[PHP-DEV] OpenSSL wrappers for PHP 4

2002-12-02 Thread David Gillies
Hi,

I'm new to this list...

Over the past few weeks I've been working on a PHP4
module, called securesocket, that wraps several of the
OpenSSL routines. So far, there's about 75 routines in
my module, covering essentially all of the basic
routines required to perform SSL connections (support
for client-oriented routines is slightly more advanced
than for servers). At present there is support for
connecting to a server, verifying certificates
(partially), reading, writing, buffered BIOs and
getting/setting SSL operating modes.

My module is starting to get to the point where it is
mature enough for me to consider releasing it
(although it's still in a very rudimentary form). Is
anyone interested in having a look at what I've done?

At present I don't have access to my own
publicly-accessible server. If anyone is interested in
helping me host this, ideally as part of a
collaborative effort using CVS, then please contact
me.

Best Wishes,

David Gillies
San Jose
Costa Rica


P.S.
A minimal SSL session with my module might look
something like the following:

$ctx=securesocket_ssl_ctx_new(securesocket_sslv3_client_method());
$ssl=securesocket_ssl_new($ctx);

$sock=securesocket_connect_to_host(localhost,443);
securesocket_ssl_set_fd($ssl,$sock,BIO_NOCLOSE);
securesocket_ssl_connect($ssl);

$peer=securesocket_ssl_get_peer_certificate($ssl);

$getstr=GET / HTTP/1.0\r\n\r\n;
securesocket_ssl_write($ssl,$getstr,strlen($getstr));
$bytes=securesocket_ssl_read($ssl,$repstr,1024);

securesocket_ssl_shutdown($ssl);
securesocket_ssl_free($ssl);
securesocket_ssl_ctx_free($ctx);


__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, visit: http://www.php.net/unsub.php




Re: [PHP-DEV] OpenSSL wrappers for PHP 4

2002-12-02 Thread Wez Furlong
Sounds great, and sounds like it should be part of ext/openssl and it's
up-coming stream implementation (most of the code is in main/network.c
ATM).

I'd really appreciate your input on making most of your work use the new
streams architecture. (which really means that most of those calls will
go away and be replaced with generic stream calls and context
settings).

I want to create a stream server API for hosting sockets etc. using
the familar fread(), fwrite() family of functions, which will
incorporate aspects of ext/sockets and add optional openssl support
(which can be toggled at runtime for things such as starttls based
protocols).

If you're not interested in streams at this time, I'd be -0 on adding
your extension to our CVS, meaning that I think the functionality should
be rolled into the existing client-side SSL we have in streams, rather
than creating a load of new functions, so I would feel a resistance to
adding all those new functions, but don't have a problem with it
going in if there is sufficient demand.

--Wez.
The Streams Guy
and openssl extension maintainer

On Mon, 2 Dec 2002, David Gillies wrote:

 Hi,

 I'm new to this list...

 Over the past few weeks I've been working on a PHP4
 module, called securesocket, that wraps several of the
 OpenSSL routines. So far, there's about 75 routines in
 my module, covering essentially all of the basic
 routines required to perform SSL connections (support
 for client-oriented routines is slightly more advanced
 than for servers). At present there is support for
 connecting to a server, verifying certificates
 (partially), reading, writing, buffered BIOs and
 getting/setting SSL operating modes.

 My module is starting to get to the point where it is
 mature enough for me to consider releasing it
 (although it's still in a very rudimentary form). Is
 anyone interested in having a look at what I've done?

 At present I don't have access to my own
 publicly-accessible server. If anyone is interested in
 helping me host this, ideally as part of a
 collaborative effort using CVS, then please contact
 me.

 Best Wishes,

 David Gillies
 San Jose
 Costa Rica


 P.S.
 A minimal SSL session with my module might look
 something like the following:

 $ctx=securesocket_ssl_ctx_new(securesocket_sslv3_client_method());
 $ssl=securesocket_ssl_new($ctx);

 $sock=securesocket_connect_to_host(localhost,443);
 securesocket_ssl_set_fd($ssl,$sock,BIO_NOCLOSE);
 securesocket_ssl_connect($ssl);

 $peer=securesocket_ssl_get_peer_certificate($ssl);

 $getstr=GET / HTTP/1.0\r\n\r\n;
 securesocket_ssl_write($ssl,$getstr,strlen($getstr));
 $bytes=securesocket_ssl_read($ssl,$repstr,1024);

 securesocket_ssl_shutdown($ssl);
 securesocket_ssl_free($ssl);
 securesocket_ssl_ctx_free($ctx);


 __
 Do you Yahoo!?
 Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
 http://mailplus.yahoo.com

 --
 PHP Development Mailing List http://www.php.net/
 To unsubscribe, visit: http://www.php.net/unsub.php





-- 
PHP Development Mailing List http://www.php.net/
To unsubscribe, visit: http://www.php.net/unsub.php