1 | <?php
|
---|
2 |
|
---|
3 | /**
|
---|
4 | * Zend Framework
|
---|
5 | *
|
---|
6 | * LICENSE
|
---|
7 | *
|
---|
8 | * This source file is subject to the new BSD license that is bundled
|
---|
9 | * with this package in the file LICENSE.txt.
|
---|
10 | * It is also available through the world-wide-web at this URL:
|
---|
11 | * http://framework.zend.com/license/new-bsd
|
---|
12 | * If you did not receive a copy of the license and are unable to
|
---|
13 | * obtain it through the world-wide-web, please send an email
|
---|
14 | * to license@zend.com so we can send you a copy immediately.
|
---|
15 | *
|
---|
16 | * @category Zend
|
---|
17 | * @package Zend_Http
|
---|
18 | * @subpackage Client_Adapter
|
---|
19 | * @version $Id: Proxy.php 12504 2008-11-10 16:28:46Z matthew $
|
---|
20 | * @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
|
---|
21 | * @license http://framework.zend.com/license/new-bsd New BSD License
|
---|
22 | */
|
---|
23 |
|
---|
24 | require_once 'Zend/Uri/Http.php';
|
---|
25 | require_once 'Zend/Http/Client.php';
|
---|
26 | require_once 'Zend/Http/Client/Adapter/Socket.php';
|
---|
27 |
|
---|
28 | /**
|
---|
29 | * HTTP Proxy-supporting Zend_Http_Client adapter class, based on the default
|
---|
30 | * socket based adapter.
|
---|
31 | *
|
---|
32 | * Should be used if proxy HTTP access is required. If no proxy is set, will
|
---|
33 | * fall back to Zend_Http_Client_Adapter_Socket behavior. Just like the
|
---|
34 | * default Socket adapter, this adapter does not require any special extensions
|
---|
35 | * installed.
|
---|
36 | *
|
---|
37 | * @category Zend
|
---|
38 | * @package Zend_Http
|
---|
39 | * @subpackage Client_Adapter
|
---|
40 | * @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
|
---|
41 | * @license http://framework.zend.com/license/new-bsd New BSD License
|
---|
42 | */
|
---|
43 | class Zend_Http_Client_Adapter_Proxy extends Zend_Http_Client_Adapter_Socket
|
---|
44 | {
|
---|
45 | /**
|
---|
46 | * Parameters array
|
---|
47 | *
|
---|
48 | * @var array
|
---|
49 | */
|
---|
50 | protected $config = array(
|
---|
51 | 'ssltransport' => 'ssl',
|
---|
52 | 'proxy_host' => '',
|
---|
53 | 'proxy_port' => 8080,
|
---|
54 | 'proxy_user' => '',
|
---|
55 | 'proxy_pass' => '',
|
---|
56 | 'proxy_auth' => Zend_Http_Client::AUTH_BASIC,
|
---|
57 | 'persistent' => false
|
---|
58 | );
|
---|
59 |
|
---|
60 | /**
|
---|
61 | * Whether HTTPS CONNECT was already negotiated with the proxy or not
|
---|
62 | *
|
---|
63 | * @var boolean
|
---|
64 | */
|
---|
65 | protected $negotiated = false;
|
---|
66 |
|
---|
67 | /**
|
---|
68 | * Connect to the remote server
|
---|
69 | *
|
---|
70 | * Will try to connect to the proxy server. If no proxy was set, will
|
---|
71 | * fall back to the target server (behave like regular Socket adapter)
|
---|
72 | *
|
---|
73 | * @param string $host
|
---|
74 | * @param int $port
|
---|
75 | * @param boolean $secure
|
---|
76 | * @param int $timeout
|
---|
77 | */
|
---|
78 | public function connect($host, $port = 80, $secure = false)
|
---|
79 | {
|
---|
80 | // If no proxy is set, fall back to Socket adapter
|
---|
81 | if (! $this->config['proxy_host']) return parent::connect($host, $port, $secure);
|
---|
82 |
|
---|
83 | // Go through a proxy - the connection is actually to the proxy server
|
---|
84 | $host = $this->config['proxy_host'];
|
---|
85 | $port = $this->config['proxy_port'];
|
---|
86 |
|
---|
87 | // If we are connected to the wrong proxy, disconnect first
|
---|
88 | if (($this->connected_to[0] != $host || $this->connected_to[1] != $port)) {
|
---|
89 | if (is_resource($this->socket)) $this->close();
|
---|
90 | }
|
---|
91 |
|
---|
92 | // Now, if we are not connected, connect
|
---|
93 | if (! is_resource($this->socket) || ! $this->config['keepalive']) {
|
---|
94 | $this->socket = @fsockopen($host, $port, $errno, $errstr, (int) $this->config['timeout']);
|
---|
95 | if (! $this->socket) {
|
---|
96 | $this->close();
|
---|
