-
-
Notifications
You must be signed in to change notification settings - Fork 158
SecureConnector: add optional TlsPeer, this... #252
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Thomas-Gelf
commented
Sep 25, 2020
After various approaches, this seemed to be the most promising one. However, please let me know in case you want to move it elsewhere.
Just in case you're wondering, I also tried to combine this with the Browser, which was pretty tricky. First I applied some getters to various connectors, allowing me to dig a hole down through all those nested Connectors. But then I finally settled with a new ConnectedConnector, allowing me to first connect, get the Connection-instance, retrieve the certificate - and then pass on the already connected/established connection to the Browser:
<?php final class ConnectedConnector implements ConnectorInterface { private $connection; public function __construct(ConnectionInterface $connection) { $this->connection = $connection; } public function connect($uri) { return resolve($this->connection); } }
Thomas-Gelf
commented
Sep 25, 2020
NB: Checks are failing, but for an unrelated reason
313ca21 to
64792e5
Compare
@WyriHaximus
WyriHaximus
left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cool! Thank you for putting the works into this PR 👍 .
P.S. What is your use case for doing this?
@WyriHaximus: glad that you like it! Use case: different ones. Right now I'm using it for an upcoming Icinga module where I want to ask the user to confirm whether he wants to add an unknown CA certificate to it's trust store. Once the CA is confirmed, the (ReactPHP-based) daemon needs to generate a CSR and to deal with the signing process.
In future I'd love to also use it for already existing components like our certificate monitoring
WyriHaximus
commented
Sep 27, 2020
@Thomas-Gelf That's pretty amazing! Looking forward to the certificate monitoring component ReactPHP use, feel free to tag me when that comes
...allows to capture your peer certificate and/or it's chain
64792e5 to
e0dcc1a
Compare
clue
commented
Sep 3, 2021
@Thomas-Gelf Thanks for looking into this and filing this PR! Love to see how @reactphp is used as part of @Icinga!
Unfortunately, this PR currently uses the internal Connection API which is not otherwise exposed to the outside at the moment. Do we need to expose this class or can we find a way to somehow expose this using the existing interfaces? I'm also not opposed to expose the underlying stream resource for more direct access, but I still wonder how we could make this work without introducing a BC break.
What are your thoughts on this? I'm also happy to jump on a quick call to discuss this in person if you want (see my profile for details) 👍
...allows to capture your peer certificate and/or it's chain