Allow set stream context

[ZZromanZZ]

In current implementation, there is no way to modify stream context parameters.

Which means there is no way to connect (since php 5.6) to SSL/TLS server with self-signed, expired, missmatched CN, etc..

See this problem on forum, for example.

If this is acceptable I would like to discuss possible approaches:

• allow set full stream context
• allow set only some values (verify_peer, verify_peer_name, etc...)

Also there is problem how to catch warnings from underlying Openssl library and provide it to SmtpException as error message.

There is MR, more like experiment, implementation is vague.

We can find inspiration for example in Ruby.

[dg]

@var array

[dg]

In current implementation, there is no way to modify stream context parameters.

There is: http://php.net/manual/en/function.stream-context-set-default.php. So there should be something like $context = $this->context ? stream_context_create($this->context) : stream_context_get_default().

Related #8 #19

[ZZromanZZ]

👍 Yikes, I overlooked it in that bunch of PHP functions.

[ZZromanZZ]

Function error_get_last() doesn't return OpenSSL warning here, but...

[dg]

Here is missing { ... }

[JanTvrdik]

@ZZromanZZ Setting openssl.cafile in php.ini did not work?

[ZZromanZZ]

Of course, my primary intention is to allow ignoring verification via verify_peer=false and verifiy_peer_name=false.

However, I wouldn't like see this in README, docs or other tutorials, because this is basically bad practice.

Next, why allowing modify only some context options, what if someone needs fine-tune other options , not related ony to SSL/TLS.

[Majkl578]

Why would anyone conserned about security ever want to disable certificate verification? I don't like the idea with stream_context_get_default either, it's configuration by global environment...
Passing context is a good idea, but this use case is bad.

[ZZromanZZ]

It provides same behaviour as before, thus no BC break if anyone used stream_context_set_default before calling connect() method. I think it was meant by @dg , didn't it ?

[dg]

Exactly, otherwise it breaks #19

[ZZromanZZ]

I have still problem with error_get_last(), it doesn't catch all warnings properly.
I'm starting to lean towards that let the implementation without error_get_last() and let SmtpException untouched.

[JanTvrdik]

@ZZromanZZ Why do you need to ignore verification? Just create your own ca bundle with the certificate you need. For example this is what I use https://gist.github.com/JanTvrdik/9ad909f81d37697e580d3c06d9365852

[ZZromanZZ]

@JanTvrdik I am aware of workarounds. And I do not take lightly skipping security checks at all.

However, there are circumstances when e.g. certificate is expired, has weak signature, etc... and you do not control server side to replace it. And, of course, show must go on (business must go on).

[ZZromanZZ]

So I dropped touching SmtpException completely. Is there anything else what can I do ?

[dg]

And what if you want to bypass default context and have no context options? (I don't now if it is useful, just thinking).

It can be done with:

/** @var resource */
private $context;

function __constructor()
{
$this->context = isset($options['context']) ? stream_context_create($options['context']) : stream_context_get_default();

[ZZromanZZ]

I changed the implementation accordingly, it might be useful in later use cases, when stream context needs to be bypassed.

[dg]

Great

[ZZromanZZ]

I just noticed, should not be 'context' also in $defaults array in MailExtension ?