stream_socket_enable_crypto

(PHP 5 >= 5.1.0)

stream_socket_enable_crypto — Turns encryption on/off on an already connected socket

Description

mixed stream_socket_enable_crypto ( resource $stream , bool $enable [, int $crypto_type [, resource $session_stream ]] )

When called with the crypto_type parameter, stream_socket_enable_crypto() will setup encryption on the stream using the specified method.

Valid values for crypto_type

  • STREAM_CRYPTO_METHOD_SSLv2_CLIENT
  • STREAM_CRYPTO_METHOD_SSLv3_CLIENT
  • STREAM_CRYPTO_METHOD_SSLv23_CLIENT
  • STREAM_CRYPTO_METHOD_TLS_CLIENT
  • STREAM_CRYPTO_METHOD_SSLv2_SERVER
  • STREAM_CRYPTO_METHOD_SSLv3_SERVER
  • STREAM_CRYPTO_METHOD_SSLv23_SERVER
  • STREAM_CRYPTO_METHOD_TLS_SERVER

Once the crypto settings are established, cryptography can be turned on and off dynamically by passing TRUE or FALSE in the enable parameter.

If this stream should be seeded with settings from an already established crypto enabled stream, pass that stream's resource variable in the fourth parameter.

Returns TRUE on success, FALSE if negotiation has failed or 0 if there isn't enough data and you should try again (only for non-blocking sockets).

Пример #1 stream_socket_enable_crypto() Example

<?php
$fp 
stream_socket_client("tcp://myproto.example.com:31337"$errno$errstr30);
if (!
$fp) {
  die(
"Unable to connect: $errstr ($errno)");
}
/* Turn on encryption for login phase */
stream_socket_enable_crypto($fptrueSTREAM_CRYPTO_METHOD_SSLv23_CLIENT);
fwrite($fp"USER god\r\n");
fwrite($fp"PASS secret\r\n");
/* Turn off encryption for the rest */
stream_socket_enable_crypto($fpfalse);
while (
$motd fgets($fp)) {
  echo 
$motd;
}
fclose($fp);
?>

OpenSSL Функции, and Список поддерживаемых транспортных протоколов

Коментарии

As already mentioned above:

stream_socket_enable_crypto is likely to fail/return zero if the socket is in non-blocking mode.

You may either wait some seconds until all neccessary data has arrived or switch temporary to blocking mode:

<?PHP

  stream_set_blocking 
($fdtrue);
 
stream_socket_enable_crypto ($fdtrueSTREAM_CRYPTO_METHOD_TLS_CLIENT);
 
stream_set_blocking ($fdfalse);

?>

This works very fine for me ;-)
2007-05-30 06:15:55
http://php5.kiev.ua/manual/ru/function.stream-socket-enable-crypto.html
Автор:
If you need to change a stream from unencrypted to crypted after unencrypted traffic has been processed, you use the stream-socket-recvfrom function to read instead of fread when reading the unencrypted traffic. Using fread will cause some of the buffer of the initial CLIENT HELLO message to be read into it's buffers causing the SSL handshake to fail in some situations.
2022-01-13 19:20:46
http://php5.kiev.ua/manual/ru/function.stream-socket-enable-crypto.html
Автор:
Since PHP 7.2, TLS equates to TLS_ANY, so STREAM_CRYPTO_METHOD_TLS_CLIENT means any TLS versions.
2023-10-04 13:53:23
http://php5.kiev.ua/manual/ru/function.stream-socket-enable-crypto.html
Information to the difference of `crypto_method`

There is `STREAM_CRYPTO_METHOD_*_CLIENT` and `STREAM_CRYPTO_METHOD_*_SERVER`

`STREAM_CRYPTO_METHOD_*_CLIENT` is used for clients, like:
```php
<?php
$client 
stream_socket_client("tcp://example.com:443"$errno$errstr);
stream_socket_enable_crypto($clienttrueSTREAM_CRYPTO_METHOD_TLS_CLIENT);

//...
?>
```

This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Client HELLO`

`STREAM_CRYPTO_METHOD_*_SERVER` is used for servers, like:
<?php
$server 
stream_socket_server("tcp://example.com:443"$errno$errstrSTREAM_SERVER_BIND STREAM_SERVER_LISTEN);
stream_context_set_option($server, ["ssl" => [
   
"local_cert" => __DIR__."/https.crt",
   
"local_pk" => __DIR__."/https.key",
]]);

//...

$client stream_socket_accept($server);
stream_socket_enable_crypto($clienttrueSTREAM_CRYPTO_METHOD_TLS_SERVER);

//...
?>

This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Server HELLO` after the client send a `Client HELLO`.

so use `STREAM_CRYPTO_METHOD_*_CLIENT` for requesting data and `STREAM_CRYPTO_METHOD_*_SERVER` for serving data, after accepting a client.
2023-11-04 13:44:58
http://php5.kiev.ua/manual/ru/function.stream-socket-enable-crypto.html

    Поддержать сайт на родительском проекте КГБ