Migrate SSL sockets in python to PHP

0
votes

I have this Python code. It's supposed to work as is - making a connection to a remote server and sending a packet and checking latency on the response.


    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(20)

    ssl_sock = ssl.wrap_socket(s,
                               keyfile="client_MY.key",
                               certfile="client_MY.crt",
                               ca_certs="CA_MY_chain.crt",
                               cert_reqs=ssl.CERT_REQUIRED)    

    ssl_sock.connect(('111.111.111.111', 2500)) # fake IP addy

    # ... onward to sending & receiving a packet...

Edit: After getting the correct IP address, the above python code works and returns a packet successfully.

Edit: The PHP code is returning a valid socket now, after adding 'verify_peer_name.

Now I need to convert some python code that builds the message using pack()

Here's what I've done so far in converting Python to PHP:


    $transport = "ssl";
    $ip = "111.111.111.111";
    $port = "2500";
    $timeout = 5;

    $local_pk   = "client_MY.key";
    $local_cert = "client_MY.crt"; // Path to certificate
    $cafile     = "CA_MY_chain.crt";

    //dd("openssl s_client -connect $ip:$port -cert $local_cert -key $local_pk -CAfile $cafile -showcerts -state");
    // openssl s_client -connect 111.111.111.111:2500 -cert client_MY.crt -key client_MY.key -CAfile CA_MY_chain.crt -showcerts -state

        $context = stream_context_create(
            array(
                $transport=>array(
                    'local_cert'=> $local_cert,
                    'local_pk'=> $local_pk,
                    'cafile'=>$cafile,
                    'verify_peer'=>true,
                    'verify_peer_name'=>false
                )
            )
        );

    if ($socket = stream_socket_client(
        "$transport://$ip:$port",
        $errno,
        $errstr,
        $timeout,
        STREAM_CLIENT_CONNECT,
        $context)
    ) {
        fwrite($socket, "\n");
        echo fread($socket,8192);
        fclose($socket);
    } else {
        echo "ERROR: $errno - $errstr\n";
    }

My question is: Have I ported/migrated the code to PHP correctly? I don't know what to use in the place of "cert_reqs" as well. I'm also not certain I've done the keys/cert files correctly either.

I have tried the commented out openssl call on the CLI and that does not do anything. It's like telnet'ing to a mail server. Except no matter what I enter, nothing is returned. A bunch of things get echo'd out after I hit ctrl-c.

1
phppythonsocketsssl

1 Answers

0
votes

Success. The important part was getting the right IP address and port from the customer. It may as well have been 111.111.111.111:2500. And then it was also important to add 

'verify_peer_name'=>false

and a socket was created.