Merge branch 'release/2.4.1'

mynetx · mynetx · commit d2e63df8e4bc · 2013-06-23T19:31:09.000+02:00
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,8 +1,9 @@
 codebird-php - changelog
 ========================
 
-2.4.1 (not yet released)
+2.4.1 (2013-06-23)
 + #26 Stringify null and boolean parameters
++ Validate Twitter SSL certificate for oauth2/token method
 
 2.4.0 (2013-06-15)
 + Add contributing guidelines
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -1,6 +1,6 @@
 ### Which branch?
-- Bugs are fixed in the latest QA_* branch, please base your bugfix pull requests on this branch.
-- New features are added to the master branch, please base your feature-add pull requests on that branch.
+- Bugs are fixed in the master branch, please base your bugfix pull requests on this branch.
+- New features are added to the develop branch, please base your feature-add pull requests on that branch.
 
 ### Code style
 - Please use 4 soft spaces per indent level.
diff --git a/composer.json b/composer.json
@@ -1,7 +1,7 @@
 {
     "name": "mynetx/codebird-php",
     "description" : "A Twitter library in PHP.",
-    "version": "2.4.1-dev",
+    "version": "2.4.1",
     "autoload": {
         "classmap": ["src/"]
     },
diff --git a/src/codebird.php b/src/codebird.php
@@ -6,7 +6,7 @@
  * A Twitter library in PHP.
  *
  * @package codebird
- * @version 2.4.1-dev
+ * @version 2.4.1
  * @author J.M. <me@mynetx.net>
  * @copyright 2010-2013 J.M. <me@mynetx.net>
  *
@@ -107,7 +107,7 @@ class Codebird
     /**
      * The current Codebird version
      */
-    protected $_version = '2.4.1-dev';
+    protected $_version = '2.4.1';
 
     /**
      * Returns singleton class instance
@@ -363,13 +363,32 @@ public function oauth2_token()
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
         curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
         curl_setopt($ch, CURLOPT_HEADER, 1);
-        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
-        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
+        curl_setopt($ch, CURLOPT_CAINFO, __DIR__ . '/cacert.pem');
+
         curl_setopt($ch, CURLOPT_USERPWD, self::$_oauth_consumer_key . ':' . self::$_oauth_consumer_secret);
         curl_setopt($ch, CURLOPT_HTTPHEADER, array(
             'Expect:'
         ));
-        $reply      = curl_exec($ch);
+        $reply = curl_exec($ch);
+
+        // certificate validation results
+        $validation_result = curl_errno($ch);
+        if (in_array(
+                $validation_result,
+                array(
+                    CURLE_SSL_CERTPROBLEM,
+                    CURLE_SSL_CACERT,
+                    CURLE_SSL_CACERT_BADFILE,
+                    CURLE_SSL_CRL_BADFILE,
+                    CURLE_SSL_ISSUER_ERROR
+                )
+            )
+        ) {
+            throw new \Exception('Error ' . $validation_result . ' while validating the Twitter API certificate.');
+        }
+
         $httpstatus = curl_getinfo($ch, CURLINFO_HTTP_CODE);
         $reply = $this->_parseApiReply('oauth2/token', $reply);
         switch ($this->_return_format) {

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "mynetx/codebird-php",`
`3`	`3`	`"description" : "A Twitter library in PHP.",`
`4`		`- "version": "2.4.1-dev",`
	`4`	`+ "version": "2.4.1",`
`5`	`5`	`"autoload": {`
`6`	`6`	`"classmap": ["src/"]`
`7`	`7`	`},`