diff --git a/pkg/amqp-lib/AmqpConnectionFactory.php b/pkg/amqp-lib/AmqpConnectionFactory.php index de9de0318..f79295352 100644 --- a/pkg/amqp-lib/AmqpConnectionFactory.php +++ b/pkg/amqp-lib/AmqpConnectionFactory.php @@ -87,19 +87,22 @@ private function establishConnection() if (false == $this->connection) { if ($this->config->getOption('stream')) { if ($this->config->isSslOn()) { + $sslOptions = array_filter([ + 'cafile' => $this->config->getSslCaCert(), + 'local_cert' => $this->config->getSslCert(), + 'local_pk' => $this->config->getSslKey(), + 'verify_peer' => $this->config->isSslVerify(), + 'verify_peer_name' => $this->config->isSslVerify(), + 'passphrase' => $this->getConfig()->getSslPassPhrase(), + ], function ($value) { return '' !== $value; }); + $con = new AMQPSSLConnection( $this->config->getHost(), $this->config->getPort(), $this->config->getUser(), $this->config->getPass(), $this->config->getVHost(), - [ - 'cafile' => $this->config->getSslCaCert(), - 'local_cert' => $this->config->getSslCert(), - 'local_pk' => $this->config->getSslKey(), - 'verify_peer' => $this->config->isSslVerify(), - 'verify_peer_name' => $this->config->isSslVerify(), - ], + $sslOptions, [ 'insist' => $this->config->getOption('insist'), 'login_method' => $this->config->getOption('login_method'), diff --git a/pkg/amqp-tools/ConnectionConfig.php b/pkg/amqp-tools/ConnectionConfig.php index 7fb834011..d4deb1620 100644 --- a/pkg/amqp-tools/ConnectionConfig.php +++ b/pkg/amqp-tools/ConnectionConfig.php @@ -25,6 +25,7 @@ * ssl_cacert - Location of Certificate Authority file on local filesystem which should be used with the verify_peer context option to authenticate the identity of the remote peer. A string. * ssl_cert - Path to local certificate file on filesystem. It must be a PEM encoded file which contains your certificate and private key. A string * ssl_key - Path to local private key file on filesystem in case of separate files for certificate (local_cert) and private key. A string. + * ssl_passphrase - Passphrase with which your local_cert file was encoded. A string * * 2. null - in this case it tries to connect to localhost with default settings * 3. amqp: same as 2. @@ -81,9 +82,10 @@ public function __construct($config = null) 'qos_prefetch_count' => 1, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ]; $this->addSupportedScheme('amqp'); @@ -158,6 +160,7 @@ public function parse() $config['ssl_cacert'] = (string) $config['ssl_cacert']; $config['ssl_cert'] = (string) $config['ssl_cert']; $config['ssl_key'] = (string) $config['ssl_key']; + $config['ssl_passphrase'] = (string) $config['ssl_passphrase']; $this->config = $config; @@ -293,7 +296,7 @@ public function isSslVerify() } /** - * @return bool + * @return string */ public function getSslCaCert() { @@ -301,7 +304,7 @@ public function getSslCaCert() } /** - * @return bool + * @return string */ public function getSslCert() { @@ -309,18 +312,26 @@ public function getSslCert() } /** - * @return bool + * @return string */ public function getSslKey() { return $this->getOption('ssl_key'); } + /** + * @return string + */ + public function getSslPassPhrase() + { + return $this->getOption('ssl_passphrase'); + } + /** * @param string $name * @param mixed $default * - * @return bool + * @return mixed */ public function getOption($name, $default = null) { diff --git a/pkg/amqp-tools/Tests/ConnectionConfigTest.php b/pkg/amqp-tools/Tests/ConnectionConfigTest.php index 92b8a4ad4..6fba106ed 100644 --- a/pkg/amqp-tools/Tests/ConnectionConfigTest.php +++ b/pkg/amqp-tools/Tests/ConnectionConfigTest.php @@ -72,9 +72,10 @@ public function testShouldParseEmptyDsnWithDriverSet() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], $config->getConfig()); } @@ -102,9 +103,10 @@ public function testShouldParseCustomDsnWithDriverSet() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], $config->getConfig()); } @@ -143,9 +145,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -168,9 +171,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -193,9 +197,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -218,9 +223,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => true, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -243,9 +249,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -268,9 +275,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -293,9 +301,10 @@ public static function provideConfigs() 'heartbeat' => 23.3, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -318,9 +327,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -343,9 +353,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -368,9 +379,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -393,9 +405,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -418,9 +431,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -449,9 +463,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => false, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; @@ -477,9 +492,10 @@ public static function provideConfigs() 'heartbeat' => 0.0, 'ssl_on' => true, 'ssl_verify' => true, - 'ssl_cacert' => null, - 'ssl_cert' => null, - 'ssl_key' => null, + 'ssl_cacert' => '', + 'ssl_cert' => '', + 'ssl_key' => '', + 'ssl_passphrase' => '', ], ]; }