blob: 4844b795e0164637de1d1d47a4948e809bbc68e8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
<?php
namespace Icinga\Module\Director\CoreBeta;
use Icinga\Exception\ProgrammingError;
class StreamContext
{
protected $options = array();
public function ssl()
{
if ($this->ssl === null) {
$this->ssl = new StreamContextSslOptions();
}
return $this->ssl;
}
public function isSsl()
{
return $this->ssl !== null;
}
public function setCA(CA $ca)
{
// $this->options
}
protected function createSslContext()
{
$local = 'ssl://' . $this->local;
$context = stream_context_create();
// Hack, we need key and cert:
$certfile = preg_replace('~\..+$~', '', $this->certname) . '.combi';
$options = array(
'ssl' => array(
'verify_host' => true,
'cafile' => $this->ssldir . '/ca.crt',
'local_cert' => $this->ssldir . '/' . $certfile,
'CN_match' => 'monitor1',
)
);
$result = stream_context_set_option($context, $options);
return $context;
}
public function setContextOptions($options)
{
if (array_key_exists('ssl', $options)) {
throw new ProgrammingError('Direct access to ssl options is not allowed');
}
}
protected function reallySetContextOptions($options)
{
if ($this->context === null) {
$this->options = $options;
} else {
stream_context_set_option($this->context, $options);
}
}
protected function lazyContext()
{
if ($this->context === null) {
$this->context = stream_context_create();
$this->setContextOptions($this->getOptions());
// stream_context_set_option($this->context
if ($this->isSsl()) {
$this->options['ssl'] = $this->ssl()->getOptions();
}
$result = stream_context_set_option($this->context, $this->options);
}
return $this->context;
}
public function getRawContext()
{
return $this->lazyContext();
}
}
|