PHP 8.4.1 Released!

    stream_socket_enable_crypto

    (PHP 5 >= 5.1.0, PHP 7, PHP 8)

    stream_socket_enable_cryptoActive ou non le chiffrement, pour un socket déjà connecté

    Description

    stream_socket_enable_crypto(
        resource $stream,
        bool $enable,
        ?int $crypto_method = null,
        ?resource $session_stream = null
    ): int|bool

    Active ou non le chiffrement, pour un socket déjà connecté.

    Une fois les paramètres de chiffrement définis, le chiffrement peut être activé et désactivé dynamiquement en passant true ou false dans le paramètre enable.

    Liste de paramètres

    stream

    La ressource de flux.

    enable

    Active ou non le chiffrement sur le flux.

    crypto_method

    Configure le chiffrement sur le flux. Les méthodes valides sont

    Si omis, l'option de contexte crypto_method sur le contexte SSL du flux sera utilisée à la place.

    session_stream

    Initialise le flux avec la configuration issue du paramètre session_stream.

    Valeurs de retour

    Retourne true en cas de succès, false si la négociation a échoué ou 0 s'il n'y a pas assez de données et que vous devez essayer encore (uniquement pour les sockets non-bloquants).

    Historique

    Version Description
    8.0.0 session_stream est désormais nullable.

    Exemples

    Exemple #1 Exemple avec stream_socket_enable_crypto()

    <?php
    $fp     = stream_socket_client("tcp://myproto.example.com:31337", $errno, $errstr, 30);
    if (!    $fp) {
    die(    "Impossible de se connecter : $errstr ($errno)");
    }

    /* Activation du chiffrement durant l'identification */
    stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_SSLv23_CLIENT);
    fwrite($fp, "USER god\r\n");
    fwrite($fp, "PASS secret\r\n");

    /* Désactivation du chiffrement pour le reste */
    stream_socket_enable_crypto($fp, false);

    while (    $motd = fgets($fp)) {
    echo     $motd;
    }

    fclose($fp);
    ?>

    Résultat de l'exemple ci-dessus est similaire à :

    

    
    
    
   
    
  
    
 
    

 
 



        
    
      
    Improve This Page
    
      
    
         
      
    
      
    
        Learn How To Improve This PageSubmit a Pull RequestReport a Bug
      
    
    
    
 
    
  add a note
  
    User Contributed Notes 4 notes
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    3
    
    
  
    
  
  tigger (AT) tiggerswelt d0t net
    17 years ago
    
  
    

    As already mentioned above:

    stream_socket_enable_crypto is likely to fail/return zero if the socket is in non-blocking mode.

    You may either wait some seconds until all neccessary data has arrived or switch temporary to blocking mode:

    <?PHP

      stream_set_blocking     ($fd, true);
          stream_socket_enable_crypto ($fd, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
          stream_set_blocking ($fd, false);

    ?>

    This works very fine for me ;-)
    
  
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    2
    
    
  
    
  
  Anonymous
    2 years ago
    
  
    

    If you need to change a stream from unencrypted to crypted after unencrypted traffic has been processed, you use the stream-socket-recvfrom function to read instead of fread when reading the unencrypted traffic. Using fread will cause some of the buffer of the initial CLIENT HELLO message to be read into it's buffers causing the SSL handshake to fail in some situations.
    
  
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    2
    
    
  
    
  
  play dot it at play-it dot net
    1 year ago
    
  
    

    Information to the difference of `crypto_method`

    There is `STREAM_CRYPTO_METHOD_*_CLIENT` and `STREAM_CRYPTO_METHOD_*_SERVER`

    `STREAM_CRYPTO_METHOD_*_CLIENT` is used for clients, like:
    ```php
    <?php
    $client     = stream_socket_client("tcp://example.com:443", $errno, $errstr);
    stream_socket_enable_crypto($client, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);

    //...
    ?>
    ```

    This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Client HELLO`

    `STREAM_CRYPTO_METHOD_*_SERVER` is used for servers, like:
    <?php
    $server     = stream_socket_server("tcp://example.com:443", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN);
    stream_context_set_option($server, ["ssl" => [
            "local_cert" => __DIR__."/https.crt",
            "local_pk" => __DIR__."/https.key",
    ]]);

    //...

    $client = stream_socket_accept($server);
    stream_socket_enable_crypto($client, true, STREAM_CRYPTO_METHOD_TLS_SERVER);

    //...
    ?>

    This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Server HELLO` after the client send a `Client HELLO`.

    so use `STREAM_CRYPTO_METHOD_*_CLIENT` for requesting data and `STREAM_CRYPTO_METHOD_*_SERVER` for serving data, after accepting a client.
    
  
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    1
    
    
  
    
  
  Zero
    1 year ago
    
  
    

    Since PHP 7.2, TLS equates to TLS_ANY, so STREAM_CRYPTO_METHOD_TLS_CLIENT means any TLS versions.
    
  
    
 
    

    add a note
    

        
    
        


  
    

  

    







To Top