Skip to content
This repository has been archived by the owner on Jan 30, 2020. It is now read-only.

Commit

Permalink
Merge branch 'master' of git://github.com/zendframework/zf2 into hotf…
Browse files Browse the repository at this point in the history
…ix/validator-db-abstractdb-tableIdentifier
  • Loading branch information
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 5 deletions.
24 changes: 19 additions & 5 deletions src/Client/Adapter/Socket.php
Original file line number Diff line number Diff line change
Expand Up @@ -53,11 +53,13 @@ class Socket implements HttpAdapter, StreamInterface
* @var array
*/
protected $config = array(
'persistent' => false,
'ssltransport' => 'ssl',
'sslcert' => null,
'sslpassphrase' => null,
'sslusecontext' => false
'persistent' => false,
'ssltransport' => 'ssl',
'sslcert' => null,
'sslpassphrase' => null,
'sslverifypeer' => true,
'sslallowselfsigned' => false,
'sslusecontext' => false
);

/**
Expand Down Expand Up @@ -182,6 +184,18 @@ public function connect($host, $port = 80, $secure = false)
if (! is_resource($this->socket) || ! $this->config['keepalive']) {
$context = $this->getStreamContext();
if ($secure || $this->config['sslusecontext']) {
if ($this->config['sslverifypeer'] !== null) {
if (! stream_context_set_option($context, 'ssl', 'verify_peer',
$this->config['sslverifypeer'])) {
throw new AdapterException\RuntimeException('Unable to set sslverifypeer option');
}
if ($this->config['sslallowselfsigned'] !== null) {
if (! stream_context_set_option($context, 'ssl', 'allow_self_signed',
$this->config['sslallowselfsigned'])) {
throw new AdapterException\RuntimeException('Unable to set sslallowselfsigned option');
}
}
}
if ($this->config['sslcert'] !== null) {
if (! stream_context_set_option($context, 'ssl', 'local_cert',
$this->config['sslcert'])) {
Expand Down
23 changes: 23 additions & 0 deletions test/Client/SocketTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,29 @@ public function testConfigSetAsArray()
}
}

public function testDefaultConfig()
{
$config = $this->_adapter->getConfig();
$this->assertEquals(TRUE, $config['sslverifypeer']);
$this->assertEquals(FALSE, $config['sslallowselfsigned']);
}

public function testConnectingViaSslEnforcesDefaultSslOptionsOnContext()
{
$config = array('timeout' => 30);
$this->_adapter->setOptions($config);
try {
$this->_adapter->connect('localhost', 443, true);
} catch (\Zend\Http\Client\Adapter\Exception\RuntimeException $e) {
// Test is designed to allow connect failure because we're interested
// only in the stream context state created within that method.
}
$context = $this->_adapter->getStreamContext();
$options = stream_context_get_options($context);
$this->assertTrue($options['ssl']['verify_peer']);
$this->assertFalse($options['ssl']['allow_self_signed']);
}

/**
* Test that a Zend_Config object can be used to set configuration
*
Expand Down

0 comments on commit 7dec05c

Please sign in to comment.