When an HTTPS request to api.wordpress.org fails, try an insecure HTTP request and issue a warning.

Certain versions of cURL appear to claim OpenSSL support but fail to work. We need to not trap users on older versions while we work this out, and instead fall back to an insecure request.

see #25716 for trunk.


git-svn-id: https://develop.svn.wordpress.org/trunk@25956 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2013-10-27 21:08:25 +00:00
parent 47c58004fe
commit 1694272bff
6 changed files with 46 additions and 18 deletions

View File

@ -61,7 +61,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
); );
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
$updater = new WP_Automatic_Updater; $updater = new WP_Automatic_Updater;
$can_auto_update = wp_http_supports( 'ssl' ) && $updater->should_update( 'core', $future_minor_update, ABSPATH ); $can_auto_update = wp_http_supports( array( 'ssl' ) ) && $updater->should_update( 'core', $future_minor_update, ABSPATH );
if ( $can_auto_update ) { if ( $can_auto_update ) {
echo '<p class="about-auto-update cool">' . __( 'This site <strong>is</strong> able to apply these updates automatically. Cool!' ). '</p>'; echo '<p class="about-auto-update cool">' . __( 'This site <strong>is</strong> able to apply these updates automatically. Cool!' ). '</p>';

View File

@ -60,17 +60,23 @@ function plugins_api($action, $args = null) {
$res = apply_filters( 'plugins_api', false, $action, $args ); $res = apply_filters( 'plugins_api', false, $action, $args );
if ( false === $res ) { if ( false === $res ) {
$url = 'http://api.wordpress.org/plugins/info/1.0/'; $url = $http_url = 'http://api.wordpress.org/plugins/info/1.0/';
if ( wp_http_supports( array( 'ssl' ) ) ) if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' ); $url = set_url_scheme( $url, 'https' );
$request = wp_remote_post( $url, array( $args = array(
'timeout' => 15, 'timeout' => 15,
'body' => array( 'body' => array(
'action' => $action, 'action' => $action,
'request' => serialize( $args ) 'request' => serialize( $args )
) )
) ); );
$request = wp_remote_post( $url, $args );
if ( $ssl && is_wp_error( $request ) ) {
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
$request = wp_remote_post( $http_url, $args );
}
if ( is_wp_error($request) ) { if ( is_wp_error($request) ) {
$res = new WP_Error('plugins_api_failed', __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ), $request->get_error_message() ); $res = new WP_Error('plugins_api_failed', __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ), $request->get_error_message() );

View File

@ -282,16 +282,22 @@ function themes_api($action, $args = null) {
$res = apply_filters('themes_api', false, $action, $args); //NOTE: Allows a theme to completely override the builtin WordPress.org API. $res = apply_filters('themes_api', false, $action, $args); //NOTE: Allows a theme to completely override the builtin WordPress.org API.
if ( ! $res ) { if ( ! $res ) {
$url = 'http://api.wordpress.org/themes/info/1.0/'; $url = $http_url = 'http://api.wordpress.org/themes/info/1.0/';
if ( wp_http_supports( array( 'ssl' ) ) ) if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' ); $url = set_url_scheme( $url, 'https' );
$request = wp_remote_post( $url, array( $args = array(
'body' => array( 'body' => array(
'action' => $action, 'action' => $action,
'request' => serialize( $args ) 'request' => serialize( $args )
) )
) ); );
$request = wp_remote_post( $url, $args );
if ( $ssl && is_wp_error( $request ) ) {
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
$request = wp_remote_post( $http_url, $args );
}
if ( is_wp_error($request) ) { if ( is_wp_error($request) ) {
$res = new WP_Error('themes_api_failed', __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ), $request->get_error_message() ); $res = new WP_Error('themes_api_failed', __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ), $request->get_error_message() );

