1--TEST-- 2sni_server with separate pk and cert 3--SKIPIF-- 4<?php 5if (!extension_loaded("openssl")) die("skip openssl not loaded"); 6if (!function_exists("proc_open")) die("skip no proc_open"); 7?> 8--FILE-- 9<?php 10$serverCode = <<<'CODE' 11 $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN; 12 $ctx = stream_context_create(['ssl' => [ 13 'local_cert' => __DIR__ . '/domain1.pem', 14 'SNI_server_certs' => [ 15 "cs.php.net" => [ 16 'local_cert' => __DIR__ . "/sni_server_cs_cert.pem", 17 'local_pk' => __DIR__ . "/sni_server_cs_key.pem" 18 ], 19 "uk.php.net" => [ 20 'local_cert' => __DIR__ . "/sni_server_uk_cert.pem", 21 'local_pk' => __DIR__ . "/sni_server_uk_key.pem" 22 ], 23 "us.php.net" => [ 24 'local_cert' => __DIR__ . "/sni_server_us_cert.pem", 25 'local_pk' => __DIR__ . "/sni_server_us_key.pem" 26 ], 27 ] 28 ]]); 29 30 $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx); 31 phpt_notify(); 32 33 for ($i=0; $i < 3; $i++) { 34 @stream_socket_accept($server, 3); 35 } 36CODE; 37 38$clientCode = <<<'CODE' 39 $flags = STREAM_CLIENT_CONNECT; 40 $ctxArr = [ 41 'cafile' => __DIR__ . '/sni_server_ca.pem', 42 'capture_peer_cert' => true 43 ]; 44 45 phpt_wait(); 46 47 $ctxArr['peer_name'] = 'cs.php.net'; 48 $ctx = stream_context_create(['ssl' => $ctxArr]); 49 $client = stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); 50 $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; 51 var_dump(openssl_x509_parse($cert)['subject']['CN']); 52 53 $ctxArr['peer_name'] = 'uk.php.net'; 54 $ctx = stream_context_create(['ssl' => $ctxArr]); 55 $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); 56 $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; 57 var_dump(openssl_x509_parse($cert)['subject']['CN']); 58 59 $ctxArr['peer_name'] = 'us.php.net'; 60 $ctx = stream_context_create(['ssl' => $ctxArr]); 61 $client = @stream_socket_client("tls://127.0.0.1:64321", $errno, $errstr, 1, $flags, $ctx); 62 $cert = stream_context_get_options($ctx)['ssl']['peer_certificate']; 63 var_dump(openssl_x509_parse($cert)['subject']['CN']); 64CODE; 65 66include 'ServerClientTestCase.inc'; 67ServerClientTestCase::getInstance()->run($clientCode, $serverCode); 68?> 69--EXPECTF-- 70string(%d) "cs.php.net" 71string(%d) "uk.php.net" 72string(%d) "us.php.net" 73
