From 2d920e05d563c9c327cf235b31ce18dfc4a83870 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 29 Jun 2010 10:24:48 -0400 Subject: Update the (formerly) Janrain OpenID library to 2.2.2 -- bug fixes including PHP 5.3 compatibility fix. Upstream release was tagged at: http://github.com/openid/php-openid/commit/a287b2d85e753c84b3b883ed8ee3ffe8692c8477 --- extlib/Auth/Yadis/HTTPFetcher.php | 33 ++++++++++++++++-- extlib/Auth/Yadis/Manager.php | 20 ++++------- extlib/Auth/Yadis/Misc.php | 1 - extlib/Auth/Yadis/ParanoidHTTPFetcher.php | 29 +++++++++++++--- extlib/Auth/Yadis/ParseHTML.php | 1 - extlib/Auth/Yadis/PlainHTTPFetcher.php | 3 +- extlib/Auth/Yadis/XML.php | 56 ++++++++++--------------------- extlib/Auth/Yadis/XRDS.php | 16 ++++----- extlib/Auth/Yadis/XRI.php | 4 +-- extlib/Auth/Yadis/XRIRes.php | 6 ++-- extlib/Auth/Yadis/Yadis.php | 20 +++++------ 11 files changed, 101 insertions(+), 88 deletions(-) (limited to 'extlib/Auth/Yadis') diff --git a/extlib/Auth/Yadis/HTTPFetcher.php b/extlib/Auth/Yadis/HTTPFetcher.php index 963b9a49a..148cde1b2 100644 --- a/extlib/Auth/Yadis/HTTPFetcher.php +++ b/extlib/Auth/Yadis/HTTPFetcher.php @@ -115,12 +115,40 @@ class Auth_Yadis_HTTPFetcher { /** * @access private */ - function _findRedirect($headers) + function _findRedirect($headers, $url) { foreach ($headers as $line) { if (strpos(strtolower($line), "location: ") === 0) { $parts = explode(" ", $line, 2); - return $parts[1]; + $loc = $parts[1]; + $ppos = strpos($loc, "://"); + if ($ppos === false || $ppos > strpos($loc, "/")) { + /* no host; add it */ + $hpos = strpos($url, "://"); + $prt = substr($url, 0, $hpos+3); + $url = substr($url, $hpos+3); + if (substr($loc, 0, 1) == "/") { + /* absolute path */ + $fspos = strpos($url, "/"); + if ($fspos) $loc = $prt.substr($url, 0, $fspos).$loc; + else $loc = $prt.$url.$loc; + } else { + /* relative path */ + $pp = $prt; + while (1) { + $xpos = strpos($url, "/"); + if ($xpos === false) break; + $apos = strpos($url, "?"); + if ($apos !== false && $apos < $xpos) break; + $apos = strpos($url, "&"); + if ($apos !== false && $apos < $xpos) break; + $pp .= substr($url, 0, $xpos+1); + $url = substr($url, $xpos+1); + } + $loc = $pp.$loc; + } + } + return $loc; } } return null; @@ -144,4 +172,3 @@ class Auth_Yadis_HTTPFetcher { } } -?> \ No newline at end of file diff --git a/extlib/Auth/Yadis/Manager.php b/extlib/Auth/Yadis/Manager.php index d50cf7ad6..ee6f68bcb 100644 --- a/extlib/Auth/Yadis/Manager.php +++ b/extlib/Auth/Yadis/Manager.php @@ -387,11 +387,11 @@ class Auth_Yadis_Discovery { * @param string $session_key_suffix The optional session key * suffix override. */ - function Auth_Yadis_Discovery(&$session, $url, + function Auth_Yadis_Discovery($session, $url, $session_key_suffix = null) { /// Initialize a discovery object - $this->session =& $session; + $this->session = $session; $this->url = $url; if ($session_key_suffix === null) { $session_key_suffix = $this->DEFAULT_SUFFIX; @@ -405,7 +405,7 @@ class Auth_Yadis_Discovery { * Return the next authentication service for the pair of * user_input and session. This function handles fallback. */ - function getNextService($discover_cb, &$fetcher) + function getNextService($discover_cb, $fetcher) { $manager = $this->getManager(); if (!