2013-12-08 23:19:00 +00:00
|
|
|
<?php
|
2014-01-29 22:44:54 +00:00
|
|
|
/**
|
|
|
|
|
* HTTP service client
|
|
|
|
|
*
|
|
|
|
|
* This program is free software; you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
|
|
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU General Public License along
|
|
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
|
* http://www.gnu.org/copyleft/gpl.html
|
|
|
|
|
*
|
|
|
|
|
* @file
|
|
|
|
|
*/
|
2013-12-08 23:19:00 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Class to handle concurrent HTTP requests
|
|
|
|
|
*
|
2014-01-29 22:44:54 +00:00
|
|
|
* HTTP request maps are arrays that use the following format:
|
2013-12-08 23:19:00 +00:00
|
|
|
* - method : GET/HEAD/PUT/POST/DELETE
|
|
|
|
|
* - url : HTTP/HTTPS URL
|
2014-01-09 21:38:55 +00:00
|
|
|
* - query : <query parameter field/value associative array> (uses RFC 3986)
|
2013-12-08 23:19:00 +00:00
|
|
|
* - headers : <header name/value associative array>
|
|
|
|
|
* - body : source to get the HTTP request body from;
|
|
|
|
|
* this can simply be a string (always), a resource for
|
2014-01-09 21:38:55 +00:00
|
|
|
* PUT requests, and a field/value array for POST request;
|
|
|
|
|
* array bodies are encoded as multipart/form-data and strings
|
|
|
|
|
* use application/x-www-form-urlencoded (headers sent automatically)
|
2013-12-08 23:19:00 +00:00
|
|
|
* - stream : resource to stream the HTTP response body to
|
2014-12-24 00:18:40 +00:00
|
|
|
* - proxy : HTTP proxy to use
|
2014-04-20 08:40:06 +00:00
|
|
|
* - flags : map of boolean flags which supports:
|
|
|
|
|
* - relayResponseHeaders : write out header via header()
|
2014-01-29 22:44:54 +00:00
|
|
|
* Request maps can use integer index 0 instead of 'method' and 1 instead of 'url'.
|
2013-12-08 23:19:00 +00:00
|
|
|
*
|
|
|
|
|
* @author Aaron Schulz
|
|
|
|
|
* @since 1.23
|
|
|
|
|
*/
|
|
|
|
|
class MultiHttpClient {
|
|
|
|
|
/** @var resource */
|
|
|
|
|
protected $multiHandle = null; // curl_multi handle
|
|
|
|
|
/** @var string|null SSL certificates path */
|
|
|
|
|
protected $caBundlePath;
|
|
|
|
|
/** @var integer */
|
2014-01-17 21:32:46 +00:00
|
|
|
protected $connTimeout = 10;
|
2013-12-08 23:19:00 +00:00
|
|
|
/** @var integer */
|
2014-01-17 21:32:46 +00:00
|
|
|
protected $reqTimeout = 300;
|
|
|
|
|
/** @var bool */
|
|
|
|
|
protected $usePipelining = false;
|
|
|
|
|
/** @var integer */
|
|
|
|
|
protected $maxConnsPerHost = 50;
|
2014-12-24 00:18:40 +00:00
|
|
|
/** @var string|null proxy */
|
|
|
|
|
protected $proxy;
|
2015-10-06 22:26:59 +00:00
|
|
|
/** @var string */
|
|
|
|
|
protected $userAgent = 'wikimedia/multi-http-client v1.0';
|
2013-12-08 23:19:00 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @param array $options
|
2015-04-21 04:22:55 +00:00
|
|
|
* - connTimeout : default connection timeout (seconds)
|
|
|
|
|
* - reqTimeout : default request timeout (seconds)
|
2014-12-24 00:18:40 +00:00
|
|
|
* - proxy : HTTP proxy to use
|
2014-01-17 21:32:46 +00:00
|
|
|
* - usePipelining : whether to use HTTP pipelining if possible (for all hosts)
|
|
|
|
|
* - maxConnsPerHost : maximum number of concurrent connections (per host)
|
2015-10-06 01:07:29 +00:00
|
|
|
* - userAgent : The User-Agent header value to send
|
2014-12-24 13:49:20 +00:00
|
|
|
