Dominique.Fournier/DomFramework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

tcpclient: test correctely the certificate of the server by setting correctely the name of the peer

Browse Source 
git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@4017 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
This commit is contained in:
Dominique Fournier
2018-01-05 11:17:10 +00:00
parent 65bae90ec1
commit db55ec03b4
2 changed files with 5 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Tests/tcpclientTest.php
View File

@@ -44,7 +44,7 @@ class test_tcpclient extends PHPUnit_Framework_TestCase
$tcpclient->send ("GET / HTTP/1.1\r\n". $tcpclient->send ("GET / HTTP/1.1\r\n".
"Host: www.google.fr\r\n". "Host: www.google.fr\r\n".
"User-Agent: DomFramework\r\n". "User-Agent: DomFramework\r\n".
"Accept: */*\r\n". "Accept: *"."/*\r\n".
"\r\n"); "\r\n");
$res = ""; $res = "";
while (($read = $tcpclient->read ()) !== "") while (($read = $tcpclient->read ()) !== "")
@@ -61,7 +61,7 @@ class test_tcpclient extends PHPUnit_Framework_TestCase
$tcpclient->send ("GET / HTTP/1.1\r\n". $tcpclient->send ("GET / HTTP/1.1\r\n".
"Host: www.google.fr\r\n". "Host: www.google.fr\r\n".
"User-Agent: DomFramework\r\n". "User-Agent: DomFramework\r\n".
"Accept: */*\r\n". "Accept: *"."/*\r\n".
"\r\n"); "\r\n");
$res = ""; $res = "";
while (($read = $tcpclient->read ()) !== "") while (($read = $tcpclient->read ()) !== "")

9
tcpclient.php
View File

@@ -46,6 +46,7 @@ class tcpclient
*/ */
public function __construct ($ipOrName, $port) public function __construct ($ipOrName, $port)
{ {
$providedIpOrName = $ipOrName;
if (filter_var ($ipOrName, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) if (filter_var ($ipOrName, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
$this->ipv4 = array ($ipOrName); $this->ipv4 = array ($ipOrName);
elseif (filter_var ($ipOrName, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) elseif (filter_var ($ipOrName, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
@@ -78,7 +79,7 @@ class tcpclient
if ($port < 0 || $port > 65535) if ($port < 0 || $port > 65535)
throw new \Exception ("Invalid port provided to connection to server", throw new \Exception ("Invalid port provided to connection to server",
500); 500);
$this->ipOrName = $ipOrName; $this->ipOrName = $providedIpOrName;
$this->port = $port; $this->port = $port;
shuffle ($this->ipv6); shuffle ($this->ipv6);
shuffle ($this->ipv4); shuffle ($this->ipv4);
@@ -153,11 +154,7 @@ class tcpclient
// the certificate of the server by the name // the certificate of the server by the name
$options = array ("ssl" => array ( $options = array ("ssl" => array (
"peer_name" => $this->ipOrName, "peer_name" => $this->ipOrName,
// PHP doesn't supports *.google.com, so I need to disable the peer name "verify_peer_name" => true,
// verification. Error is :
// Peer certificate CN=`*.google.com' did not match expected
// CN=`ipv6.l.google.com'
"verify_peer_name" => false,
"SNI_enabled" => true, "SNI_enabled" => true,
)); ));
stream_set_blocking ($this->socket, true); stream_set_blocking ($this->socket, true);