X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;ds=sidebyside;f=lib%2Fxmlrpc.inc;h=7123184ab7ee72ce9684512a5056b83078b47be1;hb=fa9fa7bcea0b663f147e2044ecc320acee36bd59;hp=e5be7f7c858315e2a7ba51c467183b7e06e4d363;hpb=4d3f0dd566fa18a47ffc4e7e46e6c51785f56013;p=plcapi.git
diff --git a/lib/xmlrpc.inc b/lib/xmlrpc.inc
index e5be7f7..7123184 100644
--- a/lib/xmlrpc.inc
+++ b/lib/xmlrpc.inc
@@ -208,7 +208,7 @@
$GLOBALS['xmlrpc_internalencoding']='ISO-8859-1';
$GLOBALS['xmlrpcName']='XML-RPC for PHP';
- $GLOBALS['xmlrpcVersion']='3.0.0';
+ $GLOBALS['xmlrpcVersion']='3.1.0';
// let user errors start at 800
$GLOBALS['xmlrpcerruser']=800;
@@ -225,7 +225,7 @@
// set to TRUE to enable encoding of php NULL values to instead of
$GLOBALS['xmlrpc_null_apache_encoding']=false;
- $GLOBALS['xmlrpc_null_apache_encoding_ns']='http://ws.apache.org/xmlrpc/namespaces/extensions';
+ $GLOBALS['xmlrpc_null_apache_encoding_ns']='http://ws.apache.org/xmlrpc/namespaces/extensions';
// used to store state during parsing
// quick explanation of components:
@@ -821,6 +821,7 @@
var $keypass='';
var $verifypeer=true;
var $verifyhost=1;
+ var $sslversion=0; // corresponds to CURL_SSLVERSION_DEFAULT
var $no_multicall=false;
var $proxy='';
var $proxyport=0;
@@ -872,7 +873,7 @@
* @param integer $port the port the server is listening on, defaults to 80 or 443 depending on protocol used
* @param string $method the http protocol variant: defaults to 'http', 'https' and 'http11' can be used if CURL is installed
*/
- function xmlrpc_client($path, $server='', $port='', $method='')
+ function __construct($path, $server='', $port='', $method='')
{
// allow user to specify all params in $path
if($server == '' and $port == '' and $method == '')
@@ -942,6 +943,14 @@
$this->user_agent = $GLOBALS['xmlrpcName'] . ' ' . $GLOBALS['xmlrpcVersion'];
}
+ /**
+ * @deprecated
+ */
+ function xmlrpc_client($path, $server='', $port='', $method='')
+ {
+ self::__construct($path, $server, $port, $method);
+ }
+
/**
* Enables/disables the echoing to screen of the xmlrpc responses received
* @param integer $in values 0, 1 and 2 are supported (2 = echo sent msg too, before received response)
@@ -1031,6 +1040,16 @@
$this->verifyhost = $i;
}
+ /**
+ * Set attributes for SSL communication: SSL version to use. Best left at 0 (default value ): let cURL decide
+ *
+ * @param int $i
+ */
+ public function setSSLVersion($i)
+ {
+ $this->sslversion = $i;
+ }
+
/**
* Set proxy info
* @param string $proxyhost
@@ -1182,7 +1201,8 @@
$this->proxy_authtype,
$this->keepalive,
$this->key,
- $this->keypass
+ $this->keypass,
+ $this->sslversion
);
}
elseif($method == 'http11')
@@ -1423,11 +1443,11 @@
function &sendPayloadHTTPS($msg, $server, $port, $timeout=0, $username='',
$password='', $authtype=1, $cert='',$certpass='', $cacert='', $cacertdir='',
$proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1,
- $keepalive=false, $key='', $keypass='')
+ $keepalive=false, $key='', $keypass='', $sslVersion = 0)
{
$r =& $this->sendPayloadCURL($msg, $server, $port, $timeout, $username,
$password, $authtype, $cert, $certpass, $cacert, $cacertdir, $proxyhost, $proxyport,
- $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass);
+ $proxyusername, $proxypassword, $proxyauthtype, 'https', $keepalive, $key, $keypass, $sslVersion);
return $r;
}
@@ -1440,7 +1460,7 @@
function &sendPayloadCURL($msg, $server, $port, $timeout=0, $username='',
$password='', $authtype=1, $cert='', $certpass='', $cacert='', $cacertdir='',
$proxyhost='', $proxyport=0, $proxyusername='', $proxypassword='', $proxyauthtype=1, $method='https',
- $keepalive=false, $key='', $keypass='')
+ $keepalive=false, $key='', $keypass='', $sslVersion = 0)
{
if(!function_exists('curl_init'))
{
@@ -1622,14 +1642,16 @@
curl_setopt($curl, CURLOPT_SSLKEYPASSWD, $keypass);
}
- // Upgrade transparently to more stringent check for versions of php which do not support otherwise.
