HTTP: Update Requests to master (0048f3c) which fixes a number of outstanding issues.

Merges [38727] to the 4.6 branch.

Fixes #38070, #37733 by reverting part of [38429] and using the fix in Requests.
Fixes #37992 allowing for connecting to SSL resources on ports other than 443.
Fixes #37991 by not sending default ports in the `Host:` header.
Fixes #37839 to match and decode Chunked responses correctly.
Fixes #38232 allowing a SSL connection to ignore the hostname of the certificate when verification is disabled.

Built from https://develop.svn.wordpress.org/branches/4.6@38728


git-svn-id: http://core.svn.wordpress.org/branches/4.6@38671 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/Requests/IRI.php

@@ -688,10 +688,7 @@ class Requests_IRI {
 		$isauthority = $this->iuserinfo !== null || $this->ihost !== null || $this->port !== null;
 		if ($this->ipath !== '' &&
 			(
-				$isauthority && (
-					$this->ipath[0] !== '/' ||
-					substr($this->ipath, 0, 2) === '//'
-				) ||
+				$isauthority && $this->ipath[0] !== '/' ||
 				(
 					$this->scheme === null &&
 					!$isauthority &&

wp-includes/Requests/Transport/cURL.php

@@ -375,8 +375,9 @@ class Requests_Transport_cURL implements Requests_Transport {
 		curl_setopt($this->handle, CURLOPT_URL, $url);
 		curl_setopt($this->handle, CURLOPT_REFERER, $url);
 		curl_setopt($this->handle, CURLOPT_USERAGENT, $options['useragent']);
-		curl_setopt($this->handle, CURLOPT_HTTPHEADER, $headers);
-
+		if (!empty($headers)) {
+			curl_setopt($this->handle, CURLOPT_HTTPHEADER, $headers);
+		}
 		if ($options['protocol_version'] === 1.1) {
 			curl_setopt($this->handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
 		}
@@ -458,7 +459,7 @@ class Requests_Transport_cURL implements Requests_Transport {
 	 * @param string $data Body data
 	 * @return integer Length of provided data
 	 */
-	protected function stream_body($handle, $data) {
+	public function stream_body($handle, $data) {
 		$this->hooks->dispatch('request.progress', array($data, $this->response_bytes, $this->response_byte_limit));
 		$data_length = strlen($data);
 

wp-includes/Requests/Transport/fsockopen.php

@@ -70,7 +70,9 @@ class Requests_Transport_fsockopen implements Requests_Transport {
 		// HTTPS support
 		if (isset($url_parts['scheme']) && strtolower($url_parts['scheme']) === 'https') {
 			$remote_socket = 'ssl://' . $host;
-			$url_parts['port'] = 443;
+			if (!isset($url_parts['port'])) {
+				$url_parts['port'] = 443;
+			}
 
 			$context_options = array(
 				'verify_peer' => true,
@@ -97,6 +99,7 @@ class Requests_Transport_fsockopen implements Requests_Transport {
 			}
 
 			if (isset($options['verifyname']) && $options['verifyname'] === false) {
+				$context_options['verify_peer_name'] = false;
 				$verifyname = false;
 			}
 
@@ -171,7 +174,7 @@ class Requests_Transport_fsockopen implements Requests_Transport {
 		if (!isset($case_insensitive_headers['Host'])) {
 			$out .= sprintf('Host: %s', $url_parts['host']);
 
-			if ($url_parts['port'] !== 80) {
+			if (( 'http' === strtolower($url_parts['scheme']) && $url_parts['port'] !== 80 ) || ( 'https' === strtolower($url_parts['scheme']) && $url_parts['port'] !== 443 )) {
 				$out .= ':' . $url_parts['port'];
 			}
 			$out .= "\r\n";

wp-includes/class-http.php

@@ -332,6 +332,7 @@ class WP_Http {
 		// SSL certificate handling
 		if ( ! $r['sslverify'] ) {
 			$options['verify'] = false;
+			$options['verifyname'] = false;
 		} else {
 			$options['verify'] = $r['sslcertificates'];
 		}
@@ -362,9 +363,6 @@ class WP_Http {
 			}
 		}
 
-		// Work around a bug in Requests when the path starts with // See https://github.com/rmccue/Requests/issues/231
-		$url = preg_replace( '!^(\w+://[^/]+)//(.*)$!i', '$1/$2', $url );
-
 		try {
 			$requests_response = Requests::request( $url, $headers, $data, $type, $options );
 

wp-includes/class-requests.php

@@ -749,15 +749,17 @@ class Requests {
 	 * @return string Decoded body
 	 */
 	protected static function decode_chunked($data) {
-		if (!preg_match('/^([0-9a-f]+)[^\r\n]*\r\n/i', trim($data))) {
+		if (!preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', trim($data))) {
 			return $data;
 		}
 
+
+
 		$decoded = '';
 		$encoded = $data;
 
 		while (true) {
-			$is_chunked = (bool) preg_match('/^([0-9a-f]+)[^\r\n]*\r\n/i', $encoded, $matches);
+			$is_chunked = (bool) preg_match('/^([0-9a-f]+)(?:;(?:[\w-]*)(?:=(?:(?:[\w-]*)*|"(?:[^\r\n])*"))?)*\r\n/i', $encoded, $matches);
 			if (!$is_chunked) {
 				// Looks like it's not chunked after all
 				return $data;

wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.6.2-alpha-38615';
+$wp_version = '4.6.2-alpha-38728';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.