New context option: HttpContext::$ssl_local_passphrase

Deprecate context option: `HttpContext::$ssl_local_cert_passphrase` Fix bad stream context option for passphrase
BerliozFramework · Jan 14, 2025 · 483f5c7 · 483f5c7
1 parent 0df09f5
commit 483f5c7
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,20 @@ All notable changes to this project will be documented in this file. This projec
 to [Semantic Versioning] (http://semver.org/). For change log format,
 use [Keep a Changelog] (http://keepachangelog.com/).
 
+## [2.2.0] - 2025-01-14
+
+### Added
+
+- New context option: `HttpContext::$ssl_local_passphrase`
+
+### Deprecated
+
+- Context option: `HttpContext::$ssl_local_cert_passphrase`
+
+### Fixed
+
+- Bad stream context option for passphrase
+
 ## [2.1.0] - 2024-04-19
 
 ### Changed

diff --git a/src/Adapter/CurlAdapter.php b/src/Adapter/CurlAdapter.php
@@ -31,6 +31,7 @@
 
 // Constants
 defined('CURL_HTTP_VERSION_2_0') || define('CURL_HTTP_VERSION_2_0', 3);
+defined('CURLOPT_KEYPASSWD') || define('CURLOPT_KEYPASSWD', 10026);
 
 /**
  * Class CurlAdapter.
@@ -270,6 +271,7 @@ protected function initCurl(
             $contextOptions[CURLOPT_SSLCERT] = $context->ssl_local_cert;
             $contextOptions[CURLOPT_SSLCERTPASSWD] = $context->ssl_local_cert_passphrase;
             $contextOptions[CURLOPT_SSLKEY] = $context->ssl_local_pk;
+            $contextOptions[CURLOPT_KEYPASSWD] = $context->ssl_local_passphrase;
 
             $curlOpts = array_replace($curlOpts, array_filter($contextOptions, fn($value) => null !== $value));
         }

diff --git a/src/Adapter/StreamAdapter.php b/src/Adapter/StreamAdapter.php
@@ -118,7 +118,7 @@ protected function createContext(?HttpContext $context = null)
             $contextOptions['ssl']['cafile'] = $context->ssl_cafile;
             $contextOptions['ssl']['capath'] = $context->ssl_capath;
             $contextOptions['ssl']['local_cert'] = $context->ssl_local_cert;
-            $contextOptions['ssl']['local_cert_passphrase'] = $context->ssl_local_cert_passphrase;
+            $contextOptions['ssl']['passphrase'] = $context->ssl_local_passphrase ?? $context->ssl_local_cert_passphrase;
             $contextOptions['ssl']['local_pk'] = $context->ssl_local_pk;
             $contextOptions['ssl']['ciphers'] = $context->ssl_ciphers;
             $contextOptions['ssl'] = array_filter($contextOptions['ssl'], fn($value) => null !== $value);
@@ -188,11 +188,12 @@ protected function writeRequest($fp, RequestInterface $request): void
 
         // Headers
         foreach ($this->getHeadersLines($request) as $headerLine) {
-            fwrite($fp, $headerLine . "\r\n") ?: throw new NetworkException('Unable to write request headers', $request);
+            fwrite($fp, $headerLine . "\r\n") ?: throw new NetworkException('Unable to write request headers',
+                $request);
         }
 
         // Separator for body
-        fwrite($fp, "\r\n") ?? throw new NetworkException('Unable to write request separator', $request);
+            fwrite($fp, "\r\n") ?? throw new NetworkException('Unable to write request separator', $request);
 
         // Write body per packets 8K by 8K
         $stream = $request->getBody();

diff --git a/src/HttpContext.php b/src/HttpContext.php
@@ -25,7 +25,9 @@ public function __construct(
         public ?string $ssl_capath = null,
         public ?string $ssl_local_cert = null,
         public ?string $ssl_local_pk = null,
+        /** @deprecated CURL < 7.17 */
         public ?string $ssl_local_cert_passphrase = null,
+        public ?string $ssl_local_passphrase = null,
     ) {
     }