97 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
98 | throw new Zend_Http_Client_Adapter_Exception(
|
---|
99 | 'Unable to Connect to proxy server ' . $host . ':' . $port . '. Error #' . $errno . ': ' . $errstr);
|
---|
100 | }
|
---|
101 |
|
---|
102 | // Set the stream timeout
|
---|
103 | if (!stream_set_timeout($this->socket, (int) $this->config['timeout'])) {
|
---|
104 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
105 | throw new Zend_Http_Client_Adapter_Exception('Unable to set the connection timeout');
|
---|
106 | }
|
---|
107 |
|
---|
108 | // Update connected_to
|
---|
109 | $this->connected_to = array($host, $port);
|
---|
110 | }
|
---|
111 | }
|
---|
112 |
|
---|
113 | /**
|
---|
114 | * Send request to the proxy server
|
---|
115 | *
|
---|
116 | * @param string $method
|
---|
117 | * @param Zend_Uri_Http $uri
|
---|
118 | * @param string $http_ver
|
---|
119 | * @param array $headers
|
---|
120 | * @param string $body
|
---|
121 | * @return string Request as string
|
---|
122 | */
|
---|
123 | public function write($method, $uri, $http_ver = '1.1', $headers = array(), $body = '')
|
---|
124 | {
|
---|
125 | // If no proxy is set, fall back to default Socket adapter
|
---|
126 | if (! $this->config['proxy_host']) return parent::write($method, $uri, $http_ver, $headers, $body);
|
---|
127 |
|
---|
128 | // Make sure we're properly connected
|
---|
129 | if (! $this->socket) {
|
---|
130 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
131 | throw new Zend_Http_Client_Adapter_Exception("Trying to write but we are not connected");
|
---|
132 | }
|
---|
133 |
|
---|
134 | $host = $this->config['proxy_host'];
|
---|
135 | $port = $this->config['proxy_port'];
|
---|
136 |
|
---|
137 | if ($this->connected_to[0] != $host || $this->connected_to[1] != $port) {
|
---|
138 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
139 | throw new Zend_Http_Client_Adapter_Exception("Trying to write but we are connected to the wrong proxy server");
|
---|
140 | }
|
---|
141 |
|
---|
142 | // Add Proxy-Authorization header
|
---|
143 | if ($this->config['proxy_user'] && ! isset($headers['proxy-authorization'])) {
|
---|
144 | $headers['proxy-authorization'] = Zend_Http_Client::encodeAuthHeader(
|
---|
145 | $this->config['proxy_user'], $this->config['proxy_pass'], $this->config['proxy_auth']
|
---|
146 | );
|
---|
147 | }
|
---|
148 |
|
---|
149 | // if we are proxying HTTPS, preform CONNECT handshake with the proxy
|
---|
150 | if ($uri->getScheme() == 'https' && (! $this->negotiated)) {
|
---|
151 | $this->connectHandshake($uri->getHost(), $uri->getPort(), $http_ver, $headers);
|
---|
152 | $this->negotiated = true;
|
---|
153 | }
|
---|
154 |
|
---|
155 | // Save request method for later
|
---|
156 | $this->method = $method;
|
---|
157 |
|
---|
158 | // Build request headers
|
---|
159 | $request = "{$method} {$uri->__toString()} HTTP/{$http_ver}\r\n";
|
---|
160 |
|
---|
161 | // Add all headers to the request string
|
---|
162 | foreach ($headers as $k => $v) {
|
---|
163 | if (is_string($k)) $v = "$k: $v";
|
---|
164 | $request .= "$v\r\n";
|
---|
165 | }
|
---|
166 |
|
---|
167 | // Add the request body
|
---|
168 | $request .= "\r\n" . $body;
|
---|
169 |
|
---|
170 | // Send the request
|
---|
171 | if (! @fwrite($this->socket, $request)) {
|
---|
172 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
173 | throw new Zend_Http_Client_Adapter_Exception("Error writing request to proxy server");
|
---|
174 | }
|
---|
175 |
|
---|
176 | return $request;
|
---|
177 | }
|
---|
178 |
|
---|
179 | /**
|
---|
180 | * Preform handshaking with HTTPS proxy using CONNECT method
|
---|
181 | *
|
---|
182 | * @param string $host
|
---|
183 | * @param integer $port
|
---|
184 | * @param string $http_ver
|
---|
185 | * @param array $headers
|
---|
186 | */
|
---|
187 | protected function connectHandshake($host, $port = 443, $http_ver = '1.1', array &$headers = array())
|
---|
188 | {
|
---|
189 | $request = "CONNECT $host:$port HTTP/$http_ver\r\n" .