* @throws Exception
|
2013-12-08 23:19:00 +00:00
|
|
|
*/
|
|
|
|
|
public function __construct( array $options ) {
|
|
|
|
|
if ( isset( $options['caBundlePath'] ) ) {
|
|
|
|
|
$this->caBundlePath = $options['caBundlePath'];
|
|
|
|
|
if ( !file_exists( $this->caBundlePath ) ) {
|
|
|
|
|
throw new Exception( "Cannot find CA bundle: " . $this->caBundlePath );
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-02-17 09:09:32 +00:00
|
|
|
static $opts = [
|
2015-10-06 01:07:29 +00:00
|
|
|
'connTimeout', 'reqTimeout', 'usePipelining', 'maxConnsPerHost', 'proxy', 'userAgent'
|
2016-02-17 09:09:32 +00:00
|
|
|
];
|
2014-01-17 21:32:46 +00:00
|
|
|
foreach ( $opts as $key ) {
|
|
|
|
|
if ( isset( $options[$key] ) ) {
|
|
|
|
|
$this->$key = $options[$key];
|
|
|
|
|
}
|
2013-12-08 23:19:00 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Execute an HTTP(S) request
|
|
|
|
|
*
|
|
|
|
|
* This method returns a response map of:
|
2015-06-20 20:42:40 +00:00
|
|
|
* - code : HTTP response code or 0 if there was a serious cURL error
|
|
|
|
|
* - reason : HTTP response reason (empty if there was a serious cURL error)
|
|
|
|
|
* - headers : <header name/value associative array>
|
|
|
|
|
* - body : HTTP response body or resource (if "stream" was set)
|
2014-12-19 21:49:57 +00:00
|
|
|
* - error : Any cURL error string
|
2015-06-20 20:42:40 +00:00
|
|
|
* The map also stores integer-indexed copies of these values. This lets callers do:
|
2015-04-29 04:49:40 +00:00
|
|
|
* @code
|
2014-01-28 20:21:29 +00:00
|
|
|
* list( $rcode, $rdesc, $rhdrs, $rbody, $rerr ) = $http->run( $req );
|
2015-04-29 04:49:40 +00:00
|
|
|
* @endcode
|
2013-12-08 23:19:00 +00:00
|
|
|
* @param array $req HTTP request array
|
2014-01-17 21:32:46 +00:00
|
|
|
* @param array $opts
|
2015-04-21 04:22:55 +00:00
|
|
|
* - connTimeout : connection timeout per request (seconds)
|
|
|
|
|
* - reqTimeout : post-connection timeout per request (seconds)
|
2013-12-08 23:19:00 +00:00
|
|
|
* @return array Response array for request
|
|
|
|
|
*/
|
2016-06-09 19:38:05 +00:00
|
|
|
public function run( array $req, array $opts = [] ) {
|
2016-02-17 19:54:59 +00:00
|
|
|
return $this->runMulti( [ $req ], $opts )[0]['response'];
|
2013-12-08 23:19:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2014-01-29 22:44:54 +00:00
|
|
|
* Execute a set of HTTP(S) requests concurrently
|
2013-12-08 23:19:00 +00:00
|
|
|
*
|
|
|
|
|
* The maps are returned by this method with the 'response' field set to a map of:
|
2014-12-24 13:49:20 +00:00
|
|
|
* - code : HTTP response code or 0 if there was a serious cURL error
|
|
|
|
|
* - reason : HTTP response reason (empty if there was a serious cURL error)
|
|
|
|
|
* - headers : <header name/value associative array>
|
|
|
|
|
* - body : HTTP response body or resource (if "stream" was set)
|
2014-12-19 21:49:57 +00:00
|
|
|
* - error : Any cURL error string
|
2014-12-24 13:49:20 +00:00
|
|
|
* The map also stores integer-indexed copies of these values. This lets callers do:
|
2015-04-29 04:49:40 +00:00
|
|
|
* @code
|
2014-12-24 13:49:20 +00:00
|
|
|
* list( $rcode, $rdesc, $rhdrs, $rbody, $rerr ) = $req['response'];
|
2015-04-29 04:49:40 +00:00
|
|
|
* @endcode
|
2013-12-08 23:19:00 +00:00
|
|
|
* All headers in the 'headers' field are normalized to use lower case names.
