Home Esplora Aiuto
Accedi
yosoyhendrix
/
hestiacp
mirror da https://github.com/hestiacp/hestiacp
1
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

replace custom HTTPS socket code with libcurl (#3160)

* replace custom HTTPS socket code with libcurl

several reasons, for one, "$result = fread($fp, 2048);" is not the correct way to read the result, what if its more than 2048 bytes? or what if its less, and the server doesn't close the connection, then you risk a stalling read taking much longer than than required, the correct way is to parse out the "Content-Length" header and read that many bytes (which curl does, the custom https socket code didn't),

and.. its just simpler and easier to read curl code than custom https socket code~

* formatting

* PR feedback

https://github.com/hestiacp/hestiacp/pull/3160#discussion_r1053122152

* PR feedback

https://github.com/hestiacp/hestiacp/pull/3160#discussion_r1053126215

* PR feedback/useragent
divinity76 3 anni fa
parent
fe985ed3a0
commit
788ff120c7
1 ha cambiato i file con 24 aggiunte e 40 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 24 40
      install/common/roundcube/hestia.php

+ 24 - 40
install/common/roundcube/hestia.php
Vedi File 

@@ -7,7 +7,7 @@
 
  * @author HestiaCP <info@hestiacp.com>
 
  */
 
 class rcube_hestia_password {
 
-	function save($curpass, $passwd) {
 
+	public function save($curpass, $passwd) {
 
 		$rcmail = rcmail::get_instance();
 
 		$hestia_host = $rcmail->config->get("password_hestia_host");
 
 
@@ -25,45 +25,29 @@ class rcube_hestia_password {
 
 			"password" => $curpass,
 
 			"new" => $passwd,
 
 		];
 
-
 
-		$postdata = http_build_query($postvars);
 
-
 
-		$send = "POST /reset/mail/ HTTP/1.1" . PHP_EOL;
 
-		$send .= "Host: " . $hestia_host . PHP_EOL;
 
-		$send .= "User-Agent: PHP Script" . PHP_EOL;
 
-		$send .= "Content-length: " . strlen($postdata) . PHP_EOL;
 
-		$send .= "Content-type: application/x-www-form-urlencoded" . PHP_EOL;
 
-		$send .= "Connection: close" . PHP_EOL;
 
-		$send .= PHP_EOL;
 
-		$send .= $postdata . PHP_EOL . PHP_EOL;
 
-
 
-		//$fp = fsockopen('ssl://' . $hestia_host, $hestia_port);
 
-		$errno = "";
 
-		$errstr = "";
 
-		$context = stream_context_create();
 
-
 
-		$result = stream_context_set_option($context, "ssl", "verify_peer", false);
 
-		$result = stream_context_set_option($context, "ssl", "verify_peer_name", false);
 
-		$result = stream_context_set_option($context, "ssl", "verify_host", false);
 
-		$result = stream_context_set_option($context, "ssl", "allow_self_signed", true);
 
-
 
-		$fp = stream_socket_client(
 
-			"ssl://" . $hestia_host . ":" . $hestia_port,
 
-			$errno,
 
-			$errstr,
 
-			60,
 
-			STREAM_CLIENT_CONNECT,
 
-			$context,
 
-		);
 
-		fputs($fp, $send);
 
-		$result = fread($fp, 2048);
 
-		fclose($fp);
 
-
 
-		$fp = fopen("/tmp/roundcube.log", "w");
 
-		fwrite($fp, "test ok");
 
-		fwrite($fp, "\n");
 
-		fclose($fp);
 
-
 
+		$url = "https://{$hestia_host}:{$hestia_port}/reset/mail/";
 
+		$ch = curl_init();
 
+		if (
 
+			false ===
 
+			curl_setopt_array($ch, [
 
+				CURLOPT_URL => $url,
 
+				CURLOPT_RETURNTRANSFER => true,
 
+				CURLOPT_HEADER => true,
 
+				CURLOPT_POST => true,
 
+				CURLOPT_POSTFIELDS => http_build_query($postvars),
 
+				CURLOPT_USERAGENT => "Hestia Control Panel Password Driver",
 
+				CURLOPT_SSL_VERIFYPEER => false,
 
+				CURLOPT_SSL_VERIFYHOST => false,
 
+			])
 
+		) {
 
+			// should never happen
 
+			throw new Exception("curl_setopt_array() failed: " . curl_error($ch));
 
+		}
 
+		$result = curl_exec($ch);
 
+		if (curl_errno($ch) !== CURLE_OK) {
 
+			throw new Exception("curl_exec() failed: " . curl_error($ch));
 
+		}
 
+		curl_close($ch);
 
 		if (strpos($result, "ok") && !strpos($result, "error")) {
 
 			return PASSWORD_SUCCESS;
 
 		} else {