stream_socket_enable_crypto

    (PHP 5 >= 5.1.0, PHP 7, PHP 8)

    stream_socket_enable_cryptoActiva o desactiva el cifrado para un socket ya conectado

    Descripción

    stream_socket_enable_crypto(
        resource $stream,
        bool $enable,
        ?int $crypto_method = null,
        ?resource $session_stream = null
    ): int|bool

    Activa o desactiva el cifrado para un socket ya conectado.

    Una vez definidos los parámetros de cifrado, este puede ser activado y desactivado dinámicamente pasando true o false en el argumento enable.

    Parámetros

    stream

    El recurso de flujo.

    enable

    Activa o desactiva el cifrado en el flujo.

    crypto_method

    Configura el cifrado en el flujo. Los métodos válidos son

    Si se omite, la opción de contexto crypto_method en el contexto SSL del flujo será utilizada en su lugar.

    session_stream

    Inicializa el flujo con la configuración proveniente del argumento session_stream.

    Valores devueltos

    Retorna true en caso de éxito, false si la negociación falló o 0 si no hay suficientes datos y se debe intentar nuevamente (únicamente para sockets no bloqueantes).

    Historial de cambios

    Versión Descripción
    8.0.0 session_stream ahora es nullable.

    Ejemplos

    Ejemplo #1 Ejemplo con stream_socket_enable_crypto()

    <?php
    $fp     = stream_socket_client("tcp://myproto.example.com:31337", $errno, $errstr, 30);
    if (!    $fp) {
    die(    "Imposible conectar: $errstr ($errno)");
    }

    /* Activación del cifrado durante la identificación */
    stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_SSLv23_CLIENT);
    fwrite($fp, "USER god\r\n");
    fwrite($fp, "PASS secret\r\n");

    /* Desactivación del cifrado para el resto */
    stream_socket_enable_crypto($fp, false);

    while (    $motd = fgets($fp)) {
    echo     $motd;
    }

    fclose($fp);
    ?>

    El resultado del ejemplo sería algo similar a:

    

    
    
    
   
    
  
    
 
    


 



        
    
      
    Found A Problem?
    
      
    
         
      
    
      
    
        Learn How To Improve This PageSubmit a Pull RequestReport a Bug
      
    
    
    
 
    
  add a note
  
    User Contributed Notes 4 notes
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    2
    
    
  
    
  
  Anonymous
    3 years ago
    
  
    

    If you need to change a stream from unencrypted to crypted after unencrypted traffic has been processed, you use the stream-socket-recvfrom function to read instead of fread when reading the unencrypted traffic. Using fread will cause some of the buffer of the initial CLIENT HELLO message to be read into it's buffers causing the SSL handshake to fail in some situations.
    
  
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    3
    
    
  
    
  
  tigger (AT) tiggerswelt d0t net
    18 years ago
    
  
    

    As already mentioned above:

    stream_socket_enable_crypto is likely to fail/return zero if the socket is in non-blocking mode.

    You may either wait some seconds until all neccessary data has arrived or switch temporary to blocking mode:

    <?PHP

      stream_set_blocking     ($fd, true);
          stream_socket_enable_crypto ($fd, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
          stream_set_blocking ($fd, false);

    ?>

    This works very fine for me ;-)
    
  
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    2
    
    
  
    
  
  play dot it at play-it dot net
    1 year ago
    
  
    

    Information to the difference of `crypto_method`

    There is `STREAM_CRYPTO_METHOD_*_CLIENT` and `STREAM_CRYPTO_METHOD_*_SERVER`

    `STREAM_CRYPTO_METHOD_*_CLIENT` is used for clients, like:
    ```php
    <?php
    $client     = stream_socket_client("tcp://example.com:443", $errno, $errstr);
    stream_socket_enable_crypto($client, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);

    //...
    ?>
    ```

    This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Client HELLO`

    `STREAM_CRYPTO_METHOD_*_SERVER` is used for servers, like:
    <?php
    $server     = stream_socket_server("tcp://example.com:443", $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN);
    stream_context_set_option($server, ["ssl" => [
            "local_cert" => __DIR__."/https.crt",
            "local_pk" => __DIR__."/https.key",
    ]]);

    //...

    $client = stream_socket_accept($server);
    stream_socket_enable_crypto($client, true, STREAM_CRYPTO_METHOD_TLS_SERVER);

    //...
    ?>

    This code makes a TLS Handshake and the `stream_socket_enable_crypto` sends a `Server HELLO` after the client send a `Client HELLO`.

    so use `STREAM_CRYPTO_METHOD_*_CLIENT` for requesting data and `STREAM_CRYPTO_METHOD_*_SERVER` for serving data, after accepting a client.
    
  
    
 
    
  
      
    
    
    
    up
    
    
    
    
    
    -1
    
    
  
    
  
  Zero
    1 year ago
    
  
    

    Since PHP 7.2, TLS equates to TLS_ANY, so STREAM_CRYPTO_METHOD_TLS_CLIENT means any TLS versions.
    
  
    
 
    

    add a note
    

        
    
        


  
    

  

    








To Top