stream context for custom stream wrappers
You know on open which protocol is called, so, use your context there:
<?php
class Test_Stream {
public $context;
public function stream_open($path, $mode, $options, &$opened_path ){
var_dump(parse_url($path, PHP_URL_SCHEME));
exit;
}
}
$context = array(
'test' => array('key' => 'value'),
'otherwrapper' => array('key' =>'value')
);
$context = stream_context_create($context);
stream_wrapper_register('test', 'Test_Stream');
$fp = fopen('test://www.domain.tld/whatever', 'r', false, $context);
string(4) "test"
PHP cURL or https stream wrapper (openssl) most widely enabled
@stormbreaker
From what i understand
Code Portability : Means writing your program (code) in such a way that the same code works on different environments. You should be easy to understand , identify exceptions and maintain
Widely Enabled : Means as Having great extent or range in availability by default or supported by majority of service providers
CURL supports more features in the same lib, cleaner , multiple processing etc.
https stream wrapper
is more widely available can be very tricky depending when you move form platform to platform depending on the application
SSL wrapper stream in C
I don't know any libraries you can use but you can find plenty of samples. Most applications in C would have to do the same for their TCP code so SSL and raw socket versions don't differ too much.
For example, check out ssl_unix.c from Pine IMAP,
https://svn.cac.washington.edu/public/alpine/snapshots/imap/src/osdep/unix/
It does exactly what you are describing with OpenSSL.
Is it possible to work with FTPS under PHP using stream context?
Will this work?
Can I also use peer-validated stream contexts to open ftps streams?
Yes. The ftps stream wrapper utilizes the same SSL context options as the https wrapper and will be available as long as you have the openssl extension enabled in your PHP build. You can verify if the ftps wrapper is available by checking the output from stream_get_wrappers()
like so:
<?php
print_r(stream_get_wrappers());
If you have ext/openssl enabled in your php build you'll see ftps listed in the output alongside the other available stream wrappers.
How do I assign the SSL context options?
So I am wildly guessing
You're really close! The only thing you need to change in your code is to replace "ftps"
with "ssl"
as shown here:
<?php
$ctx = stream_context_create(['ssl' => [
'verify_peer' => true,
'cafile' => 'd:/sandbox/mycerts.pem',
'CN_match' => 'ftp-12345678.mywebhoster.com'
]]);
Regardless of whether you're using https, ftps or any other stream wrapper the context options governing SSL/TLS encryption are always stored in the "ssl"
key.
Where do I put the user/password?
Right? Wrong? User+Password as options now? And then what? User/Password now? Or later? I am clueless...
The ftp and ftps stream wrappers both expect the username and password in the URI as shown here:
<?php
$ftpPath = 'ftps://username:password@example.com';
Don't be thrown off by our specification of the user/pass in cleartext here. The stream wrapper will only send the username and password after an encrypted connection is established.
Putting it all together
The opendir()
family of functions supports the ftp wrapper (since PHP 5.0). You use these functions the same way you would with local filesystem paths:
<?php
$ctx = stream_context_create(['ssl' => [
'verify_peer' => true,
'cafile' => 'd:/sandbox/mycerts.pem',
'CN_match' => 'ftp-12345678.mywebhoster.com'
]]);
$dirHandle = opendir('ftps://username:password@example.com/', $ctx);
while (($file = readdir($dirHandle)) !== false) {
echo "filename: $file\n";
}
closedir($dirHandle);
Note on SSL/TLS name matching
If it doesn't work initially you should test without passing the additional context $ctx
containing the SSL options. The CN (common name) field of the server's certificate must match the "CN_match"
value you specify (with limited wildcard matching for subdomains). Also, prior to the forthcoming PHP-5.6 release there is no support for matching names against the Subject Alternative Name field in the remote party's certificate. Unless you're working with a development preview for 5.6 you won't have this capability (SAN matching) and the peer verification routine will fail if the server relies on SAN.
http:// wrapper is disabled in the server configuration by allow_url_fopen=0 in
You have to restart your server machine or services in order to reload php.ini file.
Related Topics
How to Set Default Value for Form Field in Symfony2
Laravel Eloquent Display Query Log
Dyld: Library Not Loaded: /Usr/Local/Lib/Libpng16.16.Dylib with Anything PHP Related
How Exactly Does If($Variable) Work
How to Get System Environment Variables into PHP While Running Cli & Apache2Handler
How to Read a List of Files from a Folder Using PHP
Run Composer with a PHP Script in Browser
PHP Case-Insensitive In_Array Function
Regular Expression to Collect Everything After the Last /
Symfony2 and Date_Default_Timezone_Get() - It Is Not Safe to Rely on the System's Timezone Settings
PHP Replacing Special Characters Like à->A, è->E
PHP Memcached Fatal Error: Class 'Memcache' Not Found
How to Convert Output of Number_Format Back to Numbers in PHP