- // Doing it in constructor would be cleaner; doing it here saves us a couple of function calls
- if($this->verifyhost == 1 && $info = curl_version() && version_compare($info['version'], '7.28.1') >= 0)
- {
- $this->verifyhost = 2;
- }
+ // Upgrade transparently to more stringent check for versions of php which do not support otherwise.
+ // Doing it in constructor would be cleaner; doing it here saves us a couple of function calls
+ if($this->verifyhost == 1 && $info = curl_version() && version_compare($info['version'], '7.28.1') >= 0)
+ {
+ $this->verifyhost = 2;
+ }
// whether to verify cert's common name (CN); 0 for no, 1 to verify that it exists, and 2 to verify that it matches the hostname used
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, $this->verifyhost);
+ // allow usage of different SSL versions
+ curl_setopt($curl, CURLOPT_SSLVERSION, $sslVersion);
}
// proxy info
@@ -1707,12 +1729,12 @@
curl_close($curl);
}
$resp =& $msg->parseResponse($result, true, $this->return_type);
- // if we got back a 302, we can not reuse the curl handle for later calls
- if($resp->faultCode() == $GLOBALS['xmlrpcerr']['http_error'] && $keepalive)
- {
- curl_close($curl);
- $this->xmlrpc_curl_handle = null;
- }
+ // if we got back a 302, we can not reuse the curl handle for later calls
+ if($resp->faultCode() == $GLOBALS['xmlrpcerr']['http_error'] && $keepalive)
+ {
+ curl_close($curl);
+ $this->xmlrpc_curl_handle = null;
+ }
}
return $resp;
}
@@ -1968,7 +1990,7 @@
* NB: as of now we do not do it, since it might be either an xmlrpcval or a plain
* php val, or a complete xml chunk, depending on usage of xmlrpc_client::send() inside which creator is called...
*/
- function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='')
+ function __construct($val, $fcode = 0, $fstr = '', $valtyp='')
{
if($fcode != 0)
{
@@ -2006,6 +2028,14 @@
}
}
+ /**
+ * @deprecated
+ */
+ function xmlrpcresp($val, $fcode = 0, $fstr = '', $valtyp='')
+ {
+ self::__construct($val, $fcode, $fstr, $valtyp);
+ }
+
/**
* Returns the error code of the response.
* @return integer the error code of this response (0 for not-error responses)
@@ -2123,7 +2153,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
* @param string $meth the name of the method to invoke
* @param array $pars array of parameters to be passed to the method (xmlrpcval objects)
*/
- function xmlrpcmsg($meth, $pars=0)
+ function __construct($meth, $pars=0)
{
$this->methodname=$meth;
if(is_array($pars) && count($pars)>0)
@@ -2135,6 +2165,14 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
}
+ /**
+ * @deprecated
+ */
+ function xmlrpcmsg($meth, $pars=0)
+ {
+ self::__construct($meth, $pars);
+ }
+
/**
* @access private
*/
@@ -2176,7 +2214,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
else
$this->content_type = 'text/xml';
$this->payload=$this->xml_header($charset_encoding);
- $this->payload.='' . $this->methodname . "\n";
+ $this->payload.='' . xmlrpc_encode_entitites($this->methodname, $GLOBALS['xmlrpc_internalencoding'], $charset_encoding) . "\n";
$this->payload.="\n";
for($i=0; $iparams); $i++)
{
@@ -2415,7 +2453,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
{
if ($tag != 'value')
{
- $GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val;
+ $GLOBALS['_xh']['cookies'][$cookiename][$tag] = $val;
}
}
}
@@ -2599,17 +2637,24 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$GLOBALS['_xh']['isf_reason']='';
$GLOBALS['_xh']['rt']=''; // 'methodcall or 'methodresponse'
- // if response charset encoding is not known / supported, try to use
- // the default encoding and parse the xml anyway, but log a warning...
- if (!in_array($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
- // the following code might be better for mb_string enabled installs, but
+ // Since parsing will fail if charset is not specified in the xml prologue,
+ // the encoding is not UTF8 and there are non-ascii chars in the text, we try to work round that...
+ // The following code might be better for mb_string enabled installs, but
// makes the lib about 200% slower...
