I am currently working on a real time notification service using websocket using TLS/SSL (wss://).
I have some problem for the handshake between the browser and the server. Everything works fine with a server and a client in php but when I use the JS's websocket to connect to the server, it fails because I don't know how to handle the handshake in server-side (from a browser).
So far my code for the server is :
$host = '127.0.0.1';
$port = '9000';
$null = NULL;
$context = stream_context_create();
// local_cert must be in PEM format
stream_context_set_option($context, 'ssl', 'local_cert', "cert.pem");
stream_context_set_option($context, 'ssl', 'local_pk', "key.pem");
// Pass Phrase (password) of private key
stream_context_set_option($context, 'ssl', 'passphrase', "test");
stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
stream_context_set_option($context, 'ssl', 'verify_peer', false);
// Create the server socket
$server = stream_socket_server('ssl://' . $host . ':' . $port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context);
if ($server == false) {
die ("Could no create the server.");
}
//start endless loop
while (true) {
$buffer = '';
print "waiting...";
$client = stream_socket_accept($server);
var_dump($client);
print "accepted " . stream_socket_get_name($client, true) . "
";
if ($client) {
stream_set_blocking($client, true);
// TODO : handshaking
stream_set_blocking($client, false);
// Respond to php client (test only)
/*fwrite($client, "200 OK HTTP/1.1
"
. "Connection: close
"
. "Content-Type: text/html
"
. "
"
. "Hello World!");
fclose($client);*/
} else {
print "error.
";
}
}
Nothing is stated about the SSL handshake on the RFC WebSocket.
If anyone has some idea on how to implement a handshake, it would be greatly appreciated.