|
2014-01-29 22:44:54 +00:00
|
|
|
* This is true for the request headers and the response headers. Integer-indexed
|
|
|
|
|
* method/URL entries will also be changed to use the corresponding string keys.
|
2013-12-08 23:19:00 +00:00
|
|
|
*
|
2014-08-14 22:35:30 +00:00
|
|
|
* @param array $reqs Map of HTTP request arrays
|
2014-01-17 21:32:46 +00:00
|
|
|
* @param array $opts
|
2015-04-21 04:22:55 +00:00
|
|
|
* - connTimeout : connection timeout per request (seconds)
|
|
|
|
|
* - reqTimeout : post-connection timeout per request (seconds)
|
2014-01-17 21:32:46 +00:00
|
|
|
* - usePipelining : whether to use HTTP pipelining if possible
|
|
|
|
|
* - maxConnsPerHost : maximum number of concurrent connections (per host)
|
2013-12-08 23:19:00 +00:00
|
|
|
* @return array $reqs With response array populated for each
|
2014-12-24 13:49:20 +00:00
|
|
|
* @throws Exception
|
2013-12-08 23:19:00 +00:00
|
|
|
*/
|
2016-02-17 09:09:32 +00:00
|
|
|
public function runMulti( array $reqs, array $opts = [] ) {
|
2014-01-17 21:32:46 +00:00
|
|
|
$chm = $this->getCurlMulti();
|
2013-12-08 23:19:00 +00:00
|
|
|
|
|
|
|
|
// Normalize $reqs and add all of the required cURL handles...
|
2016-02-17 09:09:32 +00:00
|
|
|
$handles = [];
|
2013-12-08 23:19:00 +00:00
|
|
|
foreach ( $reqs as $index => &$req ) {
|
2016-02-17 09:09:32 +00:00
|
|
|
$req['response'] = [
|
2013-12-08 23:19:00 +00:00
|
|
|
'code' => 0,
|
|
|
|
|
'reason' => '',
|
2016-02-17 09:09:32 +00:00
|
|
|
'headers' => [],
|
2013-12-08 23:19:00 +00:00
|
|
|
'body' => '',
|
|
|
|
|
'error' => ''
|
2016-02-17 09:09:32 +00:00
|
|
|
];
|
2014-01-29 22:44:54 +00:00
|
|
|
if ( isset( $req[0] ) ) {
|
|
|
|
|
$req['method'] = $req[0]; // short-form
|
|
|
|
|
unset( $req[0] );
|
|
|
|
|
}
|
|
|
|
|
if ( isset( $req[1] ) ) {
|
|
|
|
|
$req['url'] = $req[1]; // short-form
|
|
|
|
|
unset( $req[1] );
|
|
|
|
|
}
|
2013-12-08 23:19:00 +00:00
|
|
|
if ( !isset( $req['method'] ) ) {
|
|
|
|
|
throw new Exception( "Request has no 'method' field set." );
|
|
|
|
|
} elseif ( !isset( $req['url'] ) ) {
|
|
|
|
|
throw new Exception( "Request has no 'url' field set." );
|
|
|
|
|
}
|
2016-02-17 09:09:32 +00:00
|
|
|
$req['query'] = isset( $req['query'] ) ? $req['query'] : [];
|
|
|
|
|
$headers = []; // normalized headers
|
2013-12-08 23:19:00 +00:00
|
|
|
if ( isset( $req['headers'] ) ) {
|
|
|
|
|
foreach ( $req['headers'] as $name => $value ) {
|
|
|
|
|
$headers[strtolower( $name )] = $value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$req['headers'] = $headers;
|
|
|
|
|
if ( !isset( $req['body'] ) ) {
|
|
|
|
|
$req['body'] = '';
|
|
|
|
|
