Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set a default ssl.peer_name context in StreamHandler #2988

Merged
merged 2 commits into from Mar 20, 2022
Merged

Set a default ssl.peer_name context in StreamHandler #2988

merged 2 commits into from Mar 20, 2022

Commits on Mar 14, 2022

  1. Set a default ssl.peer_name context in StreamHandler 

    This is required when using the `force_ip_resolve` option with the stream
handler:

As that option will cause the StreamHandler to manually resolve the hostname
and then replace the hostname with the resolved IP address in the URI, PHP
will use that IP address by default in the SNI of the TLS handshake.

Set an explicit ssl.peer_name within the stream's context based on the hostname
in the URL to fix this.

Setting a proper SNI is independent from TLS certificate validation, thus this
value must not be dependent on the `verify` option.

A test cannot be added, due to a lack of TLS support with the current testing
infrastructure. TLS support cannot easily be added, because it would require a
separate port and also certificates that would need to be commited to the
repository. However correctness can be verified by setting `force_ip_resolve`
to `v4` and attempting to make a request to `https://www.example.com/`. It will
fail without this commit and work with.
    @TimWolla
    TimWolla committed Mar 14, 2022
    Copy the full SHA
    b17fb3c View commit details
    Browse the repository at this point in the history

  2. Add tests/Handler/Network/StreamHandlerTest.php

    @TimWolla
    TimWolla committed Mar 14, 2022
    Copy the full SHA
    35b5a09 View commit details
    Browse the repository at this point in the history