Allow ssl on http transport too

README.md

@@ -99,6 +99,30 @@ return [
             // transport. When forgotten or set to null, default path '/gelf'
             // is used.
             'path' => null,
+
+            // This optional option enable or disable ssl on TCP transport.
+            // Default is false.
+            'ssl' => false,
+
+            // If ssl is enabled on TCP transport, the following configuration
+            // is used.
+            'ssl_options' => [
+                // Enable or disable the peer certificate check. Default is
+                // null.
+                'verify_peer' => true,
+
+                // Path to a custom CA file (eg: "/path/to/ca.pem"). Default
+                // is null.
+                'ca_file' => null,
+
+                // List of ciphers the SSL layer may use, formatted as
+                // specified in ciphers(1). Default is null.
+                'ciphers' => null,
+
+                // Whether self-signed certificates are allowed. Default is
+                // false.
+                'allow_self_signed' => false,
+            ],
 
             // This optional option determines the maximum length per message
             // field. When forgotten or set to null, the default value of 
@@ -114,16 +138,6 @@ return [
             // from the Monolog record. Default is null (no extra prefix)
             'extra_prefix' => null,
 
-            // Optional option to set ssl on tcp requests. On udp requests this is ignored
-            // This configuration will be added the specified port in this configuration item.
-            // The base package of graylog is only setting ssl on port 12202.
-            // When you just want base settings of graylog2/gelf-php then you don't specify this attribute.
-            'ssl' => [
-                'verify_peer' => true,
-                'ca_file' => '/path/to/ca.pem',  // or null
-                'ciphers' => 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256', // or null
-                'allow_self_signed' => false,
-            ]
         ],
     ],
 ];

src/GelfLoggerFactory.php

@@ -43,7 +43,7 @@ public function __invoke(array $config): Logger
                 $config['host'] ?? '127.0.0.1',
                 $config['port'] ?? 12201,
                 $config['path'] ?? null,
-	  	$config['ssl'] ?? null
+                $this->enableSsl($config) ? $this->sslOptions($config['ssl_options'] ?? null) : null
             )
         );
 
@@ -70,18 +70,43 @@ protected function getTransport(
         string $host,
         int $port,
         ?string $path = null,
-		?array $ssl = null
+        ?SslOptions $sslOptions = null
     ): AbstractTransport {
         switch (strtolower($transport)) {
             case 'tcp':
-                return new TcpTransport($host, $port, $this->createSsl($ssl));
-			case 'http':
-                return new HttpTransport($host, $port, $path ?? HttpTransport::DEFAULT_PATH);
+                return new TcpTransport($host, $port, $sslOptions);
+            case 'http':
+                return new HttpTransport($host, $port, $path ?? HttpTransport::DEFAULT_PATH, $sslOptions);
             default:
                 return new UdpTransport($host, $port);
         }
     }
 
+    protected function enableSsl(array $config): bool
+    {
+        if (! isset($config['transport']) || $config['transport'] === 'udp') {
+            return false;
+        }
+
+        return $config['ssl'] ?? false;
+    }
+
+    protected function sslOptions(?array $sslConfig = null): SslOptions
+    {
+        $sslOptions = new SslOptions();
+
+        if (! $sslConfig) {
+            return $sslOptions;
+        }
+
+        $sslOptions->setVerifyPeer($sslConfig['verify_peer'] ?? true);
+        $sslOptions->setCaFile($sslConfig['ca_file'] ?? null);
+        $sslOptions->setCiphers($sslConfig['ciphers'] ?? null);
+        $sslOptions->setAllowSelfSigned($sslConfig['allow_self_signed'] ?? false);
+
+        return $sslOptions;
+    }
+
     /** @throws \InvalidArgumentException */
     protected function level(array $config): int
     {
@@ -120,19 +145,4 @@ protected function getFallbackChannelName(): string
     {
         return $this->app->bound('env') ? $this->app->environment() : 'production';
     }
-
-	private function createSsl(?array $ssl): ?SslOptions
-	{
-		if (empty($ssl)) {
-			return null;
-		}
-
-		$sslOptions = new SslOptions();
-		$sslOptions->setAllowSelfSigned($ssl['allow_self_signed'] ?? false);
-		$sslOptions->setCaFile($ssl['ca_file'] ?? null);
-		$sslOptions->setCiphers($ssl['ciphers'] ?? null);
-		$sslOptions->setVerifyPeer($ssl['verify_peer'] ?? true);
-
-		return $sslOptions;
-	}
 }