From 483f5c73dfcfe9568857ac8fac6bd5e0490cb00c Mon Sep 17 00:00:00 2001 From: Ronan Giron Date: Tue, 14 Jan 2025 16:31:47 +0100 Subject: [PATCH] New context option: `HttpContext::$ssl_local_passphrase` Deprecate context option: `HttpContext::$ssl_local_cert_passphrase` Fix bad stream context option for passphrase --- CHANGELOG.md | 14 ++++++++++++++ src/Adapter/CurlAdapter.php | 2 ++ src/Adapter/StreamAdapter.php | 7 ++++--- src/HttpContext.php | 2 ++ 4 files changed, 22 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 24934d0..22ca806 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,20 @@ All notable changes to this project will be documented in this file. This projec to [Semantic Versioning] (http://semver.org/). For change log format, use [Keep a Changelog] (http://keepachangelog.com/). +## [2.2.0] - 2025-01-14 + +### Added + +- New context option: `HttpContext::$ssl_local_passphrase` + +### Deprecated + +- Context option: `HttpContext::$ssl_local_cert_passphrase` + +### Fixed + +- Bad stream context option for passphrase + ## [2.1.0] - 2024-04-19 ### Changed diff --git a/src/Adapter/CurlAdapter.php b/src/Adapter/CurlAdapter.php index bee504b..4b4a777 100644 --- a/src/Adapter/CurlAdapter.php +++ b/src/Adapter/CurlAdapter.php @@ -31,6 +31,7 @@ // Constants defined('CURL_HTTP_VERSION_2_0') || define('CURL_HTTP_VERSION_2_0', 3); +defined('CURLOPT_KEYPASSWD') || define('CURLOPT_KEYPASSWD', 10026); /** * Class CurlAdapter. @@ -270,6 +271,7 @@ protected function initCurl( $contextOptions[CURLOPT_SSLCERT] = $context->ssl_local_cert; $contextOptions[CURLOPT_SSLCERTPASSWD] = $context->ssl_local_cert_passphrase; $contextOptions[CURLOPT_SSLKEY] = $context->ssl_local_pk; + $contextOptions[CURLOPT_KEYPASSWD] = $context->ssl_local_passphrase; $curlOpts = array_replace($curlOpts, array_filter($contextOptions, fn($value) => null !== $value)); } diff --git a/src/Adapter/StreamAdapter.php b/src/Adapter/StreamAdapter.php index 67d7cd8..ac42176 100644 --- a/src/Adapter/StreamAdapter.php +++ b/src/Adapter/StreamAdapter.php @@ -118,7 +118,7 @@ protected function createContext(?HttpContext $context = null) $contextOptions['ssl']['cafile'] = $context->ssl_cafile; $contextOptions['ssl']['capath'] = $context->ssl_capath; $contextOptions['ssl']['local_cert'] = $context->ssl_local_cert; - $contextOptions['ssl']['local_cert_passphrase'] = $context->ssl_local_cert_passphrase; + $contextOptions['ssl']['passphrase'] = $context->ssl_local_passphrase ?? $context->ssl_local_cert_passphrase; $contextOptions['ssl']['local_pk'] = $context->ssl_local_pk; $contextOptions['ssl']['ciphers'] = $context->ssl_ciphers; $contextOptions['ssl'] = array_filter($contextOptions['ssl'], fn($value) => null !== $value); @@ -188,11 +188,12 @@ protected function writeRequest($fp, RequestInterface $request): void // Headers foreach ($this->getHeadersLines($request) as $headerLine) { - fwrite($fp, $headerLine . "\r\n") ?: throw new NetworkException('Unable to write request headers', $request); + fwrite($fp, $headerLine . "\r\n") ?: throw new NetworkException('Unable to write request headers', + $request); } // Separator for body - fwrite($fp, "\r\n") ?? throw new NetworkException('Unable to write request separator', $request); + fwrite($fp, "\r\n") ?? throw new NetworkException('Unable to write request separator', $request); // Write body per packets 8K by 8K $stream = $request->getBody(); diff --git a/src/HttpContext.php b/src/HttpContext.php index 2d9da2f..efbfa64 100644 --- a/src/HttpContext.php +++ b/src/HttpContext.php @@ -25,7 +25,9 @@ public function __construct( public ?string $ssl_capath = null, public ?string $ssl_local_cert = null, public ?string $ssl_local_pk = null, + /** @deprecated CURL < 7.17 */ public ?string $ssl_local_cert_passphrase = null, + public ?string $ssl_local_passphrase = null, ) { }