function get($url, $extra_headers = null)
{
if (!$this->canFetchURL($url)) {
return null;
}
$stop = time() + $this->timeout;
$off = $this->timeout;
$redir = true;
while ($redir && $off > 0) {
$this->reset();
$c = curl_init();
if (defined('Auth_OpenID_DISABLE_SSL_VERIFYPEER') && Auth_OpenID_DISABLE_SSL_VERIFYPEER === true) {
trigger_error('You have disabled SSL verifcation, this is a TERRIBLE ' . 'idea in almost all cases. Set Auth_OpenID_DISABLE_SSL_' . 'VERIFYPEER to false if you want to be safe again', E_USER_WARNING);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
}
if ($c === false) {
Auth_OpenID::log("curl_init returned false; could not " . "initialize for URL '%s'", $url);
return null;
}
if (defined('CURLOPT_NOSIGNAL')) {
curl_setopt($c, CURLOPT_NOSIGNAL, true);
}
if (!$this->allowedURL($url)) {
Auth_OpenID::log("Fetching URL not allowed: %s", $url);
return null;
}
curl_setopt($c, CURLOPT_WRITEFUNCTION, array($this, "_writeData"));
curl_setopt($c, CURLOPT_HEADERFUNCTION, array($this, "_writeHeader"));
if ($extra_headers) {
curl_setopt($c, CURLOPT_HTTPHEADER, $extra_headers);
}
$cv = curl_version();
if (is_array($cv)) {
$curl_user_agent = 'curl/' . $cv['version'];
} else {
$curl_user_agent = $cv;
}
curl_setopt($c, CURLOPT_USERAGENT, Auth_OpenID_USER_AGENT . ' ' . $curl_user_agent);
curl_setopt($c, CURLOPT_TIMEOUT, $off);
curl_setopt($c, CURLOPT_URL, $url);
if (defined('Auth_OpenID_VERIFY_HOST')) {
// set SSL verification options only if Auth_OpenID_VERIFY_HOST
// is explicitly set, otherwise use system default.
if (Auth_OpenID_VERIFY_HOST) {
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 2);
if (defined('Auth_OpenID_CAINFO')) {
curl_setopt($c, CURLOPT_CAINFO, Auth_OpenID_CAINFO);
}
} else {
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
}
}
if (defined('Auth_OpenID_HTTP_PROXY')) {
curl_setopt($c, CURLOPT_PROXY, Auth_OpenID_HTTP_PROXY);
}
curl_exec($c);
$code = curl_getinfo($c, CURLINFO_HTTP_CODE);
$body = $this->data;
$headers = $this->headers;
if (!$code) {
Auth_OpenID::log("Got no response code when fetching %s", $url);
Auth_OpenID::log("CURL error (%s): %s", curl_errno($c), curl_error($c));
return null;
}
if (in_array($code, array(301, 302, 303, 307))) {
$url = $this->_findRedirect($headers, $url);
$redir = true;
} else {
$redir = false;
curl_close($c);
if (defined('Auth_OpenID_VERIFY_HOST') && Auth_OpenID_VERIFY_HOST == true && $this->isHTTPS($url)) {
Auth_OpenID::log('OpenID: Verified SSL host %s using ' . 'curl/get', $url);
}
$new_headers = array();
foreach ($headers as $header) {
if (strpos($header, ': ')) {
list($name, $value) = explode(': ', $header, 2);
$new_headers[$name] = $value;
}
}
return new Auth_Yadis_HTTPResponse($url, $code, $new_headers, $body);
}
$off = $stop - time();
}
return null;
}
