Skip to content

Commit 70b7234

Browse files
xdavidwuxdavidwu
committed
[Mailer][Smtp] Add DSN param peer_fingerprint for fingerprint verification
1 parent 5369200 commit 70b7234

File tree

3 files changed

+31
-5
lines changed

3 files changed

+31
-5
lines changed

CHANGELOG.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
CHANGELOG
22
=========
33

4+
6.4
5+
---
6+
7+
* Add DSN parameter `peer_fingerprint` to verify TLS certificate fingerprint
8+
49
6.3
510
---
611

Tests/Transport/Smtp/EsmtpTransportFactoryTest.php

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,23 @@ public static function createProvider(): iterable
109109
$transport,
110110
];
111111

112+
$transport = new EsmtpTransport('example.com', 465, true, null, $logger);
113+
/** @var SocketStream $stream */
114+
$stream = $transport->getStream();
115+
$streamOptions = $stream->getStreamOptions();
116+
$streamOptions['ssl']['peer_fingerprint'] = '6A1CF3B08D175A284C30BC10DE19162307C7286E';
117+
$stream->setStreamOptions($streamOptions);
118+
119+
yield [
120+
new Dsn('smtps', 'example.com', '', '', 465, ['peer_fingerprint' => '6A1CF3B08D175A284C30BC10DE19162307C7286E']),
121+
$transport,
122+
];
123+
124+
yield [
125+
Dsn::fromString('smtps://:@example.com?peer_fingerprint=6A1CF3B08D175A284C30BC10DE19162307C7286E'),
126+
$transport,
127+
];
128+
112129
$transport = new EsmtpTransport('example.com', 465, true, null, $logger);
113130
$transport->setLocalDomain('example.com');
114131

Transport/Smtp/EsmtpTransportFactory.php

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -29,17 +29,21 @@ public function create(Dsn $dsn): TransportInterface
2929

3030
$transport = new EsmtpTransport($host, $port, $tls, $this->dispatcher, $this->logger);
3131

32-
if ('' !== $dsn->getOption('verify_peer') && !filter_var($dsn->getOption('verify_peer', true), \FILTER_VALIDATE_BOOL)) {
33-
/** @var SocketStream $stream */
34-
$stream = $transport->getStream();
35-
$streamOptions = $stream->getStreamOptions();
32+
/** @var SocketStream $stream */
33+
$stream = $transport->getStream();
34+
$streamOptions = $stream->getStreamOptions();
3635

36+
if ('' !== $dsn->getOption('verify_peer') && !filter_var($dsn->getOption('verify_peer', true), \FILTER_VALIDATE_BOOL)) {
3737
$streamOptions['ssl']['verify_peer'] = false;
3838
$streamOptions['ssl']['verify_peer_name'] = false;
39+
}
3940

40-
$stream->setStreamOptions($streamOptions);
41+
if (null !== $peerFingerprint = $dsn->getOption('peer_fingerprint')) {
42+
$streamOptions['ssl']['peer_fingerprint'] = $peerFingerprint;
4143
}
4244

45+
$stream->setStreamOptions($streamOptions);
46+
4347
if ($user = $dsn->getUser()) {
4448
$transport->setUsername($user);
4549
}

0 commit comments

Comments
 (0)