Skip to content

Commit e072b3f

Browse files
transistivetransistive
committed
made ssl configurator return array instead of working on stream directly
1 parent b6627a9 commit e072b3f

File tree

2 files changed

+25
-11
lines changed

2 files changed

+25
-11
lines changed

src/Bolt/BoltConnectionPool.php

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -103,7 +103,7 @@ public function canConnect(UriInterface $uri, AuthenticateInterface $authenticat
103103
$connectingTo = $server ?? $uri;
104104
$socket = new StreamSocket($uri->getHost(), $connectingTo->getPort() ?? 7687);
105105

106-
$this->sslConfigurator->configure($uri, $connectingTo, $socket, $table, $this->driverConfig);
106+
$this->setupSsl($uri, $connectingTo, $table, $socket);
107107

108108
try {
109109
$bolt = new Bolt($socket);
@@ -126,7 +126,7 @@ private function openConnection(
126126
): BoltConnection {
127127
$socket = new StreamSocket($connectingTo->getHost(), $connectingTo->getPort() ?? 7687, $socketTimeout);
128128

129-
$this->sslConfigurator->configure($uri, $connectingTo, $socket, $table, $this->driverConfig);
129+
$this->setupSsl($uri, $connectingTo, $table, $socket);
130130

131131
$bolt = new Bolt($socket);
132132
$authenticate->authenticateBolt($bolt, $connectingTo, $userAgent);
@@ -174,4 +174,12 @@ static function () use ($socket, $authenticate, $connectingTo, $userAgent, $orig
174174

175175
return $connection;
176176
}
177+
178+
private function setupSsl(UriInterface $uri, UriInterface $connectingTo, ?RoutingTable $table, StreamSocket $socket): void
179+
{
180+
$config = $this->sslConfigurator->configure($uri, $connectingTo, $table, $this->driverConfig);
181+
if ($config !== null) {
182+
$socket->setSslContextOptions($config);
183+
}
184+
}
177185
}

src/Bolt/SslConfigurator.php

Lines changed: 15 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@
1111

1212
namespace Laudis\Neo4j\Bolt;
1313

14-
use Bolt\connection\StreamSocket;
1514
use function count;
1615
use function explode;
1716
use const FILTER_VALIDATE_IP;
@@ -23,7 +22,7 @@
2322

2423
final class SslConfigurator
2524
{
26-
public function configure(UriInterface $uri, UriInterface $server, StreamSocket $socket, ?RoutingTable $table, DriverConfiguration $config): void
25+
public function configure(UriInterface $uri, UriInterface $server, ?RoutingTable $table, DriverConfiguration $config): ?array
2726
{
2827
$sslMode = $config->getSslConfiguration()->getMode();
2928
$sslConfig = '';
@@ -43,14 +42,16 @@ public function configure(UriInterface $uri, UriInterface $server, StreamSocket
4342
// instance aura deployment, we need to pass the original uri for the
4443
// ssl configuration to be valid.
4544
if ($table && count($table->getWithRole()) > 1) {
46-
$this->enableSsl($server->getHost(), $sslConfig, $socket, $config);
47-
} else {
48-
$this->enableSsl($uri->getHost(), $sslConfig, $socket, $config);
45+
return $this->enableSsl($server->getHost(), $sslConfig, $config);
4946
}
47+
48+
return $this->enableSsl($uri->getHost(), $sslConfig, $config);
5049
}
50+
51+
return null;
5152
}
5253

53-
private function enableSsl(string $host, string $sslConfig, StreamSocket $sock, DriverConfiguration $config): void
54+
private function enableSsl(string $host, string $sslConfig, DriverConfiguration $config): ?array
5455
{
5556
$options = [
5657
'verify_peer' => $config->getSslConfiguration()->isVerifyPeer(),
@@ -60,10 +61,15 @@ private function enableSsl(string $host, string $sslConfig, StreamSocket $sock,
6061
$options['SNI_enabled'] = true;
6162
}
6263
if ($sslConfig === 's') {
63-
$sock->setSslContextOptions($options);
64-
} elseif ($sslConfig === 'ssc') {
64+
return $options;
65+
}
66+
67+
if ($sslConfig === 'ssc') {
6568
$options['allow_self_signed'] = true;
66-
$sock->setSslContextOptions($options);
69+
70+
return $options;
6771
}
72+
73+
return null;
6874
}
6975
}

0 commit comments

Comments
 (0)