$req['headers']['content-length'] = 0;
|
|
|
|
|
}
|
2014-04-20 08:40:06 +00:00
|
|
|
$req['flags'] = isset( $req['flags'] ) ? $req['flags'] : [];
|
2014-01-17 21:32:46 +00:00
|
|
|
$handles[$index] = $this->getCurlHandle( $req, $opts );
|
2013-12-08 23:19:00 +00:00
|
|
|
if ( count( $reqs ) > 1 ) {
|
|
|
|
|
// https://github.com/guzzle/guzzle/issues/349
|
|
|
|
|
curl_setopt( $handles[$index], CURLOPT_FORBID_REUSE, true );
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-01-29 22:44:54 +00:00
|
|
|
unset( $req ); // don't assign over this by accident
|
2013-12-08 23:19:00 +00:00
|
|
|
|
2014-01-17 21:32:46 +00:00
|
|
|
$indexes = array_keys( $reqs );
|
2016-10-02 05:25:06 +00:00
|
|
|
if ( isset( $opts['usePipelining'] ) ) {
|
|
|
|
|
curl_multi_setopt( $chm, CURLMOPT_PIPELINING, (int)$opts['usePipelining'] );
|
|
|
|
|
}
|
|
|
|
|
if ( isset( $opts['maxConnsPerHost'] ) ) {
|
|
|
|
|
// Keep these sockets around as they may be needed later in the request
|
|
|
|
|
curl_multi_setopt( $chm, CURLMOPT_MAXCONNECTS, (int)$opts['maxConnsPerHost'] );
|
2014-01-17 21:32:46 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// @TODO: use a per-host rolling handle window (e.g. CURLMOPT_MAX_HOST_CONNECTIONS)
|
|
|
|
|
$batches = array_chunk( $indexes, $this->maxConnsPerHost );
|
2016-02-17 09:09:32 +00:00
|
|
|
$infos = [];
|
2014-01-17 21:32:46 +00:00
|
|
|
|
|
|
|
|
foreach ( $batches as $batch ) {
|
|
|
|
|
// Attach all cURL handles for this batch
|
|
|
|
|
foreach ( $batch as $index ) {
|
|
|
|
|
curl_multi_add_handle( $chm, $handles[$index] );
|
|
|
|
|
}
|
|
|
|
|
// Execute the cURL handles concurrently...
|
|
|
|
|
$active = null; // handles still being processed
|
2013-12-08 23:19:00 +00:00
|
|
|
do {
|
2014-01-17 21:32:46 +00:00
|
|
|
// Do any available work...
|
|
|
|
|
do {
|
|
|
|
|
$mrc = curl_multi_exec( $chm, $active );
|
2015-05-13 09:38:21 +00:00
|
|
|
$info = curl_multi_info_read( $chm );
|
|
|
|
|
if ( $info !== false ) {
|
|
|
|
|
$infos[(int)$info['handle']] = $info;
|
|
|
|
|
}
|
2014-01-17 21:32:46 +00:00
|
|
|
} while ( $mrc == CURLM_CALL_MULTI_PERFORM );
|
|
|
|
|
// Wait (if possible) for available work...
|
|
|
|
|
if ( $active > 0 && $mrc == CURLM_OK ) {
|
|
|
|
|
if ( curl_multi_select( $chm, 10 ) == -1 ) {
|
|
|
|
|
// PHP bug 63411; http://curl.haxx.se/libcurl/c/curl_multi_fdset.html
|
|
|
|
|
usleep( 5000 ); // 5ms
|
|
|
|
|
}
|
2013-12-08 23:19:00 +00:00
|
|
|
}
|
2014-01-17 21:32:46 +00:00
|
|
|
} while ( $active > 0 && $mrc == CURLM_OK );
|
|
|
|
|
}
|
2013-12-08 23:19:00 +00:00
|
|
|
|
|
|
|
|
// Remove all of the added cURL handles and check for errors...
