From 8dad8466136e58a595bd74f866f201a219d44936 Mon Sep 17 00:00:00 2001 From: Jordi Boggiano Date: Fri, 12 Dec 2014 12:25:21 +0000 Subject: [PATCH] Add SNI settings for SSL URLs that are proxied, fixes #3204 --- src/Composer/Util/StreamContextFactory.php | 8 ++++ .../Test/Util/StreamContextFactoryTest.php | 48 +++++++++++++------ 2 files changed, 41 insertions(+), 15 deletions(-) diff --git a/src/Composer/Util/StreamContextFactory.php b/src/Composer/Util/StreamContextFactory.php index c3b9e2773..5bcb431ca 100644 --- a/src/Composer/Util/StreamContextFactory.php +++ b/src/Composer/Util/StreamContextFactory.php @@ -93,6 +93,14 @@ final class StreamContextFactory break; } + // add SNI opts for https URLs + if ('https' === parse_url($url, PHP_URL_SCHEME)) { + $options['ssl']['SNI_enabled'] = true; + if (version_compare(PHP_VERSION, '5.6.0', '<')) { + $options['ssl']['SNI_server_name'] = parse_url($url, PHP_URL_HOST); + } + } + // handle proxy auth if present if (isset($proxy['user'])) { $auth = urldecode($proxy['user']); diff --git a/tests/Composer/Test/Util/StreamContextFactoryTest.php b/tests/Composer/Test/Util/StreamContextFactoryTest.php index 5003eb1ae..fe6fa77fd 100644 --- a/tests/Composer/Test/Util/StreamContextFactoryTest.php +++ b/tests/Composer/Test/Util/StreamContextFactoryTest.php @@ -133,14 +133,23 @@ class StreamContextFactoryTest extends \PHPUnit_Framework_TestCase $context = StreamContextFactory::getContext('https://example.org', array('http' => array('method' => 'GET'))); $options = stream_context_get_options($context); - $this->assertEquals(array('http' => array( - 'proxy' => 'tcp://proxyserver.net:80', - 'request_fulluri' => true, - 'method' => 'GET', - 'header' => array("Proxy-Authorization: Basic " . base64_encode('username:password')), - 'max_redirects' => 20, - 'follow_location' => 1, - )), $options); + $expected = array( + 'http' => array( + 'proxy' => 'tcp://proxyserver.net:80', + 'request_fulluri' => true, + 'method' => 'GET', + 'header' => array("Proxy-Authorization: Basic " . base64_encode('username:password')), + 'max_redirects' => 20, + 'follow_location' => 1, + ), 'ssl' => array( + 'SNI_enabled' => true, + 'SNI_server_name' => 'example.org' + ) + ); + if (version_compare(PHP_VERSION, '5.6.0', '>=')) { + unset($expected['ssl']['SNI_server_name']); + } + $this->assertEquals($expected, $options); } public function testHttpsProxyOverride() @@ -151,13 +160,22 @@ class StreamContextFactoryTest extends \PHPUnit_Framework_TestCase $context = StreamContextFactory::getContext('https://example.org', array('http' => array('method' => 'GET'))); $options = stream_context_get_options($context); - $this->assertEquals(array('http' => array( - 'proxy' => 'ssl://woopproxy.net:443', - 'request_fulluri' => true, - 'method' => 'GET', - 'max_redirects' => 20, - 'follow_location' => 1, - )), $options); + $expected = array( + 'http' => array( + 'proxy' => 'ssl://woopproxy.net:443', + 'request_fulluri' => true, + 'method' => 'GET', + 'max_redirects' => 20, + 'follow_location' => 1, + ), 'ssl' => array( + 'SNI_enabled' => true, + 'SNI_server_name' => 'example.org' + ) + ); + if (version_compare(PHP_VERSION, '5.6.0', '>=')) { + unset($expected['ssl']['SNI_server_name']); + } + $this->assertEquals($expected, $options); } /**