config = $config; $this->_parseProxyInfo(); } /** * @access private */ function _parseProxyInfo() { $this->proxy_host = $this->proxy_port = $this->proxy_user = $this->proxy_pass = ''; if ($this->config->get('http_proxy')&& $proxy = parse_url($this->config->get('http_proxy')) ) { $this->proxy_host = isset($proxy['host']) ? $proxy['host'] : null; $this->proxy_port = isset($proxy['port']) ? $proxy['port'] : 8080; $this->proxy_user = isset($proxy['user']) ? urldecode($proxy['user']) : null; $this->proxy_pass = isset($proxy['pass']) ? urldecode($proxy['pass']) : null; $this->proxy_schema = (isset($proxy['scheme']) && $proxy['scheme'] == 'https') ? 'https' : 'http'; } } /** * @access private */ function _httpConnect($fp, $host, $port) { fwrite($fp, "CONNECT $host:$port HTTP/1.1\r\n"); fwrite($fp, "Host: $host:$port\r\n"); if ($this->getProxyAuth()) { fwrite($fp, 'Proxy-Authorization: Basic ' . $this->getProxyAuth() . "\r\n"); } fwrite($fp, "\r\n"); while ($line = trim(fgets($fp, 1024))) { if (preg_match('|^HTTP/1.[01] ([0-9]{3}) |', $line, $matches)) { $code = (int)$matches[1]; /* as per RFC 2817 */ if ($code < 200 || $code >= 300) { return PEAR::raiseError("Establishing a CONNECT tunnel through proxy failed with response code $code"); } } } // connection was successful -- establish SSL through // the tunnel $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT; if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) { $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT; $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT; } // set the correct hostname for working hostname // verification stream_context_set_option($fp, 'ssl', 'peer_name', $host); // blocking socket needed for // stream_socket_enable_crypto() // see // stream_set_blocking ($fp, true); $crypto_res = stream_socket_enable_crypto($fp, true, $crypto_method); if (!$crypto_res) { return PEAR::raiseError("Could not establish SSL connection through proxy: $crypto_res"); } return true; } /** * get the authorization information for the proxy, encoded to be * passed in the Proxy-Authentication HTTP header. * @return null|string the encoded authentication information if a * proxy and authentication is configured, null * otherwise. */ function getProxyAuth() { if ($this->isProxyConfigured() && $this->proxy_user != '') { return base64_encode($this->proxy_user . ':' . $this->proxy_pass); } return null; } function getProxyUser() { return $this->proxy_user; } /** * Check if we are configured to use a proxy. * * @return boolean true if we are configured to use a proxy, false * otherwise. * @access public */ function isProxyConfigured() { return $this->proxy_host != ''; } /** * Open a socket to a remote server, possibly involving a HTTP * proxy. * * If an HTTP proxy has been configured (http_proxy PEAR_Config * setting), the proxy will be used. * * @param string $host the host to connect to * @param string $port the port to connect to * @param boolean $secure if true, establish a secure connection * using TLS. * @access public */ function openSocket($host, $port, $secure = false) { if ($this->isProxyConfigured()) { $fp = @fsockopen( $this->proxy_host, $this->proxy_port, $errno, $errstr, 15 ); if (!$fp) { return PEAR::raiseError("Connection to the proxy failed: $errstr", -9276); } /* HTTPS is to be used and we have a proxy, use CONNECT verb */ if ($secure) { $res = $this->_httpConnect($fp, $host, $port); if (PEAR::isError($res)) { return $res; } } } else { if ($secure) { $host = 'ssl://' . $host; } $fp = @fsockopen($host, $port, $errno, $errstr); if (!$fp) { return PEAR::raiseError("Connection to `$host:$port' failed: $errstr", $errno); } } return $fp; } }