$manager || (!$manager->services)) { @@ -413,7 +413,7 @@ class Auth_Yadis_Discovery { list($yadis_url, $services) = call_user_func($discover_cb, $this->url, - $fetcher); + &$fetcher); $manager = $this->createManager($services, $yadis_url); } @@ -466,7 +466,7 @@ class Auth_Yadis_Discovery { * @param $force True if the manager should be returned regardless * of whether it's a manager for $this->url. */ - function &getManager($force=false) + function getManager($force=false) { // Extract the YadisServiceManager for this object's URL and // suffix from the session. @@ -481,16 +481,13 @@ class Auth_Yadis_Discovery { if ($manager && ($manager->forURL($this->url) || $force)) { return $manager; - } else { - $unused = null; - return $unused; } } /** * @access private */ - function &createManager($services, $yadis_url = null) + function createManager($services, $yadis_url = null) { $key = $this->getSessionKey(); if ($this->getManager()) { @@ -504,10 +501,6 @@ class Auth_Yadis_Discovery { $this->session->set($this->session_key, serialize($loader->toSession($manager))); return $manager; - } else { - // Oh, PHP. - $unused = null; - return $unused; } } @@ -526,4 +519,3 @@ class Auth_Yadis_Discovery { } } -?> \ No newline at end of file diff --git a/extlib/Auth/Yadis/Misc.php b/extlib/Auth/Yadis/Misc.php index 1134a4ff4..a5afa8e9a 100644 --- a/extlib/Auth/Yadis/Misc.php +++ b/extlib/Auth/Yadis/Misc.php @@ -56,4 +56,3 @@ function Auth_Yadis_startswith($s, $stuff) return strpos($s, $stuff) === 0; } -?> \ No newline at end of file diff --git a/extlib/Auth/Yadis/ParanoidHTTPFetcher.php b/extlib/Auth/Yadis/ParanoidHTTPFetcher.php index 6a418260e..4da7c94c0 100644 --- a/extlib/Auth/Yadis/ParanoidHTTPFetcher.php +++ b/extlib/Auth/Yadis/ParanoidHTTPFetcher.php @@ -109,9 +109,9 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher { } curl_setopt($c, CURLOPT_WRITEFUNCTION, - array(&$this, "_writeData")); + array($this, "_writeData")); curl_setopt($c, CURLOPT_HEADERFUNCTION, - array(&$this, "_writeHeader")); + array($this, "_writeHeader")); if ($extra_headers) { curl_setopt($c, CURLOPT_HTTPHEADER, $extra_headers); @@ -128,6 +128,10 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher { curl_setopt($c, CURLOPT_TIMEOUT, $off); curl_setopt($c, CURLOPT_URL, $url); + if (defined('Auth_OpenID_VERIFY_HOST')) { + curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2); + } curl_exec($c); $code = curl_getinfo($c, CURLINFO_HTTP_CODE); @@ -142,12 +146,17 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher { } if (in_array($code, array(301, 302, 303, 307))) { - $url = $this->_findRedirect($headers); + $url = $this->_findRedirect($headers, $url); $redir = true; } else { $redir = false; curl_close($c); + if (defined('Auth_OpenID_VERIFY_HOST') && + $this->isHTTPS($url)) { + Auth_OpenID::log('OpenID: Verified SSL host %s using '. + 'curl/get', $url); + } $new_headers = array(); foreach ($headers as $header) { @@ -190,7 +199,12 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher { curl_setopt($c, CURLOPT_TIMEOUT, $this->timeout); curl_setopt($c, CURLOPT_URL, $url); curl_setopt($c, CURLOPT_WRITEFUNCTION, - array(&$this, "_writeData")); + array($this, "_writeData")); + + if (defined('Auth_OpenID_VERIFY_HOST')) { + curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2); + } curl_exec($c); @@ -198,9 +212,15 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher { if (!