From 2d592ddc8f26e72211d1c01cec8979cd371b8215 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20M=C3=BCller?= <thomas.mueller@tmit.eu>
Date: Fri, 28 Mar 2014 12:07:44 +0100
Subject: [PATCH] Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode
restriction enabled.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Squashed commit of the following:
commit eaf4f43f687db59137a0b00bc0e12ed4eb0d0943
Merge: 1e9c5be 1e7d7bd
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date: Fri Mar 28 11:49:04 2014 +0100
Merge branch 'master' of https://github.com/kev300/core into kev300-master
commit 1e7d7bdd8b5c7f301501cb822cdf2ef0ad3f2872
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:11:42 2013 +0100
Update util.php
commit 3f0723f054a27a506be7f26932ccb54fff6f2be9
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:09:15 2013 +0100
Update util.php
commit 512176abdcfbe5b2b060b91033abc9608912d1f8
Author: kev300 <admin@gadeco.de>
Date: Tue Dec 17 14:02:04 2013 +0100
Update util.php
commit 6cbefd080188d287024e0b047b88dd4525d6c2c1
Author: kev300 <admin@gadeco.de>
Date: Mon Dec 16 16:44:46 2013 +0100
Update util.php
Fix CURLOPT_FOLLOWLOCATION bug with open_basedir or safe_mode restriction enabled.
---
lib/private/util.php | 49 ++++++++++++++++++++++++++++++++++++++++----
1 file changed, 45 insertions(+), 4 deletions(-)
diff --git a/lib/private/util.php b/lib/private/util.php
index cd152234cc..c48a5505d4 100755
--- a/lib/private/util.php
+++ b/lib/private/util.php
@@ -1072,13 +1072,13 @@ class OC_Util {
public static function getUrlContent($url) {
if (function_exists('curl_init')) {
$curl = curl_init();
+ $max_redirects = 10;
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($curl, CURLOPT_URL, $url);
- curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
- curl_setopt($curl, CURLOPT_MAXREDIRS, 10);
+
curl_setopt($curl, CURLOPT_USERAGENT, "ownCloud Server Crawler");
if(OC_Config::getValue('proxy', '') != '') {
@@ -1087,9 +1087,50 @@ class OC_Util {
if(OC_Config::getValue('proxyuserpwd', '') != '') {
curl_setopt($curl, CURLOPT_PROXYUSERPWD, OC_Config::getValue('proxyuserpwd'));
}
- $data = curl_exec($curl);
+
+ if (ini_get('open_basedir') === '' && ini_get('safe_mode' === 'Off')) {
+ curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
+ curl_setopt($curl, CURLOPT_MAXREDIRS, $max_redirects);
+ $data = curl_exec($curl);
+ } else {
+ curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
+ $mr = $max_redirects;
+ if ($mr > 0) {
+ $newurl = curl_getinfo($curl, CURLINFO_EFFECTIVE_URL);
+
+ $rcurl = curl_copy_handle($curl);
+ curl_setopt($rcurl, CURLOPT_HEADER, true);
+ curl_setopt($rcurl, CURLOPT_NOBODY, true);
+ curl_setopt($rcurl, CURLOPT_FORBID_REUSE, false);
+ curl_setopt($rcurl, CURLOPT_RETURNTRANSFER, true);
+ do {
+ curl_setopt($rcurl, CURLOPT_URL, $newurl);
+ $header = curl_exec($rcurl);
+ if (curl_errno($rcurl)) {
+ $code = 0;
+ } else {
+ $code = curl_getinfo($rcurl, CURLINFO_HTTP_CODE);
+ if ($code == 301 || $code == 302) {
+ preg_match('/Location:(.*?)\n/', $header, $matches);
+ $newurl = trim(array_pop($matches));
+ } else {
+ $code = 0;
+ }
+ }
+ } while ($code && --$mr);
+ curl_close($rcurl);
+ if ($mr > 0) {
+ curl_setopt($curl, CURLOPT_URL, $newurl);
+ }
+ }
+
+ if($mr == 0 && $max_redirects > 0) {
+ $data = false;
+ } else {
+ $data = curl_exec($curl);
+ }
+ }
curl_close($curl);
-
} else {
$contextArray = null;
--
GitLab