Skip to content

adding Context to CakeSocket #334

Closed
wants to merge 5 commits into from
View
21 lib/Cake/Network/CakeSocket.php
@@ -104,12 +104,17 @@ public function connect() {
$scheme = 'ssl://';
}
- if ($this->config['persistent'] == true) {
- $this->connection = @pfsockopen($scheme.$this->config['host'], $this->config['port'], $errNum, $errStr, $this->config['timeout']);
+ if (!empty($this->config['request']['context'])){
+ $mycontext = stream_context_create($this->config['request']['context']);
} else {
- $this->connection = @fsockopen($scheme.$this->config['host'], $this->config['port'], $errNum, $errStr, $this->config['timeout']);
+ $mycontext = stream_context_create();
}
+ if ($this->config['persistent'] == true) {
+ $this->connection = @stream_socket_client($scheme.$this->config['host'].':'. $this->config['port'], &$errNum, &$errStr, $this->config['timeout'], STREAM_CLIENT_PERSISTENT, $mycontext);
+ } else {
+ $this->connection = @stream_socket_client($scheme.$this->config['host'].':'. $this->config['port'], &$errNum, &$errStr, $this->config['timeout'], STREAM_CLIENT_CONNECT, $mycontext);
+ }
if (!empty($errNum) || !empty($errStr)) {
$this->setLastError($errNum, $errStr);
throw new SocketException($errStr, $errNum);
@@ -228,6 +233,16 @@ public function read($length = 1024) {
}
return false;
}
+/**
+ * get Connection Context.
+ *
+ * @return context Array
+ */
+ public function getContext(){
+ return stream_context_get_options($this->connection);
+ }
+
+
/**
* Disconnect the socket from the current connection.
View
23 lib/Cake/Network/Http/HttpResponse.php
@@ -53,6 +53,13 @@ class HttpResponse implements ArrayAccess {
public $httpVersion = 'HTTP/1.1';
/**
+ * context
+ *
+ * @var array
+ */
+ public $context = array();
+
+/**
* Response code
*
* @var integer
@@ -419,6 +426,22 @@ public function offsetGet($offset) {
return null;
}
+ public function setContext($context){
+ if (get_resource_type($context) === "OpenSSL X.509" && function_exists(openssl_x509_export)){
+ if (!isset($context)){
@markstory
CakePHP member
markstory added a note Feb 22, 2012

Missing braces.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ return false;
+ }
+ openssl_x509_export($context, &$certstring);
+ $certstring = str_replace('-----BEGIN CERTIFICATE-----', '', $certstring);
+ $certstring = str_replace('-----END CERTIFICATE-----', '', $certstring);
+ $this->context = openssl_x509_parse($context);
+ $this->context['fingerprint']['sha1'] = strtoupper(sha1($certstring));
+ $this->context['fingerprint']['md5'] = strtoupper(md5($certstring));
+ } else {
+ return false;
+ }
+ }
+
/**
* ArrayAccess - 0ffset Set
*
View
58 lib/Cake/Network/Http/HttpSocket.php
@@ -64,7 +64,8 @@ class HttpSocket extends CakeSocket {
),
'raw' => null,
'redirect' => false,
- 'cookies' => array()
+ 'cookies' => array(),
+ 'context' => array()
);
/**
@@ -99,7 +100,8 @@ class HttpSocket extends CakeSocket {
'port' => 80
),
'redirect' => false,
- 'cookies' => array()
+ 'cookies' => array(),
+ 'context' => array()
)
);
@@ -325,6 +327,8 @@ public function request($request = array()) {
return false;
}
+ $this->_configContext($this->request['context']);
+
$this->request['raw'] = '';
if ($this->request['line'] !== false) {
$this->request['raw'] = $this->request['line'];
@@ -362,17 +366,27 @@ public function request($request = array()) {
}
}
+ if (isset($this->request['context'])){
+ $context = $this->getContext();
+ }
+
+
if ($connectionType === 'close') {
$this->disconnect();
}
+
list($plugin, $responseClass) = pluginSplit($this->responseClass, true);
App::uses($this->responseClass, $plugin . 'Network/Http');
if (!class_exists($responseClass)) {
throw new SocketException(__d('cake_dev', 'Class %s not found.', $this->responseClass));
}
$responseClass = $this->responseClass;
$this->response = new $responseClass($response);
+
+ if (!empty($context) && isset($context['ssl']['peer_certificate'])){
@markstory
CakePHP member
markstory added a note Feb 22, 2012

Missing braces.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ $this->response->setContext($context['ssl']['peer_certificate']);
+ }
if (!empty($this->response->cookies)) {
if (!isset($this->config['request']['cookies'][$Host])) {
$this->config['request']['cookies'][$Host] = array();
@@ -719,6 +733,46 @@ protected function _parseUri($uri = null, $base = array()) {
}
/**
+ * Sets context-parameter
+ *
+ * @param array $context Context, See http://www.php.net/manual/de/context.php
+ * @access protected
+ */
+ private function _configContext($context = null){
+ if ($this->config['request']['uri']['scheme'] == 'https'){
+ $this->config['request']['context']['ssl'] = array(
+ 'capture_peer_cert' => true,
+ );
+ }
+ if ($context !== null && is_array($context) &&!empty($context)){
+ $this->config['request']['context'] = set::merge($this->config['request']['context'], $context);
+ }
+ }
+
+/**
+ * checking Fingerprint and setting Fingerprint to contextarray.
+ *
+ * @param string fingerprint fingerprint the certificate should have
+ * return bool
+ * @access protected
+ */
+
+
+ public function checkFingerprint($fingerprint){
+ if (!isset($this->request['context']['ssl']['peer_certificate'])){
@markstory
CakePHP member
markstory added a note Feb 22, 2012

Missing braces.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
+ return false;
+ }
+ openssl_x509_export($this->request['context']['ssl']['peer_certificate'], &$certstring);
+ $certstring = str_replace('-----BEGIN CERTIFICATE-----', '', $certstring);
+ $certstring = str_replace('-----END CERTIFICATE-----', '', $certstring);
+ $certstring = base64_decode($certstring);
+ $this->request['context']['ssl']['fingerprint']['sha1'] = strtoupper(sha1($certstring));
+ return trim($fingerprint) == $request['context']['ssl']['fingerprint']['sha1'];
+ }
+
+
+
+/**
* This function can be thought of as a reverse to PHP5's http_build_query(). It takes a given query string and turns it into an array and
* supports nesting by using the php bracket syntax. So this menas you can parse queries like:
*
Something went wrong with that request. Please try again.