From 2ffdf56bfe8ad35ac648a22a838b1ef01905b2d4 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 25 Aug 2011 20:14:49 +0200 Subject: [PATCH 1/5] [ticket/10278] Also set timeout on stream in get_remote_file(). From the PHP manual for fsockopen(): If you need to set a timeout for reading/writing data over the socket, use stream_set_timeout(), as the timeout parameter to fsockopen() only applies while connecting the socket. http://www.php.net/manual/en/function.fsockopen.php PHPBB3-10278 --- phpBB/includes/functions_admin.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index f7e19f3e7d..ee146ca214 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -3140,6 +3140,8 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port @fputs($fsock, "HOST: $host\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); + stream_set_timeout($fsock, $timeout); + $file_info = ''; $get_info = false; From 29a23ae217efed86e6b5afff4c9a0b1271eb20f4 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 25 Aug 2011 20:34:01 +0200 Subject: [PATCH 2/5] [ticket/10278] Return with a timeout error when fread() or fgets() time out. PHPBB3-10278 --- phpBB/includes/functions_admin.php | 8 ++++++++ phpBB/language/en/common.php | 1 + 2 files changed, 9 insertions(+) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index ee146ca214..8b9b80b23d 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -3164,6 +3164,14 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port return false; } } + + $stream_meta_data = stream_get_meta_data($fsock); + + if (!empty($stream_meta_data['timed_out'])) + { + $errstr = $user->lang['FSOCK_TIMEOUT']; + return false; + } } @fclose($fsock); } diff --git a/phpBB/language/en/common.php b/phpBB/language/en/common.php index 1c96818346..2eca49d3e0 100644 --- a/phpBB/language/en/common.php +++ b/phpBB/language/en/common.php @@ -200,6 +200,7 @@ $lang = array_merge($lang, array( 'FORUM_RULES_LINK' => 'Please click here to view the forum rules', 'FROM' => 'from', 'FSOCK_DISABLED' => 'The operation could not be completed because the fsockopen function has been disabled or the server being queried could not be found.', + 'FSOCK_TIMEOUT' => 'A timeout occurred while reading from the network stream.', 'FTP_FSOCK_HOST' => 'FTP host', 'FTP_FSOCK_HOST_EXPLAIN' => 'FTP server used to connect your site.', From c0507c6a9e26ba250596530f501bf6843250ed36 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 25 Aug 2011 20:38:53 +0200 Subject: [PATCH 3/5] [ticket/10278] Decrease default timeout of get_remote_file() to 6 seconds. PHPBB3-10278 --- phpBB/includes/functions_admin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index 8b9b80b23d..bcd477d855 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -3130,7 +3130,7 @@ function get_database_size() /** * Retrieve contents from remotely stored file */ -function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 10) +function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port = 80, $timeout = 6) { global $user; From 091119605abe794aa508c76b7e5199517fc256e3 Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 13 Oct 2011 18:03:02 +0200 Subject: [PATCH 4/5] [ticket/10278] Also timeout when receiving data over a slow connection. PHPBB3-10278 --- phpBB/includes/functions_admin.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/phpBB/includes/functions_admin.php b/phpBB/includes/functions_admin.php index bcd477d855..513b7a68b2 100644 --- a/phpBB/includes/functions_admin.php +++ b/phpBB/includes/functions_admin.php @@ -3140,6 +3140,7 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port @fputs($fsock, "HOST: $host\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); + $timer_stop = time() + $timeout; stream_set_timeout($fsock, $timeout); $file_info = ''; @@ -3167,7 +3168,7 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port $stream_meta_data = stream_get_meta_data($fsock); - if (!empty($stream_meta_data['timed_out'])) + if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop) { $errstr = $user->lang['FSOCK_TIMEOUT']; return false; From 1dc1583b92daa666193d766e3728ce9723f4d20f Mon Sep 17 00:00:00 2001 From: Andreas Fischer Date: Thu, 13 Oct 2011 18:23:33 +0200 Subject: [PATCH 5/5] [ticket/10278] Show VERSIONCHECK_FAIL instead of FSOCK_TIMEOUT. PHPBB3-10278 --- phpBB/includes/acp/acp_update.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/phpBB/includes/acp/acp_update.php b/phpBB/includes/acp/acp_update.php index 931fa53165..7e3d1a1024 100644 --- a/phpBB/includes/acp/acp_update.php +++ b/phpBB/includes/acp/acp_update.php @@ -37,7 +37,7 @@ class acp_update $errstr = ''; $errno = 0; - $info = obtain_latest_version_info(request_var('versioncheck_force', false), true); + $info = obtain_latest_version_info(request_var('versioncheck_force', false)); if ($info === false) {