|
|
|
|
|
foreach ( $reqs as $index => &$req ) {
|
|
|
|
|
$ch = $handles[$index];
|
2014-01-17 21:32:46 +00:00
|
|
|
curl_multi_remove_handle( $chm, $ch );
|
2015-05-13 09:38:21 +00:00
|
|
|
|
2015-08-05 23:49:12 +00:00
|
|
|
if ( isset( $infos[(int)$ch] ) ) {
|
|
|
|
|
$info = $infos[(int)$ch];
|
|
|
|
|
$errno = $info['result'];
|
|
|
|
|
if ( $errno !== 0 ) {
|
|
|
|
|
$req['response']['error'] = "(curl error: $errno)";
|
|
|
|
|
if ( function_exists( 'curl_strerror' ) ) {
|
|
|
|
|
$req['response']['error'] .= " " . curl_strerror( $errno );
|
|
|
|
|
}
|
2015-05-13 09:38:21 +00:00
|
|
|
}
|
2015-08-05 23:49:12 +00:00
|
|
|
} else {
|
|
|
|
|
$req['response']['error'] = "(curl error: no status set)";
|
2013-12-08 23:19:00 +00:00
|
|
|
}
|
2015-05-13 09:38:21 +00:00
|
|
|
|
2013-12-08 23:19:00 +00:00
|
|
|
// For convenience with the list() operator
|
|
|
|
|
$req['response'][0] = $req['response']['code'];
|
|
|
|
|
$req['response'][1] = $req['response']['reason'];
|
|
|
|
|
$req['response'][2] = $req['response']['headers'];
|
|
|
|
|
$req['response'][3] = $req['response']['body'];
|
|
|
|
|
$req['response'][4] = $req['response']['error'];
|
|
|
|
|
curl_close( $ch );
|
|
|
|
|
// Close any string wrapper file handles
|
|
|
|
|
if ( isset( $req['_closeHandle'] ) ) {
|
|
|
|
|
fclose( $req['_closeHandle'] );
|
|
|
|
|
unset( $req['_closeHandle'] );
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-01-29 22:44:54 +00:00
|
|
|
unset( $req ); // don't assign over this by accident
|
2013-12-08 23:19:00 +00:00
|
|
|
|
2014-01-17 21:32:46 +00:00
|
|
|
// Restore the default settings
|
2016-10-02 05:25:06 +00:00
|
|
|
curl_multi_setopt( $chm, CURLMOPT_PIPELINING, (int)$this->usePipelining );
|
|
|
|
|
curl_multi_setopt( $chm, CURLMOPT_MAXCONNECTS, (int)$this->maxConnsPerHost );
|
2014-01-17 21:32:46 +00:00
|
|
|
|
2013-12-08 23:19:00 +00:00
|
|
|
return $reqs;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @param array $req HTTP request map
|
2014-01-17 21:32:46 +00:00
|
|
|
* @param array $opts
|
|
|
|
|
* - connTimeout : default connection timeout
|
|
|
|
|
* - reqTimeout : default request timeout
|
2013-12-08 23:19:00 +00:00
|
|
|
* @return resource
|
2014-12-24 13:49:20 +00:00
|
|
|
* @throws Exception
|
2013-12-08 23:19:00 +00:00
|
|
|
*/
|
2016-02-17 09:09:32 +00:00
|
|
|
protected function getCurlHandle( array &$req, array $opts = [] ) {
|
2013-12-08 23:19:00 +00:00
|
|
|
$ch = curl_init();
|
|
|
|
|
|
2014-01-17 21:32:46 +00:00
|
|
|
curl_setopt( $ch, CURLOPT_CONNECTTIMEOUT,
|
|
|
|
|
isset( $opts['connTimeout'] ) ? $opts['connTimeout'] : $this->connTimeout );
|
2014-12-24 00:18:40 +00:00
|
|
|
curl_setopt( $ch, CURLOPT_PROXY, isset( $req['proxy'] ) ? $req['proxy'] : $this->proxy );
|
2014-01-17 21:32:46 +00:00
|
|
|
curl_setopt( $ch, CURLOPT_TIMEOUT,
|
|
|
|
|
isset( $opts['reqTimeout'] ) ? $opts['reqTimeout'] : $this->reqTimeout );
|
2013-12-08 23:19:00 +00:00
