|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull Requests
Pull requests:
HistoryAllCommentsChangesGit/SVN commits
[2013-10-08 14:02 UTC] mike@php.net
-Status: Open
+Status: Closed
-Assigned To:
+Assigned To: mike
[2013-10-08 14:02 UTC] mike@php.net
[2014-10-15 12:57 UTC] gm dot outside+php at gmail dot com
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sat Oct 25 19:00:01 2025 UTC |
Description: ------------ When the CN_match option is used to verify "foo.test.com.sg" and the server certificate CN is "*.test.com" it will succeed erroneously. Test script: --------------- $context = stream_context_create(['ssl' => [ 'verify_peer' => true, 'allow_self_signed' => true, 'CN_match' => 'foo.test.com.sg', ]]); $s = file_get_contents($url, 'rt', $context); var_dump($s); Expected result: ---------------- Warning: file_get_contents(): Peer certificate CN=`*.test.com' did not match expected CN=`foo.test.com.sg' in /path/to/script.php on line 12 Warning: file_get_contents(): Failed to enable crypto in /Users/tjerk/work/ssl/ssl.php on line 11 Warning: file_get_contents(https://localhost:4433): failed to open stream: operation failed in /path/to/script.php on line 11 bool(false) Actual result: -------------- No errors.