xref: /PHP-7.0/ext/openssl/tests/sni_server.phpt (revision 8cfaea65) 
1--TEST--
2sni_server
3--SKIPIF--
4<?php
5if (!extension_loaded("openssl")) die("skip openssl not loaded");
6if (OPENSSL_VERSION_NUMBER >= 0x10100000) die("skip OpenSSL < v1.1.0 required");
7--FILE--
8<?php
9$serverCode = <<<'CODE'
10    $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
11    $ctx = stream_context_create(['ssl' => [
12        'local_cert' => __DIR__ . '/domain1.pem',
13        'SNI_server_certs' => [
14            "domain1.com" => __DIR__ . "/sni_server_domain1.pem",
15            "domain2.com" => __DIR__ . "/sni_server_domain2.pem",
16            "domain3.com" => __DIR__ . "/sni_server_domain3.pem"
17        ]
18    ]]);
19
20    $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
21    phpt_notify();
22
23    for ($i=0; $i < 3; $i++) {
24        @stream_socket_accept($server, 3);
25    }
26CODE;
27
28$clientCode = <<<'CODE'
29    $flags = STREAM_CLIENT_CONNECT;
30    $ctxArr = [
31        'cafile' => __DIR__ . '/sni_server_ca.pem',
32        'capture_peer_cert' => true
33    ];
34
35    phpt_wait();
36
37    $ctxArr['peer_name'] = 'domain1.com';
38    $ctx = stream_context_create(['ssl' => $ctxArr]);
39    $client = stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx);
40    $cert = stream_context_get_options($ctx)['ssl']['peer_certificate'];
41    var_dump(openssl_x509_parse($cert)['subject']['CN']);
42
43    $ctxArr['peer_name'] = 'domain2.com';
44    $ctx = stream_context_create(['ssl' => $ctxArr]);
45    $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx);
46    $cert = stream_context_get_options($ctx)['ssl']['peer_certificate'];
47    var_dump(openssl_x509_parse($cert)['subject']['CN']);
48
49    $ctxArr['peer_name'] = 'domain3.com';
50    $ctx = stream_context_create(['ssl' => $ctxArr]);
51    $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx);
52    $cert = stream_context_get_options($ctx)['ssl']['peer_certificate'];
53    var_dump(openssl_x509_parse($cert)['subject']['CN']);
54CODE;
55
56include 'ServerClientTestCase.inc';
57ServerClientTestCase::getInstance()->run($clientCode, $serverCode);
58--EXPECTF--
59string(%d) "domain1.com"
60string(%d) "domain2.com"
61string(%d) "domain3.com"
62