Alexandre Chambet Alexandre Chambet - 1 month ago 32
PHP Question

SSL websocket in php / javascript

I am currently working on a real time notification service using websocket using TLS/SSL (wss://).

I have some problem for the handshake between the browser and the server. Everything works fine with a server and a client in php but when I use the JS's websocket to connect to the server, it fails because I don't know how to handle the handshake in server-side (from a browser).


So far my code for the server is :

$host = '127.0.0.1';
$port = '9000';
$null = NULL;

$context = stream_context_create();

// local_cert must be in PEM format
stream_context_set_option($context, 'ssl', 'local_cert', "cert.pem");
stream_context_set_option($context, 'ssl', 'local_pk', "key.pem");
// Pass Phrase (password) of private key
stream_context_set_option($context, 'ssl', 'passphrase', "test");
stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
stream_context_set_option($context, 'ssl', 'verify_peer', false);

// Create the server socket
$server = stream_socket_server('ssl://' . $host . ':' . $port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context);

if ($server == false) {
die ("Could no create the server.");
}

//start endless loop

while (true) {
$buffer = '';
print "waiting...";
$client = stream_socket_accept($server);
var_dump($client);
print "accepted " . stream_socket_get_name($client, true) . "\n";
if ($client) {
stream_set_blocking($client, true);
// TODO : handshaking
stream_set_blocking($client, false);

// Respond to php client (test only)
/*fwrite($client, "200 OK HTTP/1.1\r\n"
. "Connection: close\r\n"
. "Content-Type: text/html\r\n"
. "\r\n"
. "Hello World!");
fclose($client);*/
} else {
print "error.\n";
}
}


Nothing is stated about the SSL handshake on the RFC WebSocket.


If anyone has some idea on how to implement a handshake, it would be greatly appreciated.

Answer

Nothing is stated about the SSL handshake on the RFC WebSocket.

wss:// is just ws:// inside a SSL connection, same as HTTPS is just HTTP inside a SSL connection. There is nothing special, i.e. you just need to speak the WebSocket protocol on the SSL stream after the successful SSL handshake.

Comments