Add TLS support#33
Conversation
d97eed4 to
4986628
Compare
Co-authored-by: Jean Roussel <[email protected]>
Co-authored-by: Jean Roussel <[email protected]>
Co-authored-by: Jean Roussel <[email protected]>
alexandr-mironov
left a comment
There was a problem hiding this comment.
It seems that StreamTransport has many differences from SocketTransport. Because of this, they require a separate Entry to store connection data, and probably a separate Resolver (in the form of a class inheritor). This solves some problems with choosing a protocol, for example. I mean that you explicitly realize that either your connection is secure and use one type of transport that will have its own nuances (in the form of a certificate file for verification) or you use a regular connection (port 2775) and access via IP addresses (accordingly, you get rid of the host explicitly)
| ## Secured TLS (port 2776) | ||
|
|
||
| ```php | ||
| <?php | ||
|
|
||
| declare(strict_types=1); | ||
|
|
||
| use Smpp\ClientBuilder; | ||
| use Smpp\Pdu\Address; | ||
| use Smpp\Smpp; | ||
|
|
||
|
|
||
| $config = new StreamTransportConfig(); | ||
| $config->setUseTls(true) | ||
| ->setCertificateFile('/etc/ssl/certs/<ca-root-certificate>.pem') | ||
| ; | ||
|
|
||
| $client = ClientBuilder::createForStream(['smpp.host.domain:2776'], $config) | ||
| ->setCredentials(getenv('SYSTEM_ID'), getenv('PASSWORD')) | ||
| ->buildClient(); | ||
|
|
||
| $client->bindTransceiver(); | ||
|
|
||
| $client->sendSMS( | ||
| from: new Address("php8-smpp", Smpp::TON_ALPHANUMERIC), | ||
| to: new Address("79000000000"), | ||
| message: "Some kind of message" | ||
| ); | ||
|
|
||
| $client->close(); |
There was a problem hiding this comment.
It's not a default use case. Should be added as separete example file.
| enum ProtocolEnum: string | ||
| { | ||
| case SSL = 'ssl'; | ||
| case TCP = 'tcp'; | ||
| case TCP4 = 'tcp4'; | ||
| case TCP6 = 'tcp6'; | ||
| case TLS = 'tls'; | ||
| } |
There was a problem hiding this comment.
Supported in version >= 8.1, this is not reverse compatible changes for this library. Disallowed.
| if ($this->config->getUseTls()) { | ||
| return ProtocolEnum::TLS; | ||
| } elseif ($this->config->isForceIpv6()) { | ||
| return ProtocolEnum::TCP6; | ||
| } elseif ($this->config->isForceIpv4()) { | ||
| return ProtocolEnum::TCP4; | ||
| } else { | ||
| return ProtocolEnum::TCP; | ||
| } |
There was a problem hiding this comment.
why not use "match"?
| /** @var ?resource */ | ||
| protected $socket = null; |
There was a problem hiding this comment.
| public function getHost(Entry $entry): string | ||
| { | ||
| if ($this->config->getUseTls()) { | ||
| return $entry->getHost(); | ||
| } elseif ($this->config->isForceIpv6()) { | ||
| return $entry->getIpv6(); | ||
| } elseif ($this->config->isForceIpv4()) { | ||
| return $entry->getIpv4(); | ||
| } else { | ||
| return $entry->getIpv4(); | ||
| } | ||
| } |
There was a problem hiding this comment.
why not use "match"?
| ]; | ||
|
|
||
| if ($this->config->getUseTls() && $this->config->getCertificateFile()) { | ||
| $ctx['ssl'] = [...$ctx['ssl'], 'cafile' => $this->config->getCertificateFile()]; |
There was a problem hiding this comment.
maybe just
$ctx['ssl']['cafile'] = $this->config->getCertificateFile();?
| private function getStreamContext(): array | ||
| { | ||
| $ctx = [ | ||
| 'ssl' => [ | ||
| 'verify_peer' => false, | ||
| 'verify_peer_name' => false, | ||
| ] | ||
| ]; | ||
|
|
||
| if ($this->config->getUseTls() && $this->config->getCertificateFile()) { | ||
| $ctx['ssl'] = [...$ctx['ssl'], 'cafile' => $this->config->getCertificateFile()]; | ||
| } | ||
|
|
||
| return $ctx; | ||
| } |
There was a problem hiding this comment.
array is not enough strict structure - maybe better replace to some special object with __toArray method which incapsulate this logic ?
|
|
||
| private function getStreamContext(): array | ||
| { | ||
| $ctx = [ |
There was a problem hiding this comment.
why not $context?
| $e = [$this->socket]; | ||
| $res = stream_select($r, $w, $e, 0); | ||
|
|
||
| if (false === $res) { |
There was a problem hiding this comment.
pls w/o yoda things
Hello,
In this PR, I’ve added TLS support through a new StreamTransport implementation.
I hope this enhancement will be helpful, and I’d be glad if you consider merging it!