Last active
December 5, 2022 23:52
-
-
Save naderman/377e40c1c76e0fe8b905c1a333c4112a to your computer and use it in GitHub Desktop.
Composer HTTP Proxy Test
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| error_reporting(E_ERROR); | |
| @ini_set('display_errors', 'Off'); | |
| echo "Unencrypted HTTP "; | |
| check('http://packagist.org/packages.json', false); | |
| echo "\nEncrypted HTTPS "; | |
| check('https://packagist.org/packages.json', true); | |
| echo "\n"; | |
| function check($url, $ssl) { | |
| foreach (array(false, true) as $fulluri) { | |
| $httpRes = file_get_contents($url, false, createContext($url, $ssl, $fulluri)); | |
| echo $fulluri ? 'FULL-' : 'PATH-'; | |
| echo strpos($httpRes, 'provider-includes') !== false ? 'OK ' : 'FAIL '; | |
| } | |
| } | |
| function createContext($url, $ssl, $fulluri) | |
| { | |
| $options = array('http' => array( | |
| )); | |
| if (PHP_SAPI === 'cli' && (!empty($_SERVER['HTTP_PROXY']) || !empty($_SERVER['http_proxy']))) { | |
| $proxy = parse_url(!empty($_SERVER['http_proxy']) ? $_SERVER['http_proxy'] : $_SERVER['HTTP_PROXY']); | |
| echo 'HTTP_PROXY '; | |
| } | |
| if (!empty($_SERVER['CGI_HTTP_PROXY'])) { | |
| $proxy = parse_url($_SERVER['CGI_HTTP_PROXY']); | |
| echo 'CGI_HTTP_PROXY '; | |
| } | |
| if (preg_match('{^https://}i', $url) && (!empty($_SERVER['HTTPS_PROXY']) || !empty($_SERVER['https_proxy']))) { | |
| $proxy = parse_url(!empty($_SERVER['https_proxy']) ? $_SERVER['https_proxy'] : $_SERVER['HTTPS_PROXY']); | |
| echo 'HTTPS_PROXY '; | |
| } | |
| if (!empty($_SERVER['NO_PROXY']) || !empty($_SERVER['no_proxy']) && parse_url($url, PHP_URL_HOST)) { | |
| echo 'NO_PROXY '; | |
| } | |
| if (!empty($proxy)) { | |
| $proxyURL = isset($proxy['scheme']) ? $proxy['scheme'] . '://' : ''; | |
| $proxyURL .= isset($proxy['host']) ? $proxy['host'] : ''; | |
| if (isset($proxy['port'])) { | |
| $proxyURL .= ":" . $proxy['port']; | |
| } elseif ('http://' == substr($proxyURL, 0, 7)) { | |
| $proxyURL .= ":80"; | |
| } elseif ('https://' == substr($proxyURL, 0, 8)) { | |
| $proxyURL .= ":443"; | |
| } | |
| $proxyURL = str_replace(array('http://', 'https://'), array('tcp://', 'ssl://'), $proxyURL); | |
| if (0 === strpos($proxyURL, 'ssl:') && !extension_loaded('openssl')) { | |
| throw new \RuntimeException('You must enable the openssl extension to use a proxy over https'); | |
| } | |
| $options['http']['proxy'] = $proxyURL; | |
| $options['http']['request_fulluri'] = $fulluri; | |
| if ('https' === parse_url($url, PHP_URL_SCHEME)) { | |
| $options['ssl']['SNI_enabled'] = true; | |
| if (PHP_VERSION_ID < 50600) { | |
| $options['ssl']['SNI_server_name'] = parse_url($url, PHP_URL_HOST); | |
| } | |
| } | |
| if (isset($proxy['user'])) { | |
| $auth = urldecode($proxy['user']); | |
| if (isset($proxy['pass'])) { | |
| $auth .= ':' . urldecode($proxy['pass']); | |
| } | |
| $auth = base64_encode($auth); | |
| $options['http']['header'] = array("Proxy-Authorization: Basic {$auth}"); | |
| } | |
| } | |
| $options['http']['header'][] = 'User-Agent: Proxy-Test'; | |
| uasort($options['http']['header'], function ($el) { | |
| return preg_match('{^content-type}i', $el) ? 1 : -1; | |
| }); | |
| return stream_context_create($options); | |
| } |
@juank537 @juliocapuano you do not seem to have any HTTP_PROXY/HTTPS_PROXY environment variables set up, so no proxy can be used.
Unencrypted HTTP HTTP_PROXY PATH-FAIL HTTP_PROXY FULL-OK
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY PATH-OK HTTP_PROXY HTTPS_PROXY FULL-OK
Thank you for your reply. I was trying to get an OSINT capability going for
us, but got retasked. It did push me in a direction, which has improved our
general intel communication at my organization.
…-Tony
On Thu, Dec 5, 2019, 7:18 AM Nils Adermann ***@***.***> wrote:
@tlay <https://github.com/tlay> never saw this, but if still relevant, as
per your output the HTTP_PROXY/HTTPS_PROXY env vars are not actually set
for builduser at all, so no way for Composer to use them.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://gist.github.com/377e40c1c76e0fe8b905c1a333c4112a?email_source=notifications&email_token=AA2CW7PRJWJBHFVICKS7KNLQXDWRFA5CNFSM4HYMM4W2YY3PNVWWK3TUL52HS4DFVNDWS43UINXW23LFNZ2KUY3PNVWWK3TUL5UWJTQAF5KRE#gistcomment-3101970>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AA2CW7L7RLECJWOIE55ZIQDQXDWRFANCNFSM4HYMM4WQ>
.
Unencrypted HTTP PATH-FAIL FULL-FAIL
Encrypted HTTPS PATH-OK FULL-OK
For me only :
Unencrypted HTTP PATH-FAIL
Unencrypted HTTP PATH-OK FULL-OK
Encrypted HTTPS PATH-FAIL FULL-FAIL
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@tlay never saw this, but if still relevant, as per your output the HTTP_PROXY/HTTPS_PROXY env vars are not actually set for builduser at all, so no way for Composer to use them.