diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2014-02-11 23:01:29 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2014-02-11 23:02:44 +0100 |
| commit | 2bbe40cf8802bbc3bbf83d454cc294080ebaf241 (patch) | |
| tree | 6e2b825a13b733c6496bdefbb130385dd900ae9f | |
| parent | 44e51f2fde494e6183b60153246c72bacef88ad7 (diff) | |
| download | rpg-2bbe40cf8802bbc3bbf83d454cc294080ebaf241.tar.gz rpg-2bbe40cf8802bbc3bbf83d454cc294080ebaf241.tar.bz2 | |
HTTPClient: correctly abort a proxy connection
if a needed CONNECT tunnel fails
| -rw-r--r-- | _test/tests/inc/httpclient_http_proxy.test.php | 1 | ||||
| -rw-r--r-- | _test/tests/inc/httpclient_https_proxy.test.php | 15 | ||||
| -rw-r--r-- | inc/HTTPClient.php | 23 |
3 files changed, 31 insertions, 8 deletions
diff --git a/_test/tests/inc/httpclient_http_proxy.test.php b/_test/tests/inc/httpclient_http_proxy.test.php index 61228ad94..c44dc7ed7 100644 --- a/_test/tests/inc/httpclient_http_proxy.test.php +++ b/_test/tests/inc/httpclient_http_proxy.test.php @@ -18,5 +18,4 @@ class httpclient_http_proxy_test extends DokuWikiTest { $this->assertFalse($data === false, 'HTTP response '.$http->error); $this->assertTrue(strpos($data,'DokuWiki') !== false, 'response content'); } - }
\ No newline at end of file diff --git a/_test/tests/inc/httpclient_https_proxy.test.php b/_test/tests/inc/httpclient_https_proxy.test.php index aca3b3be2..9402e91af 100644 --- a/_test/tests/inc/httpclient_https_proxy.test.php +++ b/_test/tests/inc/httpclient_https_proxy.test.php @@ -12,4 +12,19 @@ class httpclient_https_proxy_test extends httpclient_http_proxy_test { } parent::setUp(); } + + /** + * @group internet + */ + function test_connectfail(){ + $http = new HTTPMockClient(); + // proxy provided by Andrwe Lord Weber <dokuwiki@andrwe.org> + $http->proxy_host = 'proxy.andrwe.org'; + $http->proxy_port = 8080; + + // the proxy accepts connections to dokuwiki.org only - the connect call should fail + $data = $http->get('https://www.google.com'); + $this->assertFalse($data); + $this->assertEquals(-150, $http->status); + } }
\ No newline at end of file diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php index 96954fb47..2226103b3 100644 --- a/inc/HTTPClient.php +++ b/inc/HTTPClient.php @@ -304,11 +304,18 @@ class HTTPClient { } // try establish a CONNECT tunnel for SSL - if($this->_ssltunnel($socket, $request_url)){ - // no keep alive for tunnels - $this->keep_alive = false; - // tunnel is authed already - if(isset($headers['Proxy-Authentication'])) unset($headers['Proxy-Authentication']); + try { + if($this->_ssltunnel($socket, $request_url)){ + // no keep alive for tunnels + $this->keep_alive = false; + // tunnel is authed already + if(isset($headers['Proxy-Authentication'])) unset($headers['Proxy-Authentication']); + } + } catch (HTTPClientException $e) { + $this->status = $e->getCode(); + $this->error = $e->getMessage(); + fclose($socket); + return false; } // keep alive? @@ -363,7 +370,7 @@ class HTTPClient { // get Status if (!preg_match('/^HTTP\/(\d\.\d)\s*(\d+).*?\n/', $r_headers, $m)) - throw new HTTPClientException('Server returned bad answer'); + throw new HTTPClientException('Server returned bad answer '.$r_headers); $this->status = $m[2]; @@ -526,6 +533,7 @@ class HTTPClient { * * @param resource &$socket * @param string &$requesturl + * @throws HTTPClientException when a tunnel is needed but could not be established * @return bool true if a tunnel was established */ function _ssltunnel(&$socket, &$requesturl){ @@ -559,7 +567,8 @@ class HTTPClient { return true; } } - return false; + + throw new HTTPClientException('Failed to establish secure proxy connection', -150); } /** |