From a8ef13972cccf91bfa9ed30a65c8e61a2f2c7977 Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Sun, 27 Oct 2013 21:09:10 +0000 Subject: [PATCH] When an HTTPS request to api.wordpress.org fails, try an insecure HTTP request and issue a warning. Certain versions of cURL appear to claim OpenSSL support but fail to work. We need to not trap users on older versions while we work this out, and instead fall back to an insecure request. see #25716 for trunk. Built from https://develop.svn.wordpress.org/trunk@25956 git-svn-id: http://core.svn.wordpress.org/trunk@25915 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/about.php | 2 +- wp-admin/includes/plugin-install.php | 14 ++++++++++---- wp-admin/includes/theme.php | 14 ++++++++++---- wp-admin/includes/update.php | 8 ++++++-- wp-admin/update-core.php | 2 +- wp-includes/update.php | 24 ++++++++++++++++++------ 6 files changed, 46 insertions(+), 18 deletions(-) diff --git a/wp-admin/about.php b/wp-admin/about.php index a694fe54e7..3391a4c523 100644 --- a/wp-admin/about.php +++ b/wp-admin/about.php @@ -61,7 +61,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' ); ); require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; $updater = new WP_Automatic_Updater; - $can_auto_update = wp_http_supports( 'ssl' ) && $updater->should_update( 'core', $future_minor_update, ABSPATH ); + $can_auto_update = wp_http_supports( array( 'ssl' ) ) && $updater->should_update( 'core', $future_minor_update, ABSPATH ); if ( $can_auto_update ) { echo '

' . __( 'This site is able to apply these updates automatically. Cool!' ). '

'; diff --git a/wp-admin/includes/plugin-install.php b/wp-admin/includes/plugin-install.php index 7f1e0f2c62..58a9e9bab7 100644 --- a/wp-admin/includes/plugin-install.php +++ b/wp-admin/includes/plugin-install.php @@ -60,17 +60,23 @@ function plugins_api($action, $args = null) { $res = apply_filters( 'plugins_api', false, $action, $args ); if ( false === $res ) { - $url = 'http://api.wordpress.org/plugins/info/1.0/'; - if ( wp_http_supports( array( 'ssl' ) ) ) + $url = $http_url = 'http://api.wordpress.org/plugins/info/1.0/'; + if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) $url = set_url_scheme( $url, 'https' ); - $request = wp_remote_post( $url, array( + $args = array( 'timeout' => 15, 'body' => array( 'action' => $action, 'request' => serialize( $args ) ) - ) ); + ); + $request = wp_remote_post( $url, $args ); + + if ( $ssl && is_wp_error( $request ) ) { + trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); + $request = wp_remote_post( $http_url, $args ); + } if ( is_wp_error($request) ) { $res = new WP_Error('plugins_api_failed', __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ), $request->get_error_message() ); diff --git a/wp-admin/includes/theme.php b/wp-admin/includes/theme.php index 0e48bac887..9ea69f2faa 100644 --- a/wp-admin/includes/theme.php +++ b/wp-admin/includes/theme.php @@ -282,16 +282,22 @@ function themes_api($action, $args = null) { $res = apply_filters('themes_api', false, $action, $args); //NOTE: Allows a theme to completely override the builtin WordPress.org API. if ( ! $res ) { - $url = 'http://api.wordpress.org/themes/info/1.0/'; - if ( wp_http_supports( array( 'ssl' ) ) ) + $url = $http_url = 'http://api.wordpress.org/themes/info/1.0/'; + if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) $url = set_url_scheme( $url, 'https' ); - $request = wp_remote_post( $url, array( + $args = array( 'body' => array( 'action' => $action, 'request' => serialize( $args ) ) - ) ); + ); + $request = wp_remote_post( $url, $args ); + + if ( $ssl && is_wp_error( $request ) ) { + trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); + $request = wp_remote_post( $http_url, $args ); + } if ( is_wp_error($request) ) { $res = new WP_Error('themes_api_failed', __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ), $request->get_error_message() ); diff --git a/wp-admin/includes/update.php b/wp-admin/includes/update.php index 147ce4a10f..feafd94b87 100644 --- a/wp-admin/includes/update.php +++ b/wp-admin/includes/update.php @@ -103,9 +103,9 @@ function find_core_auto_update() { function get_core_checksums( $version, $locale ) { $return = array(); - $url = 'http://api.wordpress.org/core/checksums/1.0/?' . http_build_query( compact( 'version', 'locale' ), null, '&' ); + $url = $http_url = 'http://api.wordpress.org/core/checksums/1.0/?' . http_build_query( compact( 'version', 'locale' ), null, '&' ); - if ( wp_http_supports( array( 'ssl' ) ) ) + if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) $url = set_url_scheme( $url, 'https' ); $options = array( @@ -113,6 +113,10 @@ function get_core_checksums( $version, $locale ) { ); $response = wp_remote_get( $url, $options ); + if ( $ssl && is_wp_error( $response ) ) { + trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); + $response = wp_remote_get( $http_url, $options ); + } if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) ) return false; diff --git a/wp-admin/update-core.php b/wp-admin/update-core.php index 99887d3607..3a17482c56 100644 --- a/wp-admin/update-core.php +++ b/wp-admin/update-core.php @@ -146,7 +146,7 @@ function core_upgrade_preamble() { echo '

