Sslurp\MozillaCertData::fetchLatestCertData PHP Method

fetchLatestCertData() protected method

protected fetchLatestCertData ( $until = false )
    protected function fetchLatestCertData($until = false)
    {
        $ctx = $this->getStreamContext();
        set_error_handler(function ($code, $message, $filename, $lineno, $context) {
            throw new \ErrorException(sprintf('%s: %s in %s line %d', $code, $message, $filename, $lineno), $code, 0, $filename, $lineno);
        });
        try {
            $fp = stream_socket_client('ssl://mxr.mozilla.org:443', $errNo, $errStr, 30, STREAM_CLIENT_CONNECT, $ctx);
        } catch (\ErrorException $e) {
            restore_error_handler();
            throw new \RuntimeException($errStr, $errNo, $e);
        }
        restore_error_handler();
        $headers = "GET /mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 HTTP/1.1\r\n";
        $headers .= "Host: mxr.mozilla.org\r\n";
        $headers .= "Connection: close\r\n";
        $headers .= "Accept: */*\r\n";
        fwrite($fp, "{$headers}\r\n");
        // send request
        $response = '';
        while (!feof($fp)) {
            $response .= fgets($fp);
            if ($until && strpos($response, $until) !== false) {
                break;
            }
        }
        fclose($fp);
        $params = stream_context_get_params($ctx);
        $cert = new X509Certificate($params['options']['ssl']['peer_certificate']);
        $pin = $cert->getPin();
        if ($pin !== static::MOZILLA_MXR_SSL_PIN) {
            if (time() < static::MOZILLA_MXR_SSL_EXP) {
                throw new \RuntimeException(sprintf('ERROR: Certificate pin for mxr.mozilla.org did NOT match expected value! ' . 'Expected: %s Received: %s', static::MOZILLA_MXR_SSL_PIN, $pin));
            }
            trigger_error('WARNING: mxr.mozilla.org certificate pin may be out of date. ' . 'If you continue to see this message after updating Sslurp, please ' . 'file an issue at https://github.com/EvanDotPro/Sslurp/issues');
        }
        return $this->decodeChunkedString($this->getResponseBody($response));
    }

Usage Example

Esempio n. 1
0
 protected function fetchLatestCertData($until = false)
 {
     if (static::$allowOnlineTest) {
         return parent::fetchLatestCertData($until);
     }
     $return = $this->certData ?: file_get_contents(__DIR__ . '/../_files/certdata.txt');
     if ($until) {
         return substr($return, 0, strpos($return, "\n", strpos($return, $until)));
     }
     return $return;
 }