Sounds great, and sounds like it should be part of ext/openssl and it's
up-coming stream implementation (most of the code is in main/network.c
ATM).
I'd really appreciate your input on making most of your work use the new
streams architecture. (which really means that most of those calls will
go away and be replaced with "generic" stream calls and context
settings).
I want to create a "stream server" API for hosting sockets etc. using
the familar fread(), fwrite() family of functions, which will
incorporate aspects of ext/sockets and add optional openssl support
(which can be toggled at runtime for things such as "starttls" based
protocols).
If you're not interested in streams at this time, I'd be "-0" on adding
your extension to our CVS, meaning that I think the functionality should
be rolled into the existing client-side SSL we have in streams, rather
than creating a load of new functions, so I would feel a resistance to
adding all those new functions, but don't have a problem with it
going in if there is sufficient demand.
--Wez.
"The Streams Guy"
and openssl extension maintainer
On Mon, 2 Dec 2002, David Gillies wrote:
> Hi,
>
> I'm new to this list...
>
> Over the past few weeks I've been working on a PHP4
> module, called securesocket, that wraps several of the
> OpenSSL routines. So far, there's about 75 routines in
> my module, covering essentially all of the basic
> routines required to perform SSL connections (support
> for client-oriented routines is slightly more advanced
> than for servers). At present there is support for
> connecting to a server, verifying certificates
> (partially), reading, writing, buffered BIOs and
> getting/setting SSL operating modes.
>
> My module is starting to get to the point where it is
> mature enough for me to consider releasing it
> (although it's still in a very rudimentary form). Is
> anyone interested in having a look at what I've done?
>
> At present I don't have access to my own
> publicly-accessible server. If anyone is interested in
> helping me host this, ideally as part of a
> collaborative effort using CVS, then please contact
> me.
>
> Best Wishes,
>
> David Gillies
> San Jose
> Costa Rica
>
>
> P.S.
> A minimal SSL session with my module might look
> something like the following:
>
> $ctx=securesocket_ssl_ctx_new(securesocket_sslv3_client_method());
> $ssl=securesocket_ssl_new($ctx);
>
> $sock=securesocket_connect_to_host("localhost",443);
> securesocket_ssl_set_fd($ssl,$sock,BIO_NOCLOSE);
> securesocket_ssl_connect($ssl);
>
> $peer=securesocket_ssl_get_peer_certificate($ssl);
>
> $getstr="GET / HTTP/1.0\r\n\r\n";
> securesocket_ssl_write($ssl,$getstr,strlen($getstr));
> $bytes=securesocket_ssl_read($ssl,&$repstr,1024);
>
> securesocket_ssl_shutdown($ssl);
> securesocket_ssl_free($ssl);
> securesocket_ssl_ctx_free($ctx);
>
>
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
> http://mailplus.yahoo.com
>
> --
> PHP Development Mailing List <http://www.php.net/>
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
>
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, visit: http://www.php.net/unsub.php
