-
-
Notifications
You must be signed in to change notification settings - Fork 264
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GitHub update issues on some accounts (... Download failed. SSL certificate problem...) #368
Comments
One possibility for a patch, I'm currently using this in a theme functions.php with success: define ('PODS_SSL_VERIFY', FALSE);
add_action('http_request_args', 'pods_ssl_verify', 10, 2);
function pods_ssl_verify($args, $url) {
if ($url === 'https://github.com/pods-framework/pods/zipball/2.0') {
$args['sslverify'] = PODS_SSL_VERIFY;
}
return $args;
}
|
As a quick note to clarify just in case there is any confusion: the WPGitHubUpdater class doesn't appear to have been the culprit on this issue at all. The error never occurs on update CHECKS (which is where WPGitHubUpdater is involved). The error occurs when grabbing the actual update from GitHub, which, as explained, gets funneled through the WP bulk updater (which eventually calls wp_remote_get() directly with hard-coded parameters). The proposed patch deals with this by hooking the http_request_args action and adding sslverify = false if/when downloading the latest Pods zip. |
I'm only OK with this code if we can get it to be restricted only to that plugin request which does that. If it effects all wp_remote_get() then that's a deal breaker :( |
The action hook will call pods_ssl_verify() on any wp_remote_get() call... but it's only changing sslverify if the $url parameter matches the Pods zipball: if ($url === 'https://github.com/pods-framework/pods/zipball/2.0') I definitely wouldn't want to turn off SSL verify willy-nilly for any https request. |
Sounds good, but use this:
|
Okay, simplified and seems to work: add_action( 'http_request_args', 'pods_ssl_verify', 10, 2 );
function pods_ssl_verify( $args, $url ) {
if ( defined( 'PODS_GITHUB_ZIP' ) && PODS_GITHUB_ZIP == $url ) {
$args[ 'sslverify' ] = FALSE;
}
return $args;
} |
Thanks @pglewis, let's put this back into the GitHub updater instead of something custom in our plugin. Check out the pull request over at radishconcepts/WordPress-GitHub-Plugin-Updater#20 for my proposal. Thanks for figuring this out! |
Not a direct Pods issue from what I can tell, but still an issue on some setups.
The "force plugin refresh" functionality uses the WP bulk updater. This eventually calls download_url() in wp-admin/includes/file.php, which calls wp_remote_get() directly with a hard-coded argument list that doesn't include 'sslverify'. If 'sslverify' is not set to FALSE on some configurations, the update will fail with the message:
The text was updated successfully, but these errors were encountered: