From: thepurpleblob Date: Tue, 6 May 2008 14:59:39 +0000 (+0000) Subject: MDL-14659 X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=15c31560d87ef2ae126681065b65778f361b86c7;p=moodle.git MDL-14659 Add bypass list for proxy usage. --- diff --git a/lib/filelib.php b/lib/filelib.php index 31d64a954e..d50ded7c24 100644 --- a/lib/filelib.php +++ b/lib/filelib.php @@ -79,19 +79,24 @@ function download_file_content($url, $headers=null, $postdata=null, $fullrespons } } + // check if proxy (if used) should be bypassed for this url + $proxybypass = is_proxybypass( $url ); if (!extension_loaded('curl') or ($ch = curl_init($url)) === false) { require_once($CFG->libdir.'/snoopy/Snoopy.class.inc'); $snoopy = new Snoopy(); $snoopy->read_timeout = $timeout; $snoopy->_fp_timeout = $connecttimeout; - $snoopy->proxy_host = $CFG->proxyhost; - $snoopy->proxy_port = $CFG->proxyport; - if (!empty($CFG->proxyuser) and !empty($CFG->proxypassword)) { - // this will probably fail, but let's try it anyway - $snoopy->proxy_user = $CFG->proxyuser; - $snoopy->proxy_password = $CFG->proxypassword; + if (!$proxybypass) { + $snoopy->proxy_host = $CFG->proxyhost; + $snoopy->proxy_port = $CFG->proxyport; + if (!empty($CFG->proxyuser) and !empty($CFG->proxypassword)) { + // this will probably fail, but let's try it anyway + $snoopy->proxy_user = $CFG->proxyuser; + $snoopy->proxy_password = $CFG->proxypassword; + } } + if (is_array($headers) ) { $client->rawheaders = $headers; } @@ -173,7 +178,7 @@ function download_file_content($url, $headers=null, $postdata=null, $fullrespons curl_setopt($ch, CURLOPT_MAXREDIRS, 5); } - if (!empty($CFG->proxyhost)) { + if (!empty($CFG->proxyhost) and !$proxybypass) { // SOCKS supported in PHP5 only if (!empty($CFG->proxytype) and ($CFG->proxytype == 'SOCKS5')) { if (defined('CURLPROXY_SOCKS5')) { diff --git a/lib/moodlelib.php b/lib/moodlelib.php index a3869beea4..c48ccb0e4a 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -7893,6 +7893,52 @@ function setup_lang_from_browser() { return; } +/** + * check if $url matches anything in proxybypass list + * @note any errors just result in the proxy being used (least bad) + * @param string $url - url to check + * @return boolean - true if we should bypass the proxy + */ +function is_proxybypass( $url ) { + global $CFG; + + // sanity check + if (empty($CFG->proxyhost) or empty($CFG->proxybypass)) { + return false; + } + + // get the host part out of the url + if (!$host = parse_url( $url, PHP_URL_HOST )) { + return false; + } + + // get the possible bypass hosts into an array + $matches = explode( ',', $CFG->proxybypass ); + + // check for a match + // (IPs need to match the left hand side and hosts the right of the url, + // but we can recklessly check both as there can't be a false +ve) + $bypass = false; + foreach ($matches as $match) { + $match = trim($match); + + // try for IP match (Left side) + $lhs = substr($host,0,strlen($match)); + if (strcasecmp($match,$lhs)==0) { + return true; + } + + // try for host match (Right side) + $rhs = substr($host,-strlen($match)); + if (strcasecmp($match,$rhs)==0) { + return true; + } + } + + // nothing matched. + return false; +} + //////////////////////////////////////////////////////////////////////////////// diff --git a/mnet/lib.php b/mnet/lib.php index 1c848e3112..99a55843f5 100644 --- a/mnet/lib.php +++ b/mnet/lib.php @@ -71,7 +71,7 @@ function mnet_get_public_key($uri, $application=null) { curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); // check for proxy - if (!empty($CFG->proxyhost)) { + if (!empty($CFG->proxyhost) and !is_proxybypass($uri)) { // SOCKS supported in PHP5 only if (!empty($CFG->proxytype) and ($CFG->proxytype == 'SOCKS5')) { if (defined('CURLPROXY_SOCKS5')) {