Posts Tagged ‘tls’

Portable PHP HTTP(S) GET Request with HTTP Basic Authentication

I’m not sure where I found this class years ago (probably the php.net comments) but it’s a handy way to make simple HTTP GET requests in PHP without having to rely on the availability of allow_url_fopen or curl extensions. It supports automatic detection of SSL/TLS and non-default port numbers based on the URL you provide.

I’ve made a minor modification to include support for HTTP Basic Authentication.

class HTTPRequest
{
    var $_fp;          // HTTP socket
    var $_url;         // full URL
    var $_host;        // HTTP host
    var $_protocol;    // protocol (HTTP/HTTPS)
    var $_uri;         // request URI
    var $_port;        // port
    var $_user;        // HTTP Basic Auth User
    var $_pass;        // HTTP Basic Auth Password
   
    // scan url
    function _scan_url()
    {
        $req = $this->_url;
       
        $pos = strpos($req, '://');
        $this->_protocol = strtolower(substr($req, 0, $pos));
       
        $req = substr($req, $pos+3);
        $pos = strpos($req, '/');
        if($pos === false)
            $pos = strlen($req);
        $host = substr($req, 0, $pos);
       
        if(strpos($host, ':') !== false)
        {
            list($this->_host, $this->_port) = explode(':', $host);
        }
        else
        {
            $this->_host = $host;
            $this->_port = ($this->_protocol == 'https') ? 443 : 80;
        }
       
        $this->_uri = substr($req, $pos);
        if($this->_uri == '')
            $this->_uri = '/';
    }
   
    // constructor
    function HTTPRequest($url, $user='', $pass='')
    {
        $this->_url = $url;
        $this->_scan_url();
        $this->_user = $user;
        $this->_pass = $pass;
    }
   
    // download URL to string
    function DownloadToString()
    {
        $crlf = "\r\n";
       
        // generate request
        $req = 'GET ' . $this->_uri . ' HTTP/1.0' . $crlf
            .    'Host: ' . $this->_host . $crlf;
            if(!empty($this->_user))
                 $req .= "Authorization: Basic " . base64_encode($this->_user . ':' . $this->_pass) . $crlf;
       $req .= $crlf;
       
        // fetch
        $this->_fp = fsockopen(($this->_protocol == 'https' ? 'ssl://' : '') . $this->_host, $this->_port);
        fwrite($this->_fp, $req);
        while(is_resource($this->_fp) && $this->_fp && !feof($this->_fp))
            $response .= fread($this->_fp, 1024);
        fclose($this->_fp);
       
        // split header and body
        $pos = strpos($response, $crlf . $crlf);
        if($pos === false)
            return($response);
        $header = substr($response, 0, $pos);
        $body = substr($response, $pos + 2 * strlen($crlf));
       
        // parse headers
        $headers = array();
        $lines = explode($crlf, $header);
        foreach($lines as $line)
            if(($pos = strpos($line, ':')) !== false)
                $headers[strtolower(trim(substr($line, 0, $pos)))] = trim(substr($line, $pos+1));
       
        // redirection?
        if(isset($headers['location']))
        {
            $http = new HTTPRequest($headers['location']);
            return($http->DownloadToString($http));
        }
        else
        {
            return($body);
        }
    }
}

Usage:

$r = new HTTPRequest($url, [username], [password]);
$response = $r->DownloadToString();

The username and password variables are optional.

Zimbra CSR is Invalid, 2048-bit Private Key Required

If your certificate authority has increased their key requirements to 2048 bit your CSR may be rejected when generated like so:

# /opt/zimbra/bin/zmcertmgr createcsr comm -new "/C=CA/ST=ON/L=Toronto/O=Yourbusiness/OU=Yourdept/CN=mail.server.com"

Fortunately, the -keysize flag was added in Zimbra 6.x:

# /opt/zimbra/bin/zmcertmgr createcsr comm -new -keysize 2048 "/C=CA/ST=ON/L=Toronto/O=Yourbusiness/OU=Yourdept/CN=mail.server.com"

http://bugzilla.zimbra.com/show_bug.cgi?id=36313

You Can Still Get Cheap Comodo Positive SSL for Under $10

Comodo has offered discount chained SSL certificates through its PositiveSSL brand for some time. A few months ago I was shocked to see the renewal fee for what used to be a $9.99 certificate had gone up to $49.00/yr. This rate has unfortunately not dropped since, prompting the search for a new bargain-basement supplier.

As it turns out there is good news: it is still possible to get PositiveSSL for cheap through a reseller. Currently 1 year is running only $8.00 on CheapSSLs. I’d never heard of CheapSSLs before yesterday but my bare modicum of research indicates it is a reputable front-end for Comodo, GeoTrust and VeriSign/Symantec and a daughter of registrar DomainCheap.com.

After one makes their purchase one must proceed to the “My SSL Certificates” page on CheapSSLs to activate it which seems to throw off some folks expecting the process to be taken over by the actual issuer of the certificate. In fact, the CSR is provided to CheapSSLs and the entire process is handled through their site.

There is a small e-mail verification step but if everything goes correctly you will be issued your certificate from the signing authority proper via e-mail in mere minutes.

Bonus: CheapSSLs accepts payment by PayPal allowing for truly anonymous/paper-trail-less certificates.

Happy reselling :)

Return top

LINKS

foxpa.ws
Online Marketing Toplist
Internet
Technology Blogs - Blog Rankings

Internet Blogs - BlogCatalog Blog Directory

Technology blogs 		Bad Karma Networks

Please Donate!


Made in Canada  •  There's a fox in the Gibson!  •  2010-12