$code) { Auth_OpenID::log("Got no response code when fetching %s", $url); + Auth_OpenID::log("CURL error (%s): %s", + curl_errno($c), curl_error($c)); return null; } + if (defined('Auth_OpenID_VERIFY_HOST') && $this->isHTTPS($url)) { + Auth_OpenID::log('OpenID: Verified SSL host %s using '. + 'curl/post', $url); + } $body = $this->data; curl_close($c); @@ -223,4 +243,3 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher { } } -?> \ No newline at end of file diff --git a/extlib/Auth/Yadis/ParseHTML.php b/extlib/Auth/Yadis/ParseHTML.php index 297ccbd2c..6f0f8b7e2 100644 --- a/extlib/Auth/Yadis/ParseHTML.php +++ b/extlib/Auth/Yadis/ParseHTML.php @@ -256,4 +256,3 @@ class Auth_Yadis_ParseHTML { } } -?> \ No newline at end of file diff --git a/extlib/Auth/Yadis/PlainHTTPFetcher.php b/extlib/Auth/Yadis/PlainHTTPFetcher.php index 3e0ca2bb0..26890539a 100644 --- a/extlib/Auth/Yadis/PlainHTTPFetcher.php +++ b/extlib/Auth/Yadis/PlainHTTPFetcher.php @@ -122,7 +122,7 @@ class Auth_Yadis_PlainHTTPFetcher extends Auth_Yadis_HTTPFetcher { $code = $http_code[1]; if (in_array($code, array('301', '302'))) { - $url = $this->_findRedirect($headers); + $url = $this->_findRedirect($headers, $url); $redir = true; } else { $redir = false; @@ -246,4 +246,3 @@ class Auth_Yadis_PlainHTTPFetcher extends Auth_Yadis_HTTPFetcher { } } -?> \ No newline at end of file diff --git a/extlib/Auth/Yadis/XML.php b/extlib/Auth/Yadis/XML.php index 81b2ce221..cf1f5c41b 100644 --- a/extlib/Auth/Yadis/XML.php +++ b/extlib/Auth/Yadis/XML.php @@ -310,20 +310,16 @@ $__Auth_Yadis_defaultParser = null; * @param Auth_Yadis_XMLParser $parser An instance of a * Auth_Yadis_XMLParser subclass. */ -function Auth_Yadis_setDefaultParser(&$parser) +function Auth_Yadis_setDefaultParser($parser) { global $__Auth_Yadis_defaultParser; - $__Auth_Yadis_defaultParser =& $parser; + $__Auth_Yadis_defaultParser = $parser; } function Auth_Yadis_getSupportedExtensions() { - return array( - 'dom' => array('classname' => 'Auth_Yadis_dom', - 'libname' => array('dom.so', 'dom.dll')), - 'domxml' => array('classname' => 'Auth_Yadis_domxml', - 'libname' => array('domxml.so', 'php_domxml.dll')), - ); + return array('dom' => 'Auth_Yadis_dom', + 'domxml' => 'Auth_Yadis_domxml'); } /** @@ -332,43 +328,25 @@ function Auth_Yadis_getSupportedExtensions() * Auth_Yadis_setDefaultParser has been called, the parser used in * that call will be returned instead. */ -function &Auth_Yadis_getXMLParser() +function Auth_Yadis_getXMLParser() { global $__Auth_Yadis_defaultParser; - + if (isset($__Auth_Yadis_defaultParser)) { return $__Auth_Yadis_defaultParser; } - - $p = null; - $classname = null; - - $extensions = Auth_Yadis_getSupportedExtensions(); - - // Return a wrapper for the resident implementation, if any. - foreach ($extensions as $name => $params) { - if (!extension_loaded($name)) { - foreach ($params['libname'] as $libname) { - if (@dl($libname)) { - $classname = $params['classname']; - } - } - } else { - $classname = $params['classname']; - } - if (isset($classname)) { - $p = new $classname(); - return $p; - } - } - - if (!isset($p)) { - trigger_error('No XML parser was found', E_USER_ERROR); - } else { + + foreach(Auth_Yadis_getSupportedExtensions() as $extension => $classname) + { + if (extension_loaded($extension)) + { + $p = new $classname(); Auth_Yadis_setDefaultParser($p); + return $p; + } } - - return $p; + + return false; } -?