|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2017-06-22 11:42 UTC] anrdaemon at freemail dot ru
[2018-08-20 17:22 UTC] cmb@php.net
-Status: Open
+Status: Verified
[2018-08-20 17:22 UTC] cmb@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Nov 21 19:01:29 2024 UTC |
Description: ------------ Adding http proxy to default stream context making addressing different HTTPS domains in the same script impossible. First request to HTTPS site after associating a http proxy sets ssl context to a single peer name and requests to any other domain will fail. Tested with 7.1.6 and 5.6.30 on Windows and Ubuntu Linux. Test script: --------------- <?php stream_context_set_default([ "https" => [ "proxy" => "tcp://proxy:3128" ], ]); var_dump(stream_context_get_options(stream_context_get_default())); file_get_contents("https://www.google.com/"); // fine var_dump(stream_context_get_options(stream_context_get_default())); file_get_contents("https://www.yahoo.com/"); // fine var_dump(stream_context_get_options(stream_context_get_default())); stream_context_set_default([ "http" => [ "proxy" => "tcp://proxy:3128" ], ]); var_dump(stream_context_get_options(stream_context_get_default())); file_get_contents("https://www.google.com/"); // fine var_dump(stream_context_get_options(stream_context_get_default())); // ssl:peer_name is set file_get_contents("https://www.yahoo.com/"); // Peer certificate CN=`*.www.yahoo.com' did not match expected CN=`www.google.com' in ... var_dump(stream_context_get_options(stream_context_get_default())); Expected result: ---------------- array(1) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(1) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(1) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(2) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["http"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(3) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["http"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(3) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["http"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } Actual result: -------------- array(1) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(1) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(1) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(2) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["http"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } } array(3) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["http"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["ssl"]=> array(1) { ["peer_name"]=> string(14) "www.google.com" } } PHP Warning: file_get_contents(): Peer certificate CN=`*.www.yahoo.com' did not match expected CN=`www.google.com' in test.php on line 21 PHP Warning: file_get_contents(https://www.yahoo.com/): failed to open stream: Cannot connect to HTTPS server through proxy in test.php on line 21 array(3) { ["https"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["http"]=> array(1) { ["proxy"]=> string(16) "tcp://proxy:3128" } ["ssl"]=> array(1) { ["peer_name"]=> string(14) "www.google.com" } }