clones/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-09-22 02:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix tests regarding OpenSSL security_level

Browse Source 
The `security_level` stream option is only available as of OpenSSL
1.1.0, so we only set it for these versions.  Older OpenSSL versions
do not have security levels at all.
This commit is contained in:
Christoph M. Becker 2020-06-18 13:28:09 +02:00
parent 6b702eea15
commit b281493503
3 changed files with 36 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
View File

@ -11,12 +11,15 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'tls_min_v1.0_max_v1.1_wrapper.pem.t
$serverCode = <<<'CODE'
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
$ctx = stream_context_create(['ssl' => [
$ssl_opts = [
'local_cert' => '%s',
'min_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_0,
'max_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_1,
'security_level' => 1,
]]);
];
if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
$ssl_opts['security_level'] = 1;
}
$ctx = stream_context_create(['ssl' => $ssl_opts]);
$server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
phpt_notify();
@ -29,11 +32,14 @@ $serverCode = sprintf($serverCode, $certFile);
$clientCode = <<<'CODE'
$flags = STREAM_CLIENT_CONNECT;
$ctx = stream_context_create(['ssl' => [
$ssl_opts = [
'verify_peer' => false,
'verify_peer_name' => false,
'security_level' => 1,
]]);
];
if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
$ssl_opts['security_level'] = 1;
}
$ctx = stream_context_create(['ssl' => $ssl_opts]);
phpt_wait();

18
ext/openssl/tests/tlsv1.0_wrapper.phpt
View File

@ -11,10 +11,13 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'tlsv1.0_wrapper.pem.tmp';
$serverCode = <<<'CODE'
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
$ctx = stream_context_create(['ssl' => [
$ssl_opts = [
'local_cert' => '%s',
'security_level' => 1,
]]);
];
if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
$ssl_opts['security_level'] = 1;
}
$ctx = stream_context_create(['ssl' => $ssl_opts]);
$server = stream_socket_server('tlsv1.0://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
phpt_notify();
@ -27,11 +30,14 @@ $serverCode = sprintf($serverCode, $certFile);
$clientCode = <<<'CODE'
$flags = STREAM_CLIENT_CONNECT;
$ctx = stream_context_create(['ssl' => [
$ssl_opts = [
'verify_peer' => false,
'verify_peer_name' => false,
'security_level' => 1,
]]);
];
if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
$ssl_opts['security_level'] = 1;
}
$ctx = stream_context_create(['ssl' => $ssl_opts]);
phpt_wait();

18
ext/openssl/tests/tlsv1.1_wrapper.phpt
View File

@ -11,10 +11,13 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'tlsv1.1_wrapper.pem.tmp';
$serverCode = <<<'CODE'
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
$ctx = stream_context_create(['ssl' => [
$ssl_opts = [
'local_cert' => '%s',
'security_level' => 1,
]]);
];
if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
$ssl_opts['security_level'] = 1;
}
$ctx = stream_context_create(['ssl' => $ssl_opts]);
$server = stream_socket_server('tlsv1.1://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
phpt_notify();
@ -27,11 +30,14 @@ $serverCode = sprintf($serverCode, $certFile);
$clientCode = <<<'CODE'
$flags = STREAM_CLIENT_CONNECT;
$ctx = stream_context_create(['ssl' => [
$ssl_opts = [
'verify_peer' => false,
'verify_peer_name' => false,
'security_level' => 1,
]]);
];
if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
$ssl_opts['security_level'] = 1;
}
$ctx = stream_context_create(['ssl' => $ssl_opts]);
phpt_wait();