stream_socket_enable_crypto

(PHP 5 >= 5.1.0, PHP 7, PHP 8)

stream_socket_enable_cryptoTurns encryption on/off on an already connected socket

说明

stream_socket_enable_crypto(
    resource $stream,
    bool $enable,
    ?int $crypto_method = null,
    ?resource $session_stream = null
): int|bool

Enable or disable encryption on the stream.

Once the crypto settings are established, cryptography can be turned on and off dynamically by passing true or false in the enable parameter.

返回值

Returns true on success, false if negotiation has failed or 0 if there isn't enough data and you should try again (only for non-blocking sockets).

更新日志

版本 说明
8.0.0 session_stream is now nullable.

示例

示例 #1 stream_socket_enable_crypto() example

<?php
$fp = stream_socket_client("tcp://myproto.example.com:31337", $errno, $errstr, 30);
if (!$fp) {
die("Unable to connect: $errstr ($errno)");
}

/* Turn on encryption for login phase */
stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_SSLv23_CLIENT);
fwrite($fp, "USER god\r\n");
fwrite($fp, "PASS secret\r\n");

/* Turn off encryption for the rest */
stream_socket_enable_crypto($fp, false);

while ($motd = fgets($fp)) {
echo $motd;
}

fclose($fp);
?>

以上示例的输出类似于:




    

   

  
 


 
 



    

      
发现了问题?

      

         
      

      

        了解如何改进此页面提交拉取请求报告一个错误
      

    

  添加备注
  
用户贡献的备注 4 notes

 

  
  

    

    up
    

    
    

    2
    

  

  
  Anonymous
3 years ago

  


If you need to change a stream from unencrypted to crypted after unencrypted traffic has been processed, you use the stream-socket-recvfrom function to read instead of fread when reading the unencrypted traffic. Using fread will cause some of the buffer of the initial CLIENT HELLO message to be read into it's buffers causing the SSL handshake to fail in some situations.

  

 

  
  

    

    up
    

    
    

    3
    

  

  
  tigger (AT) tiggerswelt d0t net
17 years ago

  


As already mentioned above:

stream_socket_enable_crypto is likely to fail/return zero if the socket is in non-blocking mode.

You may either wait some seconds until all neccessary data has arrived or switch temporary to blocking mode:

<?PHP

  stream_set_blocking ($fd, true);
stream_socket_enable_crypto ($fd, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
stream_set_blocking ($fd, false);

?>

This works very fine for me ;-)

  

 

  
  

    

    up
    

    
    

    2
    

  

  
  play dot it at play-it dot net
1 year ago

  


Information to the difference of `crypto_method`

There is `STREAM_CRYPTO_METHOD_*_CLIENT` and `STREAM_CRYPTO_METHOD_*_SERVER`

`STREAM_CRYPTO_METHOD_*_CLIENT` is used for clients, like:
```php
<?php
$client = stream_socket_client("tcp://example.com:443", $errno, $errstr);
stream_socket_enable_crypto($client, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);

//...
?>
```

This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Client HELLO`

`STREAM_CRYPTO_METHOD_*_SERVER` is used for servers, like:
<?php
$server = stream_socket_server("tcp://example.com:443", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN);
stream_context_set_option($server, ["ssl" => [
"local_cert" => __DIR__."/https.crt",
"local_pk" => __DIR__."/https.key",
]]);

//...

$client = stream_socket_accept($server);
stream_socket_enable_crypto($client, true, STREAM_CRYPTO_METHOD_TLS_SERVER);

//...
?>

This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Server HELLO` after the client send a `Client HELLO`.

so use `STREAM_CRYPTO_METHOD_*_CLIENT` for requesting data and `STREAM_CRYPTO_METHOD_*_SERVER` for serving data, after accepting a client.

  

 

  
  

    

    up
    

    
    

    0
    

  

  
  Zero
1 year ago

  


Since PHP 7.2, TLS equates to TLS_ANY, so STREAM_CRYPTO_METHOD_TLS_CLIENT means any TLS versions.

  

 


添加备注




备份地址:http://www.lvesu.com/blog/php/function.stream-socket-enable-crypto.php