|
|
|
curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1 );
|
|
|
|
|
curl_setopt( $ch, CURLOPT_MAXREDIRS, 4 );
|
|
|
|
|
curl_setopt( $ch, CURLOPT_HEADER, 0 );
|
|
|
|
|
if ( !is_null( $this->caBundlePath ) ) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, true );
|
|
|
|
|
curl_setopt( $ch, CURLOPT_CAINFO, $this->caBundlePath );
|
|
|
|
|
}
|
|
|
|
|
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 );
|
|
|
|
|
|
|
|
|
|
$url = $req['url'];
|
2016-10-02 05:25:06 +00:00
|
|
|
$query = http_build_query( $req['query'], '', '&', PHP_QUERY_RFC3986 );
|
2013-12-08 23:19:00 +00:00
|
|
|
if ( $query != '' ) {
|
|
|
|
|
$url .= strpos( $req['url'], '?' ) === false ? "?$query" : "&$query";
|
|
|
|
|
}
|
|
|
|
|
curl_setopt( $ch, CURLOPT_URL, $url );
|
|
|
|
|
|
|
|
|
|
curl_setopt( $ch, CURLOPT_CUSTOMREQUEST, $req['method'] );
|
|
|
|
|
if ( $req['method'] === 'HEAD' ) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_NOBODY, 1 );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( $req['method'] === 'PUT' ) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_PUT, 1 );
|
|
|
|
|
if ( is_resource( $req['body'] ) ) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_INFILE, $req['body'] );
|
|
|
|
|
if ( isset( $req['headers']['content-length'] ) ) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_INFILESIZE, $req['headers']['content-length'] );
|
|
|
|
|
} elseif ( isset( $req['headers']['transfer-encoding'] ) &&
|
|
|
|
|
$req['headers']['transfer-encoding'] === 'chunks'
|
|
|
|
|
) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_UPLOAD, true );
|
|
|
|
|
} else {
|
|
|
|
|
throw new Exception( "Missing 'Content-Length' or 'Transfer-Encoding' header." );
|
|
|
|
|
}
|
|
|
|
|
} elseif ( $req['body'] !== '' ) {
|
|
|
|
|
$fp = fopen( "php://temp", "wb+" );
|
|
|
|
|
fwrite( $fp, $req['body'], strlen( $req['body'] ) );
|
|
|
|
|
rewind( $fp );
|
|
|
|
|
curl_setopt( $ch, CURLOPT_INFILE, $fp );
|
|
|
|
|
curl_setopt( $ch, CURLOPT_INFILESIZE, strlen( $req['body'] ) );
|
|
|
|
|
$req['_closeHandle'] = $fp; // remember to close this later
|
|
|
|
|
} else {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_INFILESIZE, 0 );
|
|
|
|
|
}
|
|
|
|
|
curl_setopt( $ch, CURLOPT_READFUNCTION,
|
|
|
|
|
function ( $ch, $fd, $length ) {
|
|
|
|
|
$data = fread( $fd, $length );
|
|
|
|
|
$len = strlen( $data );
|
|
|
|
|
return $data;
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
} elseif ( $req['method'] === 'POST' ) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_POST, 1 );
|
SECURITY: Work around CURL insanity breaking POST parameters that start with '@'
CURL has a "feature" where passing array( 'foo' => '@bar' )
in CURLOPT_POSTFIELDS results in the contents of the file named "bar"
being POSTed. This makes it impossible to POST the literal string "@bar",
because array( 'foo' => '%40bar' ) gets double-encoded to foo=%2540bar.