> + diff --git a/extlib/Auth/Yadis/XRDS.php b/extlib/Auth/Yadis/XRDS.php index f14a7948e..1f5af96fb 100644 --- a/extlib/Auth/Yadis/XRDS.php +++ b/extlib/Auth/Yadis/XRDS.php @@ -255,11 +255,11 @@ class Auth_Yadis_XRDS { * Instantiate a Auth_Yadis_XRDS object. Requires an XPath * instance which has been used to parse a valid XRDS document. */ - function Auth_Yadis_XRDS(&$xmlParser, &$xrdNodes) + function Auth_Yadis_XRDS($xmlParser, $xrdNodes) { - $this->parser =& $xmlParser; + $this->parser = $xmlParser; $this->xrdNode = $xrdNodes[count($xrdNodes) - 1]; - $this->allXrdNodes =& $xrdNodes; + $this->allXrdNodes = $xrdNodes; $this->serviceList = array(); $this->_parse(); } @@ -273,7 +273,7 @@ class Auth_Yadis_XRDS { * @return mixed $xrds An instance of Auth_Yadis_XRDS or null, * depending on the validity of $xml_string */ - function &parseXRDS($xml_string, $extra_ns_map = null) + static function parseXRDS($xml_string, $extra_ns_map = null) { $_null = null; @@ -352,9 +352,9 @@ class Auth_Yadis_XRDS { $services = $this->parser->evalXPath('xrd:Service', $this->xrdNode); foreach ($services as $node) { - $s =& new Auth_Yadis_Service(); + $s = new Auth_Yadis_Service(); $s->element = $node; - $s->parser =& $this->parser; + $s->parser = $this->parser; $priority = $s->getPriority(); @@ -428,7 +428,8 @@ class Auth_Yadis_XRDS { $matches = 0; foreach ($filters as $filter) { - if (call_user_func_array($filter, array($service))) { + + if (call_user_func_array($filter, array(&$service))) { $matches++; if ($filter_mode == SERVICES_YADIS_MATCH_ANY) { @@ -475,4 +476,3 @@ class Auth_Yadis_XRDS { } } -?> \ No newline at end of file diff --git a/extlib/Auth/Yadis/XRI.php b/extlib/Auth/Yadis/XRI.php index 4e3462317..0143a692e 100644 --- a/extlib/Auth/Yadis/XRI.php +++ b/extlib/Auth/Yadis/XRI.php @@ -190,7 +190,7 @@ function Auth_Yadis_getCanonicalID($iname, $xrds) // Now nodes are in reverse order. $xrd_list = array_reverse($xrds->allXrdNodes); - $parser =& $xrds->parser; + $parser = $xrds->parser; $node = $xrd_list[0]; $canonicalID_nodes = $parser->evalXPath('xrd:CanonicalID', $node); @@ -231,4 +231,4 @@ function Auth_Yadis_getCanonicalID($iname, $xrds) return $canonicalID; } -?> + diff --git a/extlib/Auth/Yadis/XRIRes.php b/extlib/Auth/Yadis/XRIRes.php index 4e8e8d037..5e1158735 100644 --- a/extlib/Auth/Yadis/XRIRes.php +++ b/extlib/Auth/Yadis/XRIRes.php @@ -8,9 +8,9 @@ require_once 'Auth/Yadis/XRDS.php'; require_once 'Auth/Yadis/XRI.php'; class Auth_Yadis_ProxyResolver { - function Auth_Yadis_ProxyResolver(&$fetcher, $proxy_url = null) + function Auth_Yadis_ProxyResolver($fetcher, $proxy_url = null) { - $this->fetcher =& $fetcher; + $this->fetcher = $fetcher; $this->proxy_url = $proxy_url; if (!