Skip to content

Commit

Permalink
SSL check when fetching version info in Diagnostics
Browse files Browse the repository at this point in the history 
Also added minumum OPENSSL constant and exposed the installed version in Low Diagnostics to aid debugging such issues.

Thanks, Adi.
  • Loading branch information
@Bloke
Bloke committed Jan 8, 2021
1 parent 001b4bb commit cf29009
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 29 deletions.
63 changes: 34 additions & 29 deletions textpattern/include/txp_diag.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -655,6 +655,8 @@ function doDiagnostics()

gTxt('diag_php_sapi_mode').cs.PHP_SAPI.n,

gTxt('diag_ssl_version').cs.OPENSSL_VERSION_TEXT.n,

gTxt('diag_rfc2616_headers').cs.ini_get('cgi.rfc2616_headers').n,

gTxt('diag_server_os_version').cs.php_uname('s').' '.php_uname('r').n,
Expand Down Expand Up @@ -787,24 +789,6 @@ function checkUpdates()
{
$endpoint = 'https://textpattern.com/version.json';
$release = $prerelease = null;

if (function_exists('curl_version')) {
$ch = curl_init($endpoint);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$contents = curl_exec($ch);
} else {
$contents = file_get_contents($endpoint);
}

$response = @json_decode($contents, true);

if (isset($response['textpattern-version'])) {
$release = $response['textpattern-version']['release'];
$prerelease = $response['textpattern-version']['prerelease'];
}

$version = get_pref('version');

$lastCheck = array(
'when' => time(),
'msg' => '',
Expand All @@ -814,20 +798,41 @@ function checkUpdates()
'response' => true,
);

if (!empty($release)) {
if (version_compare($version, $release) < 0) {
$lastCheck['msg'] = 'textpattern_update_available';
$lastCheck['msgval'] = array('{version}' => $release);
if (OPENSSL_VERSION_NUMBER < REQUIRED_OPENSSL_VERSION) {
$lastCheck['msg'] = 'problem_connecting_update_server';
$lastCheck['response'] = false;
} else {
if (function_exists('curl_version')) {
$ch = curl_init($endpoint);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$contents = curl_exec($ch);
} else {
$contents = file_get_contents($endpoint);
}

$response = @json_decode($contents, true);

if (isset($response['textpattern-version'])) {
$release = $response['textpattern-version']['release'];
$prerelease = $response['textpattern-version']['prerelease'];
}

if (version_compare($version, $prerelease) < 0) {
$lastCheck['msg2'] = 'textpattern_update_available_beta';
$lastCheck['msgval2'] = array('{version}' => $prerelease);
$version = get_pref('version');

if (!empty($release)) {
if (version_compare($version, $release) < 0) {
$lastCheck['msg'] = 'textpattern_update_available';
$lastCheck['msgval'] = array('{version}' => $release);
}

if (version_compare($version, $prerelease) < 0) {
$lastCheck['msg2'] = 'textpattern_update_available_beta';
$lastCheck['msgval2'] = array('{version}' => $prerelease);
}
} else {
$lastCheck['msg'] = 'problem_connecting_update_server';
$lastCheck['response'] = false;
}
} else {
$lastCheck['msg'] = 'problem_connecting_update_server';
$lastCheck['msgval'] = array();
$lastCheck['response'] = false;
}

set_pref('last_update_check', json_encode($lastCheck, TEXTPATTERN_JSON), 'publish', PREF_HIDDEN, 'text_input');
Expand Down
11 changes: 11 additions & 0 deletions textpattern/lib/constants.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -698,6 +698,17 @@

define('REQUIRED_PHP_VERSION', '5.5.0');

/**
* Required OPENSSL version.
*
* Used when fetching resources via file_get_contents() or cURL.
*
* @since 4.8.5
* @package System
*/

define('REQUIRED_OPENSSL_VERSION', '268439567');

/**
* File integrity status good.
*
Expand Down
1 change: 1 addition & 0 deletions textpattern/mode.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,7 @@ diag_rfc2616_headers="RFC 2616 headers"
diag_server_os_version="Server OS"
diag_server_time="Server local time"
diag_server_timezone="Server timezone"
diag_ssl_version="SSL version"
diag_tempdir="Temporary directory path"
diag_theme_name="Admin-side theme"
diag_txp_path="Textpattern path"
Expand Down

4 comments on commit cf29009

@petecooper
Copy link
Member

@petecooper petecooper commented on cf29009 Jan 8, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For clarity, is it viable to change the diag_ssl_version string to "PHP SSL version"? It's relatively common to have a system-wide version that's air gapped from the PHP-compiled version, especially with Linux package managers. I appreciate it's already under the PHP version entry, but it would have the edge for clarity, I feel. My 2c.

@Bloke
Copy link
Member Author

@Bloke Bloke commented on cf29009 Jan 8, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, it's only a string in mode.ini. Easy to change. Gimme a sec.

@Bloke
Copy link
Member Author

@Bloke Bloke commented on cf29009 Jan 8, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done in 181cd84.

@petecooper
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lovely - thanks!

Please sign in to comment.