SSL from PHP: socket and cURL
Today, on this sleepy summer morning, I will tell you about an SSL connection from a PHP script. I'll tell you on the basis not only of theory, but also solving a quite practical task for you - login to google blogservice blogger.com.
Let's start with sockets. In the help stated the possibility of using the HTTPS protocol, so we try. A set of POST variables is taken from the developer's guide . Habraparser frames the soap by reference, so the "@" is replaced with (at).
In the fsockopen function, as a prefix in front of the server name, we use not https, but ssl. So the direct text is written in the help. Then everything is simple. We form HTTP-header, and we push it in an open socket. We read the answer, and we get
')
In short, if you omit the watch ordeals and dances around the functions of the socket, I did not succeed. Well, that is, it did not work to transfer POST data, although GET requests are returned normally. Maybe this is due only to the Google server, but it will work somewhere else.
UPD. Many thanks to anabolik habraiser , who suggested that if you change one header line and make
then everything will work right away. Thanks again. Thanked all sorts of ways =).
Go to the second method.
Open the mana page about cURL and rejoice. So many opportunities for requests for any configuration. It should work out. So, we climb in curl_setopt. We will need
CURLOPT_URL is the request URL.
CURLOPT_POST - we say that we will send a POST request.
CURLOPT_POSTFIELDS - POST changes themselves.
CURLOPT_RETURNTRANSFER - return the result of the query, and not display it in the browser.
Now actually about SSL parameters:
CURLOPT_SSL_VERIFYPEER - if you put it to 0, the remote server will not check our certificate. Otherwise, you need to send this certificate.
CURLOPT_CAINFO - specify the certificate file if CURLOPT_SSL_VERIFYPEER is set to 1.
CURLOPT_SSLVERSION is an integer that indicates the SSL version (2 or 3), usually determined automatically.
CURLOPT_SSL_VERIFYHOST - whether the name of the remote server specified in the certificate will be checked. If you set the value to "2", then the host name will also be checked. (honestly, I still do not understand what this flag does)
That's all. For Google, we only need to indicate that we did not bring any certificates with us, let us so please. We write the code.
In the $ result variable, we now have three lines, of which only one is needed — the last one, which starts with “Auth =”. But about this, probably next time.
This is a crosspost from my blog .
Let's start with sockets. In the help stated the possibility of using the HTTPS protocol, so we try. A set of POST variables is taken from the developer's guide . Habraparser frames the soap by reference, so the "@" is replaced with (at).
$postvars = array(
"Email" => "mail(at)gmail.com",
"Passwd" => "pass",
"service" => "blogger"
);
$postdata = "";
foreach ( $postvars as $key => $value )
$postdata .= "&".rawurlencode($key)."=".rawurlencode($value);
$postdata = substr( $postdata, 1 );
$fp = fsockopen("ssl://google.com", 443);
$send = "";
$send .= "POST /accounts/ClientLogin HTTP/1.1\r\n";
$send .= "Host: google.com\r\n";
$send .= "Content-length: ".strlen($postdata)."\r\n";
$send .= "Content-type: text/plain\r\n";
$send .= "Connection: close\r\n";
$send .= "\r\n";
$send .= $postdata."\r\n\r\n";
fputs($fp, $send);
$html = fread($fp, 1000000);
fclose($fp);
echo "".$html." "; $postvars = array(
"Email" => "mail(at)gmail.com",
"Passwd" => "pass",
"service" => "blogger"
);
$postdata = "";
foreach ( $postvars as $key => $value )
$postdata .= "&".rawurlencode($key)."=".rawurlencode($value);
$postdata = substr( $postdata, 1 );
$fp = fsockopen("ssl://google.com", 443);
$send = "";
$send .= "POST /accounts/ClientLogin HTTP/1.1\r\n";
$send .= "Host: google.com\r\n";
$send .= "Content-length: ".strlen($postdata)."\r\n";
$send .= "Content-type: text/plain\r\n";
$send .= "Connection: close\r\n";
$send .= "\r\n";
$send .= $postdata."\r\n\r\n";
fputs($fp, $send);
$html = fread($fp, 1000000);
fclose($fp);
echo "".$html." ";In the fsockopen function, as a prefix in front of the server name, we use not https, but ssl. So the direct text is written in the help. Then everything is simple. We form HTTP-header, and we push it in an open socket. We read the answer, and we get
')
Error=BadAuthenticationIn short, if you omit the watch ordeals and dances around the functions of the socket, I did not succeed. Well, that is, it did not work to transfer POST data, although GET requests are returned normally. Maybe this is due only to the Google server, but it will work somewhere else.
UPD. Many thanks to anabolik habraiser , who suggested that if you change one header line and make
$send .= "Content-type: application/x-www-form-urlencoded\r\n";then everything will work right away. Thanks again. Thanked all sorts of ways =).
Go to the second method.
Open the mana page about cURL and rejoice. So many opportunities for requests for any configuration. It should work out. So, we climb in curl_setopt. We will need
CURLOPT_URL is the request URL.
CURLOPT_POST - we say that we will send a POST request.
CURLOPT_POSTFIELDS - POST changes themselves.
CURLOPT_RETURNTRANSFER - return the result of the query, and not display it in the browser.
Now actually about SSL parameters:
CURLOPT_SSL_VERIFYPEER - if you put it to 0, the remote server will not check our certificate. Otherwise, you need to send this certificate.
CURLOPT_CAINFO - specify the certificate file if CURLOPT_SSL_VERIFYPEER is set to 1.
CURLOPT_SSLVERSION is an integer that indicates the SSL version (2 or 3), usually determined automatically.
CURLOPT_SSL_VERIFYHOST - whether the name of the remote server specified in the certificate will be checked. If you set the value to "2", then the host name will also be checked. (honestly, I still do not understand what this flag does)
That's all. For Google, we only need to indicate that we did not bring any certificates with us, let us so please. We write the code.
$postvars = array(
"Email" => "mail(at)gmail.com",
"Passwd" => "pass",
"service" => "blogger"
);
$postdata = "";
foreach ( $postvars as $key => $value )
$postdata .= "&".rawurlencode($key)."=".rawurlencode($value);
$postdata = substr( $postdata, 1 );
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, "https://www.google.com/accounts/ClientLogin");
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec ($ch);
curl_close($ch);
echo $result;In the $ result variable, we now have three lines, of which only one is needed — the last one, which starts with “Auth =”. But about this, probably next time.
This is a crosspost from my blog .
Source: https://habr.com/ru/post/30369/
All Articles