|
---|
190 | "Host: " . $this->config['proxy_host'] . "\r\n";
|
---|
191 |
|
---|
192 | // Add the user-agent header
|
---|
193 | if (isset($this->config['useragent'])) {
|
---|
194 | $request .= "User-agent: " . $this->config['useragent'] . "\r\n";
|
---|
195 | }
|
---|
196 |
|
---|
197 | // If the proxy-authorization header is set, send it to proxy but remove
|
---|
198 | // it from headers sent to target host
|
---|
199 | if (isset($headers['proxy-authorization'])) {
|
---|
200 | $request .= "Proxy-authorization: " . $headers['proxy-authorization'] . "\r\n";
|
---|
201 | unset($headers['proxy-authorization']);
|
---|
202 | }
|
---|
203 |
|
---|
204 | $request .= "\r\n";
|
---|
205 |
|
---|
206 | // Send the request
|
---|
207 | if (! @fwrite($this->socket, $request)) {
|
---|
208 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
209 | throw new Zend_Http_Client_Adapter_Exception("Error writing request to proxy server");
|
---|
210 | }
|
---|
211 |
|
---|
212 | // Read response headers only
|
---|
213 | $response = '';
|
---|
214 | $gotStatus = false;
|
---|
215 | while ($line = @fgets($this->socket)) {
|
---|
216 | $gotStatus = $gotStatus || (strpos($line, 'HTTP') !== false);
|
---|
217 | if ($gotStatus) {
|
---|
218 | $response .= $line;
|
---|
219 | if (!chop($line)) break;
|
---|
220 | }
|
---|
221 | }
|
---|
222 |
|
---|
223 | // Check that the response from the proxy is 200
|
---|
224 | if (Zend_Http_Response::extractCode($response) != 200) {
|
---|
225 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
226 | throw new Zend_Http_Client_Adapter_Exception("Unable to connect to HTTPS proxy. Server response: " . $response);
|
---|
227 | }
|
---|
228 |
|
---|
229 | // If all is good, switch socket to secure mode. We have to fall back
|
---|
230 | // through the different modes
|
---|
231 | $modes = array(
|
---|
232 | STREAM_CRYPTO_METHOD_TLS_CLIENT,
|
---|
233 | STREAM_CRYPTO_METHOD_SSLv3_CLIENT,
|
---|
234 | STREAM_CRYPTO_METHOD_SSLv23_CLIENT,
|
---|
235 | STREAM_CRYPTO_METHOD_SSLv2_CLIENT
|
---|
236 | );
|
---|
237 |
|
---|
238 | $success = false;
|
---|
239 | foreach($modes as $mode) {
|
---|
240 | $success = stream_socket_enable_crypto($this->socket, true, $mode);
|
---|
241 | if ($success) break;
|
---|
242 | }
|
---|
243 |
|
---|
244 | if (! $success) {
|
---|
245 | require_once 'Zend/Http/Client/Adapter/Exception.php';
|
---|
246 | throw new Zend_Http_Client_Adapter_Exception("Unable to connect to" .
|
---|
247 | " HTTPS server through proxy: could not negotiate secure connection.");
|
---|
248 | }
|
---|
249 | }
|
---|
250 |
|
---|
251 | /**
|
---|
252 | * Close the connection to the server
|
---|
253 | *
|
---|
254 | */
|
---|
255 | public function close()
|
---|
256 | {
|
---|
257 | parent::close();
|
---|
258 | $this->negotiated = false;
|
---|
259 | }
|
---|
260 |
|
---|
261 | /**
|
---|
262 | * Destructor: make sure the socket is disconnected
|
---|
263 | *
|
---|
264 | */
|
---|
265 | public function __destruct()
|
---|
266 | {
|
---|
267 | if ($this->socket) $this->close();
|
---|
268 | }
|
---|
269 | }
|
---|