the list of well known root ca bundle locations will get matched against the list of defined basedirs
* and if none matches, the fallback on the embedded bundle will be activated.
*
* @param \Phar $phar The composer phar file.
*
* @return void
*/
public static function setCaFileIfOpenBaseDirInUse(\Phar $phar)
{
// No open basedir active - we do not need to check.
if ('' === ($directories = ini_get('open_basedir'))) {
return;
}
$directories = explode(':', $directories);
// See list in \Composer\Util\RemoteFilesystem::
$caBundlePaths = array('/etc/pki/tls/certs/ca-bundle.crt', '/etc/ssl/certs/ca-certificates.crt', '/etc/ssl/ca-bundle.pem', '/usr/local/share/certs/ca-root-nss.crt', '/usr/ssl/certs/ca-bundle.crt', '/opt/local/share/curl/curl-ca-bundle.crt', '/usr/local/share/curl/curl-ca-bundle.crt', '/usr/share/ssl/certs/ca-bundle.crt', '/etc/ssl/cert.pem', '/usr/local/etc/ssl/cert.pem', sys_get_temp_dir());
// Scan for open base dir intersection of known ca bundle paths.
foreach ($directories as $directory) {
foreach ($caBundlePaths as $caBundlePath) {
if (0 === strncmp($directory, dirname($caBundlePath), strlen($directory))) {
return;
}
}
}
// Fall back to the embedded certificate list otherwise.
// Note that we can not use the internal mechanism of composer for this, as there sys_get_temp_dir() is used.
// This will resort to /tmp on most systems which is almost certainly not within the allowed paths.
if (class_exists('Composer\\CaBundle\\CaBundle')) {
$file = \Composer\CaBundle\CaBundle::getBundledCaBundlePath();
} else {
$file = $phar['res/cacert.pem']->getPathname();
}
// Try to unpack cacert.pem and use it.
$hash = hash_file('sha256', $file);
$targetPath = rtrim(TL_ROOT . '/system/cache', '\\/') . '/composer-cacert-' . $hash . '.pem';
if (!file_exists($targetPath) || $hash !== hash_file('sha256', $targetPath)) {
self::streamCopy($file, $targetPath);
chmod($targetPath, 0666);
}
Messages::addWarning('System certificate bundle not readable, will try to use embedded certificate list.');
putenv('SSL_CERT_FILE=' . $targetPath);
}
/**
* @param string $uid
* @param null $updatedFrom
* @param bool $preview
* @return \Generator|Entity\Product[]
*/
public function readFromUrl($uid, $updatedFrom = null, $preview = false)
{
if (preg_match('~https://shopapi.cz/feed/([a-z0-9]+)~', $uid, $m)) {
trigger_error("Deprecated parameter \$url - use export UID", E_USER_DEPRECATED);
$uid = $m[1];
}
$tmpFile = tmpfile();
if (!$tmpFile) {
throw new IOException('Temporary file couldn\'t be created');
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->createUrl($uid, $updatedFrom, $preview));
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_ENCODING, '');
curl_setopt($ch, CURLOPT_FILE, $tmpFile);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['User-agent' => 'Mozilla/5.0 (compatible; ShopAPI/0.1; +https://shopapi.cz)']);
curl_setopt($ch, CURLOPT_HEADER, false);
if (class_exists('Composer\\CaBundle\\CaBundle')) {
curl_setopt($ch, CURLOPT_CAINFO, \Composer\CaBundle\CaBundle::getBundledCaBundlePath());
}
$result = curl_exec($ch);
if ($result === false) {
throw new IOException('Unable to establish connection to ShopAPI: curl error (' . curl_errno($ch) . ') - ' . curl_error($ch));
}
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode !== 200) {
throw new IOException('Feed download failed: HTTP ' . $httpCode);
}
$tmpFileMeta = stream_get_meta_data($tmpFile);
if ($tmpFileMeta === false) {
throw new IOException('Couldn\'t read temporary file metadata');
}
if (!isset($tmpFileMeta['uri'])) {
throw new IOException('Couldn\'t read temporary file path');
}
foreach ($this->readFromPath($tmpFileMeta['uri']) as $item) {
(yield $item);
}
fclose($tmpFile);
}
/**
* Compiles composer into a single phar file
*
* @param string $pharFile The full path to the file to create
* @throws \RuntimeException
*/
public function compile($pharFile = 'composer.phar')
{
if (file_exists($pharFile)) {
unlink($pharFile);
}
