Wordpress update operation timed out after 5000 milliseconds

Question

I'm having an issue upgrading Wordpress, and my googling isn't uncovering a solution. Hopefully you lot can lend a hand.

Issue

I'm trying to update a site running Wordpress 3.7 to Wordpress 3.8.1 but it's throwing the below error upon pushing the "Update Now" button.

Downloading update from https://wordpress.org/wordpress-3.8.1-new-bundled.zip…

Download failed.: Operation timed out after 5001 milliseconds with 736947 out of 6333109 bytes received

Installation Failed

Extra info

• This is happening on my local MAMP development environment as the server doesn't have permission to do a live upgrade. I was hoping to run the upgrade, commit code changes and then push to server for testing.
• The zip file downloads fine when hitting "Download 3.8.1"
• Another, possibly related, issue is occurring on Plugins > Add New > Popular which also throws an error:

An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the support forums.

Try again

Answer 1

After getting my hands dirty investigating in the Wordpress source, I was able trace the issue to a destructive filter in a plugin called "More Fields". I have disabled and uninstalled the plugin and the upgrades all work again.

Details for those curious

I tracked it down to this line in WP_Http_Curl::request()

curl_setopt( $handle, CURLOPT_CONNECTTIMEOUT, $timeout );

The function's default timeout is 5, however WP_Upgrader::upgrade() actually calls the function via a download_package function passing in a 300 seconds timeout.

The culprit here was the plugin "More Fields" which included the following filter which broke the arguments array and therefore reset the default timeout:

// Prevent auto update to this custom plugin
add_filter( 'http_request_args', 'prevent_update_check', 10, 2 );

function prevent_update_check( $r, $url ) {
    if ( 0 === strpos( $url, 'http://api.wordpress.org/plugins/update-check/' ) ) {
        $my_plugin = plugin_basename( __FILE__ );
        $plugins = unserialize( $r['body']['plugins'] );
        unset( $plugins->plugins[$my_plugin] );
        unset( $plugins->active[array_search( $my_plugin, $plugins->active )] );
        $r['body']['plugins'] = serialize( $plugins );
    }
    return $r;
}

Not sure if it is intentionally malicious. It looks like a targeted filter, but in the WP_Upgrader all the args are lost.