$this->proxy_url) { $this->proxy_url = Auth_Yadis_getDefaultProxy(); @@ -69,4 +69,4 @@ class Auth_Yadis_ProxyResolver { } } -?> + diff --git a/extlib/Auth/Yadis/Yadis.php b/extlib/Auth/Yadis/Yadis.php index d89f77c6d..9ea2db7f9 100644 --- a/extlib/Auth/Yadis/Yadis.php +++ b/extlib/Auth/Yadis/Yadis.php @@ -105,7 +105,7 @@ class Auth_Yadis_DiscoveryResult { function usedYadisLocation() { // Was the Yadis protocol's indirection used? - return $this->normalized_uri != $this->xrds_uri; + return ($this->xrds_uri && $this->normalized_uri != $this->xrds_uri); } function isXRDS() @@ -141,7 +141,7 @@ function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func, } $yadis_result = call_user_func_array($discover_func, - array($input_url, $fetcher)); + array($input_url, &$fetcher)); if ($yadis_result === null) { return array($input_url, array()); @@ -196,7 +196,7 @@ function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func, * The filter functions (whose names appear in the array passed to * services()) take the following form: * - * 
  function myFilter(&$service) {
+ * 
  function myFilter($service) {
  *       // Query $service object here.  Return true if the service
  *       // matches your query; false if not.
  *  }

@@ -207,7 +207,7 @@ function Auth_Yadis_getServiceEndpoints($input_url, $xrds_parse_func,
  * this contrived example):
  *
  * 
- *  function URIMatcher(&$service) {
+ *  function URIMatcher($service) {
  *      foreach ($service->getElements('xrd:URI') as $uri) {
  *          if (preg_match("/some_pattern/",
  *                         $service->parser->content($uri))) {
@@ -250,7 +250,7 @@ class Auth_Yadis_Yadis {
      * If Auth_Yadis_CURL_OVERRIDE is defined, this method will always
      * return a {@link Auth_Yadis_PlainHTTPFetcher}.
      */
-    function getHTTPFetcher($timeout = 20)
+    static function getHTTPFetcher($timeout = 20)
     {
         if (Auth_Yadis_Yadis::curlPresent() &&
             (!defined('Auth_Yadis_CURL_OVERRIDE'))) {
@@ -261,7 +261,7 @@ class Auth_Yadis_Yadis {
         return $fetcher;
     }
 
-    function curlPresent()
+    static function curlPresent()
     {
         return function_exists('curl_init');
     }
@@ -269,7 +269,7 @@ class Auth_Yadis_Yadis {
     /**
      * @access private
      */
-    function _getHeader($header_list, $names)
+   static function _getHeader($header_list, $names)
     {
         foreach ($header_list as $name => $value) {
             foreach ($names as $n) {
@@ -285,7 +285,7 @@ class Auth_Yadis_Yadis {
     /**
      * @access private
      */
-    function _getContentType($content_type_header)
+    static function _getContentType($content_type_header)
     {
         if ($content_type_header) {
             $parts = explode(";", $content_type_header);
@@ -317,7 +317,7 @@ class Auth_Yadis_Yadis {
      * Auth_Yadis_Yadis, depending on whether the discovery
      * succeeded.
      */
-    function discover($uri, &$fetcher,
+    static function discover($uri, $fetcher,
                       $extra_ns_map = null, $timeout = 20)
     {
         $result = new Auth_Yadis_DiscoveryResult($uri);
@@ -379,4 +379,4 @@ class Auth_Yadis_Yadis {
     }
 }
 
-?>
+
-- 
cgit v1.2.3-54-g00ecf