- //if (!is_valid_charset($resp_encoding, array('UTF-8', 'ISO-8859-1', 'US-ASCII')))
- {
- error_log('XML-RPC: '.__METHOD__.': invalid charset encoding of received response: '.$resp_encoding);
- $resp_encoding = $GLOBALS['xmlrpc_defencoding'];
+ //if (!is_valid_charset($resp_encoding, array('UTF-8')))
+ if (!in_array($resp_encoding, array('UTF-8', 'US-ASCII')) && !has_encoding($data)) {
+ if ($resp_encoding == 'ISO-8859-1') {
+ $data = utf8_encode($data);
+ } else {
+ if (extension_loaded('mbstring')) {
+ $data = mb_convert_encoding($data, 'UTF-8', $resp_encoding);
+ } else {
+ error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $resp_encoding);
+ }
+ }
}
- $parser = xml_parser_create($resp_encoding);
+
+ $parser = xml_parser_create();
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// G. Giunta 2005/02/13: PHP internally uses ISO-8859-1, so we have to tell
// the xml parser to give us back data in the expected charset.
@@ -2748,7 +2793,7 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
* @param mixed $val
* @param string $type any valid xmlrpc type name (lowercase). If null, 'string' is assumed
*/
- function xmlrpcval($val=-1, $type='')
+ function __construct($val=-1, $type='')
{
/// @todo: optimization creep - do not call addXX, do it all inline.
/// downside: booleans will not be coerced anymore
@@ -2802,6 +2847,14 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
}
+ /**
+ * @deprecated
+ */
+ function xmlrpcval($val=-1, $type='')
+ {
+ self::__construct($val, $type);
+ }
+
/**
* Add a single php value to an (unitialized) xmlrpcval
* @param mixed $val
@@ -3566,7 +3619,27 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
$GLOBALS['_xh']['isf_reason'] = '';
$GLOBALS['_xh']['method'] = false;
$GLOBALS['_xh']['rt'] = '';
- /// @todo 'guestimate' encoding
+
+ // 'guestimate' encoding
+ $val_encoding = guess_encoding('', $xml_val);
+
+ // Since parsing will fail if charset is not specified in the xml prologue,
+ // the encoding is not UTF8 and there are non-ascii chars in the text, we try to work round that...
+ // The following code might be better for mb_string enabled installs, but
+ // makes the lib about 200% slower...
+ //if (!is_valid_charset($val_encoding, array('UTF-8')))
+ if (!in_array($val_encoding, array('UTF-8', 'US-ASCII')) && !has_encoding($xml_val)) {
+ if ($val_encoding == 'ISO-8859-1') {
+ $xml_val = utf8_encode($xml_val);
+ } else {
+ if (extension_loaded('mbstring')) {
+ $xml_val = mb_convert_encoding($xml_val, 'UTF-8', $val_encoding);
+ } else {
+ error_log('XML-RPC: ' . __METHOD__ . ': invalid charset encoding of received request: ' . $val_encoding);
+ }
+ }
+ }
+
$parser = xml_parser_create();
xml_parser_set_option($parser, XML_OPTION_CASE_FOLDING, true);
// What if internal encoding is not in one of the 3 allowed?
@@ -3779,6 +3852,43 @@ xmlrpc_encode_entitites($this->errstr, $GLOBALS['xmlrpc_internalencoding'], $cha
}
}
+ /**
+ * Helper function: checks if an xml chunk as a charset declaration (BOM or in the xml declaration)
+ *
+ * @param string $xmlChunk
+ * @return bool
+ */
+ function has_encoding($xmlChunk)
+ {
+ // scan the first bytes of the data for a UTF-16 (or other) BOM pattern
+ // (source: http://www.w3.org/TR/2000/REC-xml-20001006)
+ if (preg_match('/^(\x00\x00\xFE\xFF|\xFF\xFE\x00\x00|\x00\x00\xFF\xFE|\xFE\xFF\x00\x00)/', $xmlChunk))
+ {
+ return true;
+ }
+ elseif (preg_match('/^(\xFE\xFF|\xFF\xFE)/', $xmlChunk))
+ {
+ return true;
+ }
+ elseif (preg_match('/^(\xEF\xBB\xBF)/', $xmlChunk))
+ {
+ return true;
+ }
+
+ // test if encoding is specified in the xml declaration
+ // Details:
+ // SPACE: (#x20 | #x9 | #xD | #xA)+ === [ \x9\xD\xA]+
+ // EQ: SPACE?=SPACE? === [ \x9\xD\xA]*=[ \x9\xD\xA]*
+ if (preg_match('/^<\?xml\s+version\s*=\s*' . "((?:\"[a-zA-Z0-9_.:-]+\")|(?:'[a-zA-Z0-9_.:-]+'))" .
+ '\s+encoding\s*=\s*' . "((?:\"[A-Za-z][A-Za-z0-9._-]*\")|(?:'[A-Za-z][A-Za-z0-9._-]*'))/",
+ $xmlChunk, $matches))
+ {
+ return true;
+ }
+
+ return false;
+ }
+
/**
* Checks if a given charset encoding is present in a list of encodings or
* if it is a valid subset of any encoding in the list