View File

@ -103,9 +103,9 @@ function find_core_auto_update() {
function get_core_checksums( $version, $locale ) { function get_core_checksums( $version, $locale ) {
$return = array(); $return = array();
$url = 'http://api.wordpress.org/core/checksums/1.0/?' . http_build_query( compact( 'version', 'locale' ), null, '&' ); $url = $http_url = 'http://api.wordpress.org/core/checksums/1.0/?' . http_build_query( compact( 'version', 'locale' ), null, '&' );
if ( wp_http_supports( array( 'ssl' ) ) ) if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' ); $url = set_url_scheme( $url, 'https' );
$options = array( $options = array(
@ -113,6 +113,10 @@ function get_core_checksums( $version, $locale ) {
); );
$response = wp_remote_get( $url, $options ); $response = wp_remote_get( $url, $options );
if ( $ssl && is_wp_error( $response ) ) {
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
$response = wp_remote_get( $http_url, $options );
}
if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) ) if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) )
return false; return false;

View File

@ -146,7 +146,7 @@ function core_upgrade_preamble() {
echo '<h3>'; echo '<h3>';
_e('You have the latest version of WordPress.'); _e('You have the latest version of WordPress.');
if ( wp_http_supports( 'ssl' ) ) { if ( wp_http_supports( array( 'ssl' ) ) ) {
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php'; require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
$upgrader = new WP_Automatic_Updater; $upgrader = new WP_Automatic_Updater;
$future_minor_update = (object) array( $future_minor_update = (object) array(

View File

@ -93,8 +93,8 @@ function wp_version_check( $extra_stats = array() ) {
if ( $extra_stats ) if ( $extra_stats )
$post_body = array_merge( $post_body, $extra_stats ); $post_body = array_merge( $post_body, $extra_stats );
$url = 'http://api.wordpress.org/core/version-check/1.7/?' . http_build_query( $query, null, '&' ); $url = $http_url = 'http://api.wordpress.org/core/version-check/1.7/?' . http_build_query( $query, null, '&' );
if ( wp_http_supports( array( 'ssl' ) ) ) if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' ); $url = set_url_scheme( $url, 'https' );
$options = array( $options = array(
@ -108,6 +108,10 @@ function wp_version_check( $extra_stats = array() ) {
); );
$response = wp_remote_post( $url, $options ); $response = wp_remote_post( $url, $options );
if ( $ssl && is_wp_error( $response ) ) {
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
$response = wp_remote_post( $http_url, $options );
}
if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) ) if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) )
return false; return false;
@ -246,11 +250,15 @@ function wp_update_plugins() {
'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) 'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
); );
$url = 'http://api.wordpress.org/plugins/update-check/1.1/'; $url = $http_url = 'http://api.wordpress.org/plugins/update-check/1.1/';
if ( wp_http_supports( array( 'ssl' ) ) ) if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' ); $url = set_url_scheme( $url, 'https' );
$raw_response = wp_remote_post( $url, $options ); $raw_response = wp_remote_post( $url, $options );
if ( $ssl && is_wp_error( $raw_response ) ) {
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
$raw_response = wp_remote_post( $http_url, $options );
}
if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) ) if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) )
return false; return false;
@ -382,11 +390,15 @@ function wp_update_themes() {
'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) 'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
); );
$url = 'http://api.wordpress.org/themes/update-check/1.1/'; $url = $http_url = 'http://api.wordpress.org/themes/update-check/1.1/';
if ( wp_http_supports( array( 'ssl' ) ) ) if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' ); $url = set_url_scheme( $url, 'https' );
$raw_response = wp_remote_post( $url, $options ); $raw_response = wp_remote_post( $url, $options );
if ( $ssl && is_wp_error( $raw_response ) ) {
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server&#8217;s configuration. If you continue to have problems, please try the <a href="http://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
$raw_response = wp_remote_post( $http_url, $options );
}
if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) ) if ( is_wp_error( $raw_response ) || 200 != wp_remote_retrieve_response_code( $raw_response ) )
return false; return false;