Skip to content

Commit a9d8431

Browse files
xdavidwuxdavidwu
committed
[Mailer][Smtp] Add DSN param peer_fingerprint for fingerprint verification
1 parent c64214c commit a9d8431

File tree

3 files changed

+31
-5
lines changed

3 files changed

+31
-5
lines changed

src/Symfony/Component/Mailer/CHANGELOG.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
CHANGELOG
22
=========
33

4+
6.4
5+
---
6+
7+
* Add DSN parameter `peer_fingerprint` to verify TLS certificate fingerprint
8+
49
6.3
510
---
611

src/Symfony/Component/Mailer/Tests/Transport/Smtp/EsmtpTransportFactoryTest.php

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -109,6 +109,23 @@ public static function createProvider(): iterable
109109
$transport,
110110
];
111111

112+
$transport = new EsmtpTransport('example.com', 465, true, null, $logger);
113+
/** @var SocketStream $stream */
114+
$stream = $transport->getStream();
115+
$streamOptions = $stream->getStreamOptions();
116+
$streamOptions['ssl']['peer_fingerprint'] = '6A1CF3B08D175A284C30BC10DE19162307C7286E';
117+
$stream->setStreamOptions($streamOptions);
118+
119+
yield [
120+
new Dsn('smtps', 'example.com', '', '', 465, ['peer_fingerprint' => '6A1CF3B08D175A284C30BC10DE19162307C7286E']),
121+
$transport,
122+
];
123+
124+
yield [
125+
Dsn::fromString('smtps://:@example.com?peer_fingerprint=6A1CF3B08D175A284C30BC10DE19162307C7286E'),
126+
$transport,
127+
];
128+
112129
$transport = new EsmtpTransport('example.com', 465, true, null, $logger);
113130
$transport->setLocalDomain('example.com');
114131

src/Symfony/Component/Mailer/Transport/Smtp/EsmtpTransportFactory.php

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -29,17 +29,21 @@ public function create(Dsn $dsn): TransportInterface
2929

3030
$transport = new EsmtpTransport($host, $port, $tls, $this->dispatcher, $this->logger);
3131

32-
if ('' !== $dsn->getOption('verify_peer') && !filter_var($dsn->getOption('verify_peer', true), \FILTER_VALIDATE_BOOL)) {
33-
/** @var SocketStream $stream */
34-
$stream = $transport->getStream();
35-
$streamOptions = $stream->getStreamOptions();
32+
/** @var SocketStream $stream */
33+
$stream = $transport->getStream();
34+
$streamOptions = $stream->getStreamOptions();
3635

36+
if ('' !== $dsn->getOption('verify_peer') && !filter_var($dsn->getOption('verify_peer', true), \FILTER_VALIDATE_BOOL)) {
3737
$streamOptions['ssl']['verify_peer'] = false;
3838
$streamOptions['ssl']['verify_peer_name'] = false;
39+
}
3940

40-
$stream->setStreamOptions($streamOptions);
41+
if (null !== $peerFingerprint = $dsn->getOption('peer_fingerprint')) {
42+
$streamOptions['ssl']['peer_fingerprint'] = $peerFingerprint;
4143
}
4244

45+
$stream->setStreamOptions($streamOptions);
46+
4347
if ($user = $dsn->getUser()) {
4448
$transport->setUsername($user);
4549
}

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy