Needed custom options on ssl params

[mdemori]

Hi,

there is a way to use custom option to the defaultSocketOptions() function? i need some special settings on context creation, i just tried with below code but seem that doesn't work:

        $settings =
            [
                'host' => 'xxx',
                'port' => '143',
                'encryption' => 'tls',
                'validate_cert' => false,
                'username' => 'xxxx',
                'password' => 'xxxx',
                'protocol' => 'imap',
                'ssl' => [
                    'verify_peer_name' => false,
                    'verify_peer'      => false,
                    'ciphers' => 'DEFAULT:!DH',
                ],
            ];
        //Connect to the IMAP Server
        try {
            $cm = new ClientManager();
        } catch (MaskNotFoundException $e) {
            dd($e->getMessage());
        }
        // or create a new instance manually
        $client = $cm->make($settings);

        $client->connect();
        // or create a new instance manually

[Webklex]

Hi @mdemori ,
many thanks for the suggestion. I guess you're talking about this method right?

php-imap/src/Connection/Protocols/Protocol.php

Line 165 in 6e76b35

private function defaultSocketOptions($transport) {

..and:

php-imap/src/Connection/Protocols/Protocol.php

Line 200 in 6e76b35

protected function createStream($transport, $host, $port, $timeout) {

..and you would like to extend the array which gets parsed to stream_context_create in:

php-imap/src/Connection/Protocols/Protocol.php

Line 204 in 6e76b35

stream_context_create($this->defaultSocketOptions($transport))

..or am I off?

In theory those could be many options, besides ssl.ciphers. I would suggest a new custom or advanced option like this:

$settings = [
    'host' => 'xxx',
    'port' => '143',
    'encryption' => 'tls',
    'validate_cert' => false,
    'username' => 'xxxx',
    'password' => 'xxxx',
    'protocol' => 'imap',
    'ssl' => [
        'verify_peer_name' => false,
        'verify_peer'      => false,
    ],
    'custom' => [
        'ciphers' => 'DEFAULT:!DH',
        'foo' => 'bar',
    ],
];

..by which the custom settings attribute gets merged with the parameters for stream_context_create.

Best regards,

[llemoine]

Hi @Webklex,

I am also in need of being able to set some ssl stream context options (mostly the ciphers and cafile options for now).

From what I have seen, those options should indeed be processed in the defaultSocketOptionsmethod :

php-imap/src/Connection/Protocols/Protocol.php

Line 204 in 6e76b35

stream_context_create($this->defaultSocketOptions($transport))

In my opinion, it should be a more specific name than custom, like ssl_stream_context for example, which would clearly indicate that those options are only used for the creation of the stream context.

$settings = [
    'host' => 'xxx',
    'port' => '143',
    'encryption' => 'tls',
    'validate_cert' => false,
    'username' => 'xxxx',
    'password' => 'xxxx',
    'protocol' => 'imap',
    'ssl_stream_context' => [
        'ciphers' => 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256',
        'cafile' => '/path/to/cafile',
    ],

I'll try to implement this in a fork of the project, but I am struggling a bit with the default configs options and the account specifics configurations right now.

Kind regards,