I’ve got a PHP communications server running using stream_socket_server() and stream_socket_accept(), a fairly complicated thing which uses SSL connections and certificates to be certain that the remote side is authorized to connect to the server. One of the things which is coming up in my logs are the failed connections. I’m trying to provide more details on these connections for security purposes.
I’m currently getting most of my error detail on the failed connections by setting an error handler for the stream_socket_accept() call:
public function on_ssa_error($errno, $errstr)
{
$this->ssa_error .= " ERROR [$errno]: $errstr\n";
}
public function on_select_read()
{
$this->ssa_error = "";
set_error_handler(array($this, "on_ssa_error"));
$rsocket = stream_socket_accept($this->ss, 0);
restore_error_handler();
if ($rsocket !== FALSE)
// Finish setting up the socket connection and start using it
else
// Report the error in $this->ssa_error
}
…when I have a failed connection, I tend to get errors like this:
ERROR [2]: stream_socket_accept(): SSL operation failed with code 1. OpenSSL Error messages: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
ERROR [2]: stream_socket_accept(): Failed to enable crypto
ERROR [2]: stream_socket_accept(): accept failed: Success
…which is partly useful in that it identifies the cause of the bad connection as a bad certificate, but I’d really like to have something indicating where the bad request came from, ideally the IP address or Mac Address of the source.
Is there any way to get the IP address of a failed connection using the stream_socket_xxx code? I know it’s possible to get the IP address of an accepted connection, but I’m stumped trying to figure out a way of getting it on a failed connection.
