1--TEST-- 2capture_peer_cert context captures on verify failure 3--EXTENSIONS-- 4openssl 5--SKIPIF-- 6<?php 7if (!function_exists("proc_open")) die("skip no proc_open"); 8?> 9--FILE-- 10<?php 11$certFile = __DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001.pem.tmp'; 12$cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001-ca.pem.tmp'; 13 14$serverCode = <<<'CODE' 15 $serverUri = "ssl://127.0.0.1:64321"; 16 $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; 17 $serverCtx = stream_context_create(['ssl' => [ 18 'local_cert' => '%s' 19 ]]); 20 21 $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); 22 phpt_notify(); 23 24 @stream_socket_accept($server, 1); 25CODE; 26$serverCode = sprintf($serverCode, $certFile); 27 28$peerName = 'capture_peer_cert_001'; 29$clientCode = <<<'CODE' 30 $serverUri = "ssl://127.0.0.1:64321"; 31 $clientFlags = STREAM_CLIENT_CONNECT; 32 $clientCtx = stream_context_create(['ssl' => [ 33 'capture_peer_cert' => true, 34 'cafile' => '%s' 35 ]]); 36 37 phpt_wait(); 38 $client = @stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx); 39 $cert = stream_context_get_options($clientCtx)['ssl']['peer_certificate']; 40 var_dump(openssl_x509_parse($cert)['subject']['CN']); 41CODE; 42$clientCode = sprintf($clientCode, $cacertFile); 43 44include 'CertificateGenerator.inc'; 45$certificateGenerator = new CertificateGenerator(); 46$certificateGenerator->saveCaCert($cacertFile); 47$certificateGenerator->saveNewCertAsFileWithKey($peerName, $certFile); 48 49include 'ServerClientTestCase.inc'; 50ServerClientTestCase::getInstance()->run($clientCode, $serverCode); 51?> 52--CLEAN-- 53<?php 54@unlink(__DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001.pem.tmp'); 55@unlink(__DIR__ . DIRECTORY_SEPARATOR . 'capture_peer_cert_001-ca.pem.tmp'); 56?> 57--EXPECTF-- 58string(%d) "capture_peer_cert_001" 59
