1--TEST-- 2sni_server with separate pk and cert 3--EXTENSIONS-- 4openssl 5--SKIPIF-- 6<?php 7if (!function_exists("proc_open")) die("skip no proc_open"); 8?> 9--FILE-- 10<?php 11$serverCode = <<<'CODE' 12 $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; 13 $ctx = stream_context_create(['ssl' => [ 14 'local_cert' => __DIR__ . '/domain1.pem', 15 'SNI_server_certs' => [ 16 "cs.php.net" => [ 17 'local_cert' => __DIR__ . "/sni_server_cs_cert.pem", 18 'local_pk' => __DIR__ . "/sni_server_cs_key.pem" 19 ], 20 "uk.php.net" => [ 21 'local_cert' => __DIR__ . "/sni_server_uk_cert.pem", 22 'local_pk' => __DIR__ . "/sni_server_uk_key.pem" 23 ], 24 "us.php.net" => [ 25 'local_cert' => __DIR__ . "/sni_server_us_cert.pem", 26 'local_pk' => __DIR__ . "/sni_server_us_key.pem" 27 ], 28 ] 29 ]]); 30 31 $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); 32 phpt_notify(); 33 34 for ($i=0; $i < 3; $i++) { 35 @stream_socket_accept($server, 3); 36 } 37CODE; 38 39$clientCode = <<<'CODE' 40 $flags = STREAM_CLIENT_CONNECT; 41 $ctxArr = [ 42 'cafile' => __DIR__ . '/sni_server_ca.pem', 43 'capture_peer_cert' => true 44 ]; 45 46 phpt_wait(); 47 48 $ctxArr['peer_name'] = 'cs.php.net'; 49 $ctx = stream_context_create(['ssl' => $ctxArr]); 50 $client = stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); 51 $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; 52 var_dump(openssl_x509_parse($cert)['subject']['CN']); 53 54 $ctxArr['peer_name'] = 'uk.php.net'; 55 $ctx = stream_context_create(['ssl' => $ctxArr]); 56 $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); 57 $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; 58 var_dump(openssl_x509_parse($cert)['subject']['CN']); 59 60 $ctxArr['peer_name'] = 'us.php.net'; 61 $ctx = stream_context_create(['ssl' => $ctxArr]); 62 $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); 63 $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; 64 var_dump(openssl_x509_parse($cert)['subject']['CN']); 65CODE; 66 67include 'ServerClientTestCase.inc'; 68ServerClientTestCase::getInstance()->run($clientCode, $serverCode); 69?> 70--EXPECTF-- 71string(%d) "cs.php.net" 72string(%d) "uk.php.net" 73string(%d) "us.php.net" 74
