From d1b72f46a0af42ca5e84d5c1d0f97b8013c6dac3 Mon Sep 17 00:00:00 2001
From: Michael Nabil <46572405+michaelnabil230@users.noreply.github.com>
Date: Wed, 27 Mar 2024 19:03:33 +0200
Subject: [PATCH] [1.x] Fix the issue for connecting if the SSL is not verified
 peer (#85)

* Fix

* cleaning

* remove default context

* configure tls

* formatting

---------

Co-authored-by: Joe Dixon <hello@joedixon.co.uk>
Co-authored-by: Taylor Otwell <taylor@laravel.com>
---
 src/Servers/Reverb/Factory.php            | 29 ++++++++++++++++++-----
 tests/Unit/Servers/Reverb/FactoryTest.php | 14 +++++++++++
 2 files changed, 37 insertions(+), 6 deletions(-)

diff --git a/src/Servers/Reverb/Factory.php b/src/Servers/Reverb/Factory.php
index 0a7b3162..f1bec6df 100644
--- a/src/Servers/Reverb/Factory.php
+++ b/src/Servers/Reverb/Factory.php
@@ -51,12 +51,7 @@ public static function make(
             default => throw new InvalidArgumentException("Unsupported protocol [{$protocol}]."),
         };
 
-        if (empty($options['tls']) && $hostname && Certificate::exists($hostname)) {
-            [$certificate, $key] = Certificate::resolve($hostname);
-
-            $options['tls']['local_cert'] = $certificate;
-            $options['tls']['local_pk'] = $key;
-        }
+        $options['tls'] = static::configureTls($options['tls'] ?? [], $hostname);
 
         $uri = empty($options['tls']) ? "{$host}:{$port}" : "tls://{$host}:{$port}";
 
@@ -109,4 +104,26 @@ protected static function pusherRoutes(): RouteCollection
 
         return $routes;
     }
+
+    /**
+     * Configure the TLS context for the server.
+     *
+     * @param  array  $context<string,  mixed>
+     * @return array<string, mixed>
+     */
+    protected static function configureTls(array $context, ?string $hostname): array
+    {
+        $context = array_filter($context, fn ($value) => $value !== null);
+
+        $usesTls = ($context['local_cert'] ?? false) || ($context['local_pk'] ?? false);
+
+        if (! $usesTls && $hostname && Certificate::exists($hostname)) {
+            [$certificate, $key] = Certificate::resolve($hostname);
+
+            $context['local_cert'] = $certificate;
+            $context['local_pk'] = $key;
+        }
+
+        return $context;
+    }
 }
diff --git a/tests/Unit/Servers/Reverb/FactoryTest.php b/tests/Unit/Servers/Reverb/FactoryTest.php
index 0c4dfed4..5028fc20 100644
--- a/tests/Unit/Servers/Reverb/FactoryTest.php
+++ b/tests/Unit/Servers/Reverb/FactoryTest.php
@@ -45,6 +45,7 @@
 
 it('can create a server using tls on the given host and port', function () {
     $this->app->config->set('reverb.servers.reverb.options.tls.local_cert', '/path/to/cert.pem');
+    $this->app->config->set('reverb.servers.reverb.options.tls.verify_peer', false);
     $server = Factory::make('127.0.0.1', '8002', options: $this->app->config->get('reverb.servers.reverb.options'));
 
     $socket = (new ReflectionProperty($server, 'socket'))->getValue($server);
@@ -55,3 +56,16 @@
 
     $server->stop();
 });
+
+it('can create a server without tls when context values are null', function () {
+    $this->app->config->set('reverb.servers.reverb.options.tls.local_cert', null);
+    $this->app->config->set('reverb.servers.reverb.options.tls.verify_peer', null);
+    $server = Factory::make('127.0.0.1', '8002', options: $this->app->config->get('reverb.servers.reverb.options'));
+
+    $socket = (new ReflectionProperty($server, 'socket'))->getValue($server);
+    $socketServer = (new ReflectionProperty($socket, 'server'))->getValue($socket);
+
+    expect($socketServer)->toBeInstanceOf(TcpServer::class);
+
+    $server->stop();
+});