1--TEST--
2capture_peer_cert context captures on verify failure
3--SKIPIF--
4<?php
5if (!extension_loaded("openssl")) die("skip openssl not loaded");
6if (!function_exists("proc_open")) die("skip no proc_open");
7?>
8--FILE--
9<?php
10$certFile = __DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001.pem.tmp';
11$cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001-ca.pem.tmp';
12
13$serverCode = <<<'CODE'
14    $serverUri = "ssl://127.0.0.1:64321";
15    $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
16    $serverCtx = stream_context_create(['ssl' => [
17        'local_cert' => '%s'
18    ]]);
19
20    $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
21    phpt_notify();
22
23    @stream_socket_accept($server, 1);
24CODE;
25$serverCode = sprintf($serverCode, $certFile);
26
27$peerName = 'capture_peer_cert_001';
28$clientCode = <<<'CODE'
29    $serverUri = "ssl://127.0.0.1:64321";
30    $clientFlags = STREAM_CLIENT_CONNECT;
31    $clientCtx = stream_context_create(['ssl' => [
32        'capture_peer_cert' => true,
33        'cafile' => '%s'
34    ]]);
35
36    phpt_wait();
37    $client = @stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx);
38    $cert = stream_context_get_options($clientCtx)['ssl']['peer_certificate'];
39    var_dump(openssl_x509_parse($cert)['subject']['CN']);
40CODE;
41$clientCode = sprintf($clientCode, $cacertFile);
42
43include 'CertificateGenerator.inc';
44$certificateGenerator = new CertificateGenerator();
45$certificateGenerator->saveCaCert($cacertFile);
46$certificateGenerator->saveNewCertAsFileWithKey($peerName, $certFile);
47
48include 'ServerClientTestCase.inc';
49ServerClientTestCase::getInstance()->run($clientCode, $serverCode);
50?>
51--CLEAN--
52<?php
53@unlink(__DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001.pem.tmp');
54@unlink(__DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001-ca.pem.tmp');
55?>
56--EXPECTF--
57string(%d) "capture_peer_cert_001"
58