'; _e('You have the latest version of WordPress.'); - if ( wp_http_supports( 'ssl' ) ) { + if ( wp_http_supports( array( 'ssl' ) ) ) { require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; $upgrader = new WP_Automatic_Updater; $future_minor_update = (object) array( diff --git a/wp-includes/update.php b/wp-includes/update.php index 9979ae9944..bc666fd225 100644 --- a/wp-includes/update.php +++ b/wp-includes/update.php @@ -93,8 +93,8 @@ function wp_version_check( $extra_stats = array() ) { if ( $extra_stats ) $post_body = array_merge( $post_body, $extra_stats ); - $url = 'http://api.wordpress.org/core/version-check/1.7/?' . http_build_query( $query, null, '&' ); - if ( wp_http_supports( array( 'ssl' ) ) ) + $url = $http_url = 'http://api.wordpress.org/core/version-check/1.7/?' . http_build_query( $query, null, '&' ); + if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) $url = set_url_scheme( $url, 'https' ); $options = array( @@ -108,6 +108,10 @@ function wp_version_check( $extra_stats = array() ) { ); $response = wp_remote_post( $url, $options ); + if ( $ssl && is_wp_error( $response ) ) { + trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); + $response = wp_remote_post( $http_url, $options ); + } if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) ) return false; @@ -246,11 +250,15 @@ function wp_update_plugins() { 'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ); - $url = 'http://api.wordpress.org/plugins/update-check/1.1/'; - if ( wp_http_supports( array( 'ssl' ) ) ) + $url = $http_url = 'http://api.wordpress.org/plugins/update-check/1.1/'; + if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) $url = set_url_scheme( $url, 'https' ); $raw_response = wp_remote_post( $url, $options ); + if ( $ssl && is_wp_error( $raw_response ) ) { + trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); + $raw_response = wp_remote_post( $http_url, $options ); + } if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) ) return false; @@ -382,11 +390,15 @@ function wp_update_themes() { 'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ); - $url = 'http://api.wordpress.org/themes/update-check/1.1/'; - if ( wp_http_supports( array( 'ssl' ) ) ) + $url = $http_url = 'http://api.wordpress.org/themes/update-check/1.1/'; + if ( $ssl = wp_http_supports( array( 'ssl' ) ) ) $url = set_url_scheme( $url, 'https' ); $raw_response = wp_remote_post( $url, $options ); + if ( $ssl && is_wp_error( $raw_response ) ) { + trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE ); + $raw_response = wp_remote_post( $http_url, $options ); + } if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) ) return false;