Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[3][http] Joomla HTTP cannot connect to insecure https sites #30621

Closed
PhilETaylor opened this issue Sep 12, 2020 · 6 comments
Closed

[3][http] Joomla HTTP cannot connect to insecure https sites #30621

PhilETaylor opened this issue Sep 12, 2020 · 6 comments
Labels
No Code Attached Yet

Comments

@PhilETaylor
Copy link
Contributor

PhilETaylor commented Sep 12, 2020
edited

Steps to reproduce the issue

CURL Options passed to the GMAIL Authentication Plugin are not used by the http transport. This is the bug. But digging deeper in abstract:

dump this code into test.php in the root of your Joomla site

This example is based on the Gmail Authentication Plugin code, stripped back.

<?php

use Joomla\Registry\Registry;

define('_JEXEC', 1);
define('JPATH_BASE', __DIR__);

require_once JPATH_BASE.'/includes/defines.php';
require_once JPATH_BASE.'/includes/framework.php';

$app = JFactory::getApplication('site');


$curlParams = array(
    'transport.curl' => array(
        // DO NOT DO THIS ON A LIVE SITE - NEVER EVER FOLLOW ADVICE TO DO THIS !!!! 
        CURLOPT_SSL_VERIFYPEER => false,
        CURLOPT_SSL_VERIFYHOST => false,
        CURLOPT_PROXY_SSL_VERIFYPEER => false, // PHP7.3+
        CURLOPT_PROXY_SSL_VERIFYHOST => false,// PHP7.3+
    ),
);

$transportParams = new Registry($curlParams);

$http = JHttpFactory::getHttp($transportParams, 'curl');

try {
    $result = $http->get('https://self-signed.badssl.com');
} catch (\Exception $exception){
    echo '<pre>';
    var_dump($exception);
}

Navigate to http://yourdevdomain.dev/test.php

Expected result

No errors, the HTTP should use the curl transport and connect to the badssl.com site without exception or error.

Actual result

Exception thrown SSL certificate problem: self signed certificate

System information (as much as possible)

PHP 7.4 tested
@PhilETaylor

This comment was marked as abuse.

Sign in to view
@PhilETaylor

This comment was marked as abuse.

Sign in to view
@SharkyKZ
Copy link
Contributor

SharkyKZ commented Sep 12, 2020
edited

My guess this is more or less expected due to how Registry accesses data. Period is by default used as a separator so using it in array keys is going to be problematic. I think this is correct code in your case:

$curlParams = array(
	'transport' => array(
		'curl' => array(
		// DO NOT DO THIS ON A LIVE SITE - NEVER EVER FOLLOW ADVICE TO DO THIS !!!!
		CURLOPT_SSL_VERIFYPEER => false,
		CURLOPT_SSL_VERIFYHOST => false,
		CURLOPT_PROXY_SSL_VERIFYPEER => false, // PHP7.3+
		CURLOPT_PROXY_SSL_VERIFYHOST => false,// PHP7.3+
		),
	),
);

@PhilETaylor

This comment was marked as abuse.

Sign in to view
@SharkyKZ SharkyKZ mentioned this issue Sep 12, 2020
Closed
@SharkyKZ
Copy link
Contributor

Registry is working fine. It's the code in Gmail plugin that's wrong. But if you disagree you can open an issue in https://github.com/joomla-framework/registry repository.

For the Gmail plugin issue see PR #30624.

@PhilETaylor

This comment was marked as abuse.

Sign in to view
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
No Code Attached Yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

'Verify Peer' option not respected in Authentication - Gmail plugin
3 participants
@PhilETaylor @SharkyKZ @joomla-cms-bot