From: Alexander Ebert Date: Thu, 5 Feb 2015 19:59:12 +0000 (+0100) Subject: Disabled implicit SSL support for update servers X-Git-Tag: 2.1.0_RC_1~78 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=a99a7150e4637698bcc9b8e699b041ad8fe1ca46;p=GitHub%2FWoltLab%2FWCF.git Disabled implicit SSL support for update servers SSL is currently too unreliable to be automatically picked over http, we'll revisit this with WCF 2.2 to see if there is a less broken SSL support throughout the user webspaces/servers. Note: This only affects the automatic protocol negotiation, if you register the update server with https:// it won't be touched (unless SSL is unsupported) --- diff --git a/wcfsetup/install/files/lib/data/package/update/server/PackageUpdateServer.class.php b/wcfsetup/install/files/lib/data/package/update/server/PackageUpdateServer.class.php index 024b7c3708..aa1bcd38e2 100644 --- a/wcfsetup/install/files/lib/data/package/update/server/PackageUpdateServer.class.php +++ b/wcfsetup/install/files/lib/data/package/update/server/PackageUpdateServer.class.php @@ -173,11 +173,12 @@ class PackageUpdateServer extends DatabaseObject { $serverURL = FileUtil::addTrailingSlash($this->serverURL) . 'list/' . WCF::getLanguage()->getFixedLanguageCode() . '.xml'; $metaData = $this->getMetaData(); - if (!RemoteFile::supportsSSL() || !$metaData['ssl']) { + //if (!RemoteFile::supportsSSL() || !$metaData['ssl']) { + if (!RemoteFile::supportsSSL()) { return preg_replace('~^https://~', 'http://', $serverURL); } - return preg_replace('~^http://~', 'https://', $serverURL); + return $serverURL; } /** @@ -191,11 +192,12 @@ class PackageUpdateServer extends DatabaseObject { } $metaData = $this->getMetaData(); - if (!RemoteFile::supportsSSL() || !$metaData['ssl']) { + //if (!RemoteFile::supportsSSL() || !$metaData['ssl']) { + if (!RemoteFile::supportsSSL()) { return preg_replace('~^https://~', 'http://', $this->serverURL); } - return preg_replace('~^http://~', 'https://', $this->serverURL); + return $this->serverURL; } /** diff --git a/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php b/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php index 6fa770eb22..75ebc62e78 100644 --- a/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php +++ b/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php @@ -134,15 +134,16 @@ class PackageUpdateDispatcher extends SingletonFactory { if (empty($reply['httpHeaders']['etag']) && empty($reply['httpHeaders']['last-modified'])) { throw new SystemException("Missing required HTTP headers 'etag' and 'last-modified'."); } - else if (empty($reply['httpHeaders']['wcf-update-server-ssl'])) { + /*else if (empty($reply['httpHeaders']['wcf-update-server-ssl'])) { throw new SystemException("Missing required HTTP header 'wcf-update-server-ssl'."); - } + }*/ $metaData['list'] = array(); if (!empty($reply['httpHeaders']['etag'])) $metaData['list']['etag'] = reset($reply['httpHeaders']['etag']); if (!empty($reply['httpHeaders']['last-modified'])) $metaData['list']['lastModified'] = reset($reply['httpHeaders']['last-modified']); - $metaData['ssl'] = (reset($reply['httpHeaders']['wcf-update-server-ssl']) == 'true') ? true : false; + $metaData['ssl'] = false; + //(reset($reply['httpHeaders']['wcf-update-server-ssl']) == 'true') ? true : false; } $data['metaData'] = serialize($metaData);