Bläddra i källkod

Show CA files being used in debug mode, refs #4792

Jordi Boggiano 9 år sedan
förälder
incheckning
546730dcf3
1 ändrade filer med 12 tillägg och 7 borttagningar
  1. 12 7
      src/Composer/Util/RemoteFilesystem.php

+ 12 - 7
src/Composer/Util/RemoteFilesystem.php

@@ -58,7 +58,7 @@ class RemoteFilesystem
             if (isset($options['ssl']['cafile'])
                 && (
                     !is_readable($options['ssl']['cafile'])
-                    || !self::validateCaFile(file_get_contents($options['ssl']['cafile']))
+                    || !$this->validateCaFile($options['ssl']['cafile'])
                 )
             ) {
                 throw new TransportException('The configured cafile was not valid or could not be read.');
@@ -636,7 +636,7 @@ class RemoteFilesystem
          * The user may go download one if this occurs.
          */
         if (!isset($this->options['ssl']['cafile'])) {
-            $result = self::getSystemCaRootBundlePath();
+            $result = $this->getSystemCaRootBundlePath();
             if ($result) {
                 if (preg_match('{^phar://}', $result)) {
                     $targetPath = rtrim(sys_get_temp_dir(), '\\/') . '/composer-cacert.pem';
@@ -705,7 +705,7 @@ class RemoteFilesystem
     * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
     * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     */
-    private static function getSystemCaRootBundlePath()
+    private function getSystemCaRootBundlePath()
     {
         static $caPath = null;
 
@@ -716,7 +716,7 @@ class RemoteFilesystem
         // If SSL_CERT_FILE env variable points to a valid certificate/bundle, use that.
         // This mimics how OpenSSL uses the SSL_CERT_FILE env variable.
         $envCertFile = getenv('SSL_CERT_FILE');
-        if ($envCertFile && is_readable($envCertFile) && self::validateCaFile(file_get_contents($envCertFile))) {
+        if ($envCertFile && is_readable($envCertFile) && $this->validateCaFile($envCertFile)) {
             // Possibly throw exception instead of ignoring SSL_CERT_FILE if it's invalid?
             return $caPath = $envCertFile;
         }
@@ -736,12 +736,12 @@ class RemoteFilesystem
         );
 
         $configured = ini_get('openssl.cafile');
-        if ($configured && strlen($configured) > 0 && is_readable($configured) && self::validateCaFile(file_get_contents($configured))) {
+        if ($configured && strlen($configured) > 0 && is_readable($configured) && $this->validateCaFile($configured)) {
             return $caPath = $configured;
         }
 
         foreach ($caBundlePaths as $caBundle) {
-            if (@is_readable($caBundle) && self::validateCaFile(file_get_contents($caBundle))) {
+            if (@is_readable($caBundle) && $this->validateCaFile($caBundle)) {
                 return $caPath = $caBundle;
             }
         }
@@ -756,8 +756,13 @@ class RemoteFilesystem
         return $caPath = false;
     }
 
-    private static function validateCaFile($contents)
+    private function validateCaFile($filename)
     {
+        if ($this->io->isDebug()) {
+            $this->io->writeError('Checking CA file '.realpath($filename));
+        }
+        $contents = file_get_contents($filename);
+
         // assume the CA is valid if php is vulnerable to
         // https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html
         if (