Add support for SSL in StreamClient #70
Conversation
|
@zorn-v How does SSL work without this? I think this is a much needed change to the stream client. |
|
I have couchdb 2 instance with let's encrypt certificate. First of all I tried to adopt php-on-couch - curl just not accept cert. BTW you need to set cafile on couchdb local.ini (with fullchain file) for proper curl behavior. But there was another problems... |
|
And I check with wireshark - it was SSL |
|
@zorn-v Hmm, seems like we can have both here though? You are instead getting redirected to HTTPS? Just trying to understand here. Can you test with this change and let me know if it breaks? |
|
I think |
|
But wait. My "converter" works on php5.6 |
|
Couchdb listen two different ports for http and https (5984 and 6984). I don't know erlang but basics... |
|
I know the problem here, we are using a proxy that uses HTTPs, so we need to add a port, otherwise the default port of 5984 will get added to requests, which we don't want in our particular case. This PR allows us to hit https:// without a port added. Otherwise I cannot send requests to 443. It will end up like 'http://my.server.com:443' which doesn't work too well, even if we did add the port. This PR seems to allow us to do both, and doesn't hurt any existing usage? |
|
@zorn-v right, so the thing here is that we're using another proxy between :) |
|
@zorn-v so you are sending requests to 'http://your-server:6984' ? |
|
i do not use proxy ) For couch maybe nginx. @zorn-v so you are sending requests to 'http://your-server:6984' ? |
|
Browser != library (language etc.) what you use. |
|
I use couchdb directly. Without proxy. |
I don't think that is problem. Allocate machine for couchdb is over. 80 and 443 - website.
Just make your url... |
|
The StreamClient only allows you to generate a URL like http://ololo.olo:443 |
|
And this addres not handled as SSL ? |
|
Just in case - try to set "url" property. BTW - I think you have not "admin party".... |
|
The url property gets parsed and the various components of it stored, see https://github.com/doctrine/couchdb-client/blob/master/lib/Doctrine/CouchDB/CouchDBClient.php#L77 , then it's hard coded in the requests again in the StreamClient, as mentioned above. |
|
And yes, server handles SSL correctly (AWS instances) - just seems to be that things like http://fdfdd.df:443 are contradictory and just plain wrong. |
|
With nginx as proxy (erlang sometimes starts handle ssl with errors) to couchdb this PR is needed. Sorry for prev misconception. |
|
No worries, thanks for confirming @zorn-v ! |
Allow default headers to be set for clients
Apply fixes from StyleCI
Removing the license header
damiankloip
force-pushed
the
ssl-support
branch
from
bb1f59f
to
f77a868
Compare
damiankloip
force-pushed
the
ssl-support
branch
from
f77a868
to
c0b1768
Compare
|
I think github is getting confused with this rebased on the newer master branch. @robsonvn Looks like above you merged this into your fork, then reverted, then reverted the revert nut looks like we still need this change in here? Did you have issues with it? |
|
@damiankloip sorry about the mess, I did not have any issue with this PR. I merged this PR into my fork and accidentally merged into the doctrine/master before taking to a public discussion, then I created PR #86 |
|
This repo is abandoned I think... |
|
@damiankloip let's see how #86 goes, maybe this PR still useful for the CouchDB 1.6.x branch. |
Good to know 👍 |
|
But who will be merge PRs ? |
There is a TODO in the code too. This was blocking me being able to replicate from a local Drupal site to a couch instance behind a proxy, using SSL.