Fix #yogosha8791

htdocs/core/class/openid.class.php

@@ -323,43 +323,6 @@ class SimpleOpenID
 		}
 	}
 
-	// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
-	/**
-	 * CURL_Request
-	 *
-	 * @param 	string	$url		URL
-	 * @param 	string	$method		Method
-	 * @param 	string	$params		Params
-	 * @return string
-	 */
-	public function CURL_Request($url, $method = "GET", $params = "")
-	{
-		// phpcs:enable
-		// Remember, SSL MUST BE SUPPORTED
-		if (is_array($params)) {
-			$params = $this->array2url($params);
-		}
-
-		$curl = curl_init($url.($method == "GET" && $params != "" ? "?".$params : ""));
-		@curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
-		curl_setopt($curl, CURLOPT_HEADER, false);
-		curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
-		curl_setopt($curl, CURLOPT_HTTPGET, ($method == "GET"));
-		curl_setopt($curl, CURLOPT_POST, ($method == "POST"));
-		if ($method == "POST") {
-			curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
-		}
-		curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
-		$response = curl_exec($curl);
-
-		if (curl_errno($curl) == 0) {
-			$response;
-		} else {
-			$this->ErrorStore('OPENID_CURL', curl_error($curl));
-		}
-		return $response;
-	}
-
 	// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
 	/**
 	 * HTML2OpenIDServer
@@ -372,6 +335,8 @@ class SimpleOpenID
 		// phpcs:enable
 		$get = array();
 
+		$matches1 = array(); $matches2 = array();
+
 		// Get details of their OpenID server and (optional) delegate
 		preg_match_all('/<link[^>]*rel=[\'"]openid.server[\'"][^>]*href=[\'"]([^\'"]+)[\'"][^>]*\/?>/i', $content, $matches1);
 		preg_match_all('/<link[^>]*href=\'"([^\'"]+)[\'"][^>]*rel=[\'"]openid.server[\'"][^>]*\/?>/i', $content, $matches2);
@@ -495,7 +460,15 @@ class SimpleOpenID
 		if ($openid_server == false) {
 			return false;
 		}
-		$response = $this->CURL_Request($openid_server, 'POST', $params);
+
+		if (is_array($params)) {
+			$params = $this->array2url($params);
+		}
+
+		$result = getURLContent($openid_server, 'POST', $params);
+
+		$response = $result['content'];
+
 		$data = $this->splitResponse($response);
 		if ($data['is_valid'] == "true") {
 			return true;

htdocs/core/lib/geturl.lib.php

@@ -36,7 +36,7 @@
  * @param	string[]  $allowedschemes		List of schemes that are allowed ('http' + 'https' only by default)
  * @param	int		  $localurl				0=Only external URL are possible, 1=Only local URL, 2=Both external and local URL are allowed.
  * @param	int		  $ssl_verifypeer		-1=Auto (no ssl check on dev, check on prod), 0=No ssl check, 1=Always ssl check
- * @return	array						    Returns an associative array containing the response from the server array('content'=>response, 'curl_error_no'=>errno, 'curl_error_msg'=>errmsg...)
+ * @return	array						    Returns an associative array containing the response from the server array('http_code'=>http response code, 'content'=>response, 'curl_error_no'=>errno, 'curl_error_msg'=>errmsg...)
  */
 function getURLContent($url, $postorget = 'GET', $param = '', $followlocation = 1, $addheaders = array(), $allowedschemes = array('http', 'https'), $localurl = 0, $ssl_verifypeer = -1)
 {

htdocs/mailmanspip/class/mailmanspip.class.php

@@ -147,28 +147,9 @@ class MailmanSpip
 		$curl_url = str_replace($patterns, $replace, $url);
 		dol_syslog('Calling Mailman: '.$curl_url);
 
-		$ch = curl_init($curl_url);
-
-		curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-		curl_setopt($ch, CURLOPT_FAILONERROR, true);
-		@curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
-		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, empty($conf->global->MAIN_USE_CONNECT_TIMEOUT) ? 5 : $conf->global->MAIN_USE_CONNECT_TIMEOUT);
-		curl_setopt($ch, CURLOPT_TIMEOUT, empty($conf->global->MAIN_USE_RESPONSE_TIMEOUT) ? 30 : $conf->global->MAIN_USE_RESPONSE_TIMEOUT);
-		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
-
-		$result = curl_exec($ch);
-		dol_syslog('result curl_exec='.$result);
-
-		//An error was found, we store it in $this->error for later
-		if ($result === false || curl_errno($ch) > 0) {
-			$this->error = curl_errno($ch).' '.curl_error($ch);
-			dol_syslog('Error using curl '.$this->error, LOG_ERR);
-		}
-
-		curl_close($ch);
+		$result = getURLContent($curl_url);
 
-		return $result;
+		return $result['content'];
 	}
 
 	// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps

htdocs/paypal/lib/paypal.lib.php

@@ -498,8 +498,19 @@ function hash_call($methodName, $nvpStr)
 	// TLSv1 by default or change to TLSv1.2 in module configuration
 	curl_setopt($ch, CURLOPT_SSLVERSION, (empty($conf->global->PAYPAL_SSLVERSION) ? 1 : $conf->global->PAYPAL_SSLVERSION));
 
+	$ssl_verifypeer = -1;
+
+	// Turning on or off the ssl target certificate
+	if ($ssl_verifypeer < 0) {
+		global $dolibarr_main_prod;
+		$ssl_verifypeer =  ($dolibarr_main_prod ? true : false);
+	}
+	if (!empty($conf->global->MAIN_CURL_DISABLE_VERIFYPEER)) {
+		$ssl_verifypeer = 0;
+	}
+
 	//turning off the server and peer verification(TrustManager Concept).
-	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
+	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, ($ssl_verifypeer ? true : false));
 	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
 
 	curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, empty($conf->global->MAIN_USE_CONNECT_TIMEOUT) ? 5 : $conf->global->MAIN_USE_CONNECT_TIMEOUT);