You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

257 lines
9.3 KiB

* This file is part of Composer.
* (c) Nils Adermann <>
* Jordi Boggiano <>
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
namespace Composer\Util;
use Composer\Composer;
use Composer\CaBundle\CaBundle;
use Composer\Downloader\TransportException;
use Composer\Repository\PlatformRepository;
use Composer\Util\Http\ProxyManager;
use Psr\Log\LoggerInterface;
* Allows the creation of a basic context supporting http proxy
* @author Jordan Alliot <>
11 years ago
* @author Markus Tacker <>
final class StreamContextFactory
* Creates a context supporting HTTP proxies
4 years ago
* @param string $url URL the context is to be used for
* @phpstan-param array{http?: array{follow_location?: int, max_redirects?: int, header?: string|array<string>}} $defaultOptions
* @param mixed[] $defaultOptions Options to merge with the default
* @param mixed[] $defaultParams Parameters to specify on the context
* @throws \RuntimeException if https proxy required and OpenSSL uninstalled
9 years ago
* @return resource Default context
public static function getContext($url, array $defaultOptions = array(), array $defaultParams = array())
$options = array('http' => array(
// specify defaults again to try and work better with curlwrappers enabled
'follow_location' => 1,
'max_redirects' => 20,
$options = array_replace_recursive($options, self::initOptions($url, $defaultOptions));
$options = array_replace_recursive($options, $defaultOptions);
if (isset($options['http']['header'])) {
$options['http']['header'] = self::fixHttpHeaderField($options['http']['header']);
return stream_context_create($options, $defaultParams);
* @param string $url
* @param mixed[] $options
* @param bool $forCurl When true, will not add proxy values as these are handled separately
* @phpstan-return array{http: array{header: string[], proxy?: string, request_fulluri: bool}, ssl?: mixed[]}
* @return array formatted as a stream context array
public static function initOptions($url, array $options, $forCurl = false)
// Make sure the headers are in an array form
if (!isset($options['http']['header'])) {
$options['http']['header'] = array();
if (is_string($options['http']['header'])) {
$options['http']['header'] = explode("\r\n", $options['http']['header']);
// Add stream proxy options if there is a proxy
if (!$forCurl) {
$proxy = ProxyManager::getInstance()->getProxyForRequest($url);
if ($proxyOptions = $proxy->getContextOptions()) {
$isHttpsRequest = 0 === strpos($url, 'https://');
if ($proxy->isSecure()) {
if (!extension_loaded('openssl')) {
throw new TransportException('You must enable the openssl extension to use a secure proxy.');
if ($isHttpsRequest) {
throw new TransportException('You must enable the curl extension to make https requests through a secure proxy.');
} elseif ($isHttpsRequest && !extension_loaded('openssl')) {
throw new TransportException('You must enable the openssl extension to make https requests through a proxy.');
// Header will be a Proxy-Authorization string or not set
if (isset($proxyOptions['http']['header'])) {
$options['http']['header'][] = $proxyOptions['http']['header'];
$options = array_replace_recursive($options, $proxyOptions);
if (defined('HHVM_VERSION')) {
$phpVersion = 'HHVM ' . HHVM_VERSION;
} else {
if ($forCurl) {
$curl = curl_version();
$httpVersion = 'cURL '.$curl['version'];
} else {
$httpVersion = 'streams';
if (!isset($options['http']['header']) || false === stripos(implode('', $options['http']['header']), 'user-agent')) {
$platformPhpVersion = PlatformRepository::getPlatformPhpVersion();
$options['http']['header'][] = sprintf(
'User-Agent: Composer/%s (%s; %s; %s; %s%s%s)',
function_exists('php_uname') ? php_uname('s') : 'Unknown',
function_exists('php_uname') ? php_uname('r') : 'Unknown',
$platformPhpVersion ? '; Platform-PHP '.$platformPhpVersion : '',
Platform::getEnv('CI') ? '; CI' : ''
return $options;
* @param mixed[] $options
* @return mixed[]
public static function getTlsDefaults(array $options, LoggerInterface $logger = null)
$ciphers = implode(':', array(
* CN_match and SNI_server_name are only known once a URL is passed.
* They will be set in the getOptionsForUrl() method which receives a URL.
* cafile or capath can be overridden by passing in those options to constructor.
$defaults = array(
'ssl' => array(
'ciphers' => $ciphers,
'verify_peer' => true,
'verify_depth' => 7,
'SNI_enabled' => true,
'capture_peer_cert' => true,
if (isset($options['ssl'])) {
$defaults['ssl'] = array_replace_recursive($defaults['ssl'], $options['ssl']);
* Attempt to find a local cafile or throw an exception if none pre-set
* The user may go download one if this occurs.
if (!isset($defaults['ssl']['cafile']) && !isset($defaults['ssl']['capath'])) {
$result = CaBundle::getSystemCaRootBundlePath($logger);
if (is_dir($result)) {
$defaults['ssl']['capath'] = $result;
} else {
$defaults['ssl']['cafile'] = $result;
if (isset($defaults['ssl']['cafile']) && (!Filesystem::isReadable($defaults['ssl']['cafile']) || !CaBundle::validateCaFile($defaults['ssl']['cafile'], $logger))) {
throw new TransportException('The configured cafile was not valid or could not be read.');
if (isset($defaults['ssl']['capath']) && (!is_dir($defaults['ssl']['capath']) || !Filesystem::isReadable($defaults['ssl']['capath']))) {
throw new TransportException('The configured capath was not valid or could not be read.');
* Disable TLS compression to prevent CRIME attacks where supported.
if (PHP_VERSION_ID >= 50413) {
$defaults['ssl']['disable_compression'] = true;
return $defaults;
11 years ago
* A bug in PHP prevents the headers from correctly being sent when a content-type header is present and
* NOT at the end of the array
* This method fixes the array by moving the content-type header to the end
* @link
* @param string|string[] $header
* @return string[]
11 years ago
private static function fixHttpHeaderField($header)
11 years ago
if (!is_array($header)) {
$header = explode("\r\n", $header);
uasort($header, function ($el) {
return stripos($el, 'content-type') === 0 ? 1 : -1;
11 years ago
return $header;