Disable this "feature" by setting CURLOPT_SAFE_UPLOAD to true,
if available. According to the PHP manual, this option became
available in 5.5 and started defaulting to true in 5.6.
However, we support versions as low as 5.3, and this option
doesn't exist at all in 5.6.99-hhvm, which we run in production.
For versions where this option is not available (pre-5.5 versions
and HHVM), serialize POSTFIELDS arrays to strings. This works
around the issue because the '@' "feature" only works
for arrays, not strings, as of PHP 5.2. (We don't support pre-5.2
versions, and I've verified 5.6.99-hhvm behaves this way as well.)
Bug: T118032
Signed-off-by: Chad Horohoe <chadh@wikimedia.org>
Change-Id: I3f996e2eb87c7bd3b94ca9d3cc14a3e12f34f241
2015-11-06 20:55:16 +00:00
|
|
|
// Don't interpret POST parameters starting with '@' as file uploads, because this
|
|
|
|
|
// makes it impossible to POST plain values starting with '@' (and causes security
|
|
|
|
|
// issues potentially exposing the contents of local files).
|
|
|
|
|
// The PHP manual says this option was introduced in PHP 5.5 defaults to true in PHP 5.6,
|
|
|
|
|
// but we support lower versions, and the option doesn't exist in HHVM 5.6.99.
|
|
|
|
|
if ( defined( 'CURLOPT_SAFE_UPLOAD' ) ) {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_SAFE_UPLOAD, true );
|
|
|
|
|
} elseif ( is_array( $req['body'] ) ) {
|
|
|
|
|
// In PHP 5.2 and later, '@' is interpreted as a file upload if POSTFIELDS
|
|
|
|
|
// is an array, but not if it's a string. So convert $req['body'] to a string
|
|
|
|
|
// for safety.
|
2016-09-21 06:10:54 +00:00
|
|
|
$req['body'] = http_build_query( $req['body'] );
|
SECURITY: Work around CURL insanity breaking POST parameters that start with '@'
CURL has a "feature" where passing array( 'foo' => '@bar' )
in CURLOPT_POSTFIELDS results in the contents of the file named "bar"
being POSTed. This makes it impossible to POST the literal string "@bar",
because array( 'foo' => '%40bar' ) gets double-encoded to foo=%2540bar.
Disable this "feature" by setting CURLOPT_SAFE_UPLOAD to true,
if available. According to the PHP manual, this option became
available in 5.5 and started defaulting to true in 5.6.
However, we support versions as low as 5.3, and this option
doesn't exist at all in 5.6.99-hhvm, which we run in production.
For versions where this option is not available (pre-5.5 versions
and HHVM), serialize POSTFIELDS arrays to strings. This works
around the issue because the '@' "feature" only works
for arrays, not strings, as of PHP 5.2. (We don't support pre-5.2
versions, and I've verified 5.6.99-hhvm behaves this way as well.)
