search

reactphp / socket

Async, streaming plaintext TCP/IP and secure TLS socket server and client connections for ReactPHP.
https://reactphp.org/socket/
MIT License
1.21k stars 157 forks source link

Ability to add custom ssl options of TcpConnector #222

Closed bartoszkubicki closed 4 years ago

bartoszkubicki commented 4 years ago

I use this lib as dependency of reactphp/http-client, reactphp/socket is of 1.3.0.

I work in docker local env and have container for nginx (with self-signed cert) and php. I call from php container url defined as server_name for virtual host in nginx container. I can do with no problem using curl, but with flag -k. If I want to send request using http client it calls TcpConnector and I am not able to connect due to failed handshake.

Actually I was able to omit it due to modification of file of library, but of course it is not a way to do it. After this line I have added lines: 'verify_peer' => false, 'verify_peer_name' => false

and it works, I can send requests. I hace noticed in examples that custom connector can be created, but the way that parameters are distributed among connectors prohibits parametrs to be add into $context['ssl']. Is there any way to send request to nginx with self-signed-certificate without error/pass ssl parameters into options of TcpConnector?

ghost commented 4 years ago

No, you need to pass ssl context options into the connector. You have to anyway, since the default (in PHP) is to verify the peer. So you need to overwrite the default anyway, by passing context options into the connector. And you can do that by creating a SecureConnector, passing any ssl context options to it, and passing that connector to the HttpClient. The HttpClient constructor accepts a ConnectorInterface instance as second argument.

See https://www.php.net/context for all available context options.

clue commented 4 years ago

What @CharlotteDunois said :-)

This is also covered in the react/http-client documentation:

If you need custom connector settings (DNS resolution, TLS parameters, timeouts, proxy servers etc.), you can explicitly pass a custom instance of the ConnectorInterface:

$connector = new \React\Socket\Connector($loop, array(
    'dns' => '127.0.0.1',
    'tcp' => array(
        'bindto' => '192.168.10.1:0'
    ),
    'tls' => array(
        'verify_peer' => false,
        'verify_peer_name' => false
    )
));

$client = new \React\HttpClient\Client($loop, $connector);

I believe this has been answered, so I'm closing this for now. Please come back with more details if this problem persists and we can always reopen this :+1:

bartoszkubicki commented 4 years ago

@clue from your code snippet I have tried this snippet from docs. I will debug it one more time and check if it solves problem.