$process = new Process('git log --pretty="%H" -n1 HEAD', __DIR__);
if ($process->run() != 0) {
throw new \RuntimeException('Can\'t run git log. You must ensure to run compile from composer git repository clone and that git binary is available.');
}
$this->version = trim($process->getOutput());
$process = new Process('git log -n1 --pretty=%ci HEAD', __DIR__);
if ($process->run() != 0) {
throw new \RuntimeException('Can\'t run git log. You must ensure to run compile from composer git repository clone and that git binary is available.');
}
$this->versionDate = new \DateTime(trim($process->getOutput()));
$this->versionDate->setTimezone(new \DateTimeZone('UTC'));
$process = new Process('git describe --tags --exact-match HEAD');
if ($process->run() == 0) {
$this->version = trim($process->getOutput());
} else {
// get branch-alias defined in composer.json for dev-master (if any)
$localConfig = __DIR__ . '/../../composer.json';
$file = new JsonFile($localConfig);
$localConfig = $file->read();
if (isset($localConfig['extra']['branch-alias']['dev-master'])) {
$this->branchAliasVersion = $localConfig['extra']['branch-alias']['dev-master'];
}
}
$phar = new \Phar($pharFile, 0, 'composer.phar');
$phar->setSignatureAlgorithm(\Phar::SHA1);
$phar->startBuffering();
$finderSort = function ($a, $b) {
return strcmp(strtr($a->getRealPath(), '\\', '/'), strtr($b->getRealPath(), '\\', '/'));
};
$finder = new Finder();
$finder->files()->ignoreVCS(true)->name('*.php')->notName('Compiler.php')->notName('ClassLoader.php')->in(__DIR__ . '/..')->sort($finderSort);
foreach ($finder as $file) {
$this->addFile($phar, $file);
}
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/Autoload/ClassLoader.php'), false);
$finder = new Finder();
$finder->files()->name('*.json')->in(__DIR__ . '/../../res')->in(SpdxLicenses::getResourcesDir())->sort($finderSort);
foreach ($finder as $file) {
$this->addFile($phar, $file, false);
}
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/seld/cli-prompt/res/hiddeninput.exe'), false);
$finder = new Finder();
$finder->files()->ignoreVCS(true)->name('*.php')->name('LICENSE')->exclude('Tests')->exclude('tests')->exclude('docs')->in(__DIR__ . '/../../vendor/symfony/')->in(__DIR__ . '/../../vendor/seld/jsonlint/')->in(__DIR__ . '/../../vendor/seld/cli-prompt/')->in(__DIR__ . '/../../vendor/justinrainbow/json-schema/')->in(__DIR__ . '/../../vendor/composer/spdx-licenses/')->in(__DIR__ . '/../../vendor/composer/semver/')->in(__DIR__ . '/../../vendor/composer/ca-bundle/')->in(__DIR__ . '/../../vendor/psr/')->sort($finderSort);
foreach ($finder as $file) {
$this->addFile($phar, $file);
}
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/autoload.php'));
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/autoload_namespaces.php'));
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/autoload_psr4.php'));
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/autoload_classmap.php'));
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/autoload_files.php'));
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/autoload_real.php'));
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/autoload_static.php'));
if (file_exists(__DIR__ . '/../../vendor/composer/include_paths.php')) {
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/include_paths.php'));
}
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../vendor/composer/ClassLoader.php'));
$this->addFile($phar, new \SplFileInfo(CaBundle::getBundledCaBundlePath()), false);
$this->addComposerBin($phar);
// Stubs
$phar->setStub($this->getStub());
$phar->stopBuffering();
// disabled for interoperability with systems without gzip ext
// $phar->compressFiles(\Phar::GZ);
$this->addFile($phar, new \SplFileInfo(__DIR__ . '/../../LICENSE'), false);
unset($phar);
// re-sign the phar with reproducible timestamp / signature
$util = new Timestamps($pharFile);
$util->updateTimestamps($this->versionDate);
$util->save($pharFile, \Phar::SHA1);
}