Bug: T118032
Signed-off-by: Chad Horohoe <chadh@wikimedia.org>
Change-Id: I3f996e2eb87c7bd3b94ca9d3cc14a3e12f34f241
2015-11-06 20:55:16 +00:00
|
|
|
}
|
2013-12-08 23:19:00 +00:00
|
|
|
curl_setopt( $ch, CURLOPT_POSTFIELDS, $req['body'] );
|
|
|
|
|
} else {
|
|
|
|
|
if ( is_resource( $req['body'] ) || $req['body'] !== '' ) {
|
|
|
|
|
throw new Exception( "HTTP body specified for a non PUT/POST request." );
|
|
|
|
|
}
|
|
|
|
|
$req['headers']['content-length'] = 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-06 01:07:29 +00:00
|
|
|
if ( !isset( $req['headers']['user-agent'] ) ) {
|
2015-10-06 22:26:59 +00:00
|
|
|
$req['headers']['user-agent'] = $this->userAgent;
|
2015-10-06 01:07:29 +00:00
|
|
|
}
|
|
|
|
|
|
2016-02-17 09:09:32 +00:00
|
|
|
$headers = [];
|
2013-12-08 23:19:00 +00:00
|
|
|
foreach ( $req['headers'] as $name => $value ) {
|
|
|
|
|
if ( strpos( $name, ': ' ) ) {
|
|
|
|
|
throw new Exception( "Headers cannot have ':' in the name." );
|
|
|
|
|
}
|
|
|
|
|
$headers[] = $name . ': ' . trim( $value );
|
|
|
|
|
}
|
|
|
|
|
curl_setopt( $ch, CURLOPT_HTTPHEADER, $headers );
|
|
|
|
|
|
|
|
|
|
curl_setopt( $ch, CURLOPT_HEADERFUNCTION,
|
|
|
|
|
function ( $ch, $header ) use ( &$req ) {
|
2014-04-20 08:40:06 +00:00
|
|
|
if ( !empty( $req['flags']['relayResponseHeaders'] ) ) {
|
|
|
|
|
header( $header );
|
|
|
|
|
}
|
2013-12-08 23:19:00 +00:00
|
|
|
$length = strlen( $header );
|
2016-02-17 09:09:32 +00:00
|
|
|
$matches = [];
|
2013-12-08 23:19:00 +00:00
|
|
|
if ( preg_match( "/^(HTTP\/1\.[01]) (\d{3}) (.*)/", $header, $matches ) ) {
|
|
|
|
|
$req['response']['code'] = (int)$matches[2];
|
|
|
|
|
$req['response']['reason'] = trim( $matches[3] );
|
|
|
|
|
return $length;
|
|
|
|
|
}
|
|
|
|
|
if ( strpos( $header, ":" ) === false ) {
|
|
|
|
|
return $length;
|
|
|
|
|
}
|
|
|
|
|
list( $name, $value ) = explode( ":", $header, 2 );
|
|
|
|
|
$req['response']['headers'][strtolower( $name )] = trim( $value );
|
|
|
|
|
return $length;
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if ( isset( $req['stream'] ) ) {
|
|
|
|
|
// Don't just use CURLOPT_FILE as that might give:
|
|
|
|
|
// curl_setopt(): cannot represent a stream of type Output as a STDIO FILE*
|
|
|
|
|
// The callback here handles both normal files and php://temp handles.
|
|
|
|
|
curl_setopt( $ch, CURLOPT_WRITEFUNCTION,
|
|
|
|
|
function ( $ch, $data ) use ( &$req ) {
|
|
|
|
|
return fwrite( $req['stream'], $data );
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
curl_setopt( $ch, CURLOPT_WRITEFUNCTION,
|
|
|
|
|
function ( $ch, $data ) use ( &$req ) {
|
|
|
|
|
$req['response']['body'] .= $data;
|
|
|
|
|
return strlen( $data );
|
|
|
|
|
}
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $ch;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return resource
|
|
|
|
|
*/
|
|
|
|
|
protected function getCurlMulti() {
|
|
|
|
|
if ( !$this->multiHandle ) {
|
2014-01-17 21:32:46 +00:00
|
|
|
$cmh = curl_multi_init();
|
2016-10-02 05:25:06 +00:00
|
|
|
curl_multi_setopt( $cmh, CURLMOPT_PIPELINING, (int)$this->usePipelining );
|
|
|
|
|
curl_multi_setopt( $cmh, CURLMOPT_MAXCONNECTS, (int)$this->maxConnsPerHost );
|
2014-01-17 21:32:46 +00:00
|
|
|
$this->multiHandle = $cmh;
|
2013-12-08 23:19:00 +00:00
|
|
|
}
|
|
|
|
|
return $this->multiHandle;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function __destruct() {
|
|
|
|
|
if ( $this->multiHandle ) {
|
|
|
|
|
curl_multi_close( $this->multiHandle );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
