From: Daniel Lowrey Date: Sun, 16 Feb 2014 15:38:39 +0000 (-0700) Subject: Add tests for Bug #65538 X-Git-Tag: php-5.6.0alpha3~1^2~53^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2a83295b14658dfac2f7733c03b941d184521889;p=php Add tests for Bug #65538 --- diff --git a/ext/openssl/tests/bug65538.phar b/ext/openssl/tests/bug65538.phar new file mode 100644 index 0000000000..ae0bd29c6e Binary files /dev/null and b/ext/openssl/tests/bug65538.phar differ diff --git a/ext/openssl/tests/bug65538_001.phpt b/ext/openssl/tests/bug65538_001.phpt new file mode 100644 index 0000000000..45a0203731 --- /dev/null +++ b/ext/openssl/tests/bug65538_001.phpt @@ -0,0 +1,51 @@ +--TEST-- +Bug #65538 SSL context "cafile" supports stream wrappers +--SKIPIF-- + +--FILE-- + [ + 'local_cert' => __DIR__ . '/bug54992.pem' +]]); +$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; +$server = stream_socket_server('ssl://127.0.0.1:64321', $errno, $errstr, $serverFlags, $serverCtx); + +$pid = pcntl_fork(); + +if ($pid == -1) { + die('could not fork'); +} else if ($pid) { + $clientCtx = stream_context_create(['ssl' => [ + 'cafile' => 'file://' . __DIR__ . '/bug54992-ca.pem', + 'CN_match' => 'bug54992.local' + ]]); + $html = file_get_contents('https://127.0.0.1:64321', false, $clientCtx); + var_dump($html); +} else { + @pcntl_wait($status); + + $client = @stream_socket_accept($server); + if ($client) { + $in = ''; + while (!preg_match('/\r?\n\r?\n/', $in)) { + $in .= fread($client, 2048); + } + $response = << +--EXPECTF-- +string(12) "Hello World!" diff --git a/ext/openssl/tests/bug65538_002.phpt b/ext/openssl/tests/bug65538_002.phpt new file mode 100644 index 0000000000..05c2f0a26a --- /dev/null +++ b/ext/openssl/tests/bug65538_002.phpt @@ -0,0 +1,22 @@ +--TEST-- +Bug #65538 SSL context "cafile" disallows URL stream wrappers +--SKIPIF-- + +--FILE-- + [ + 'cafile' => 'http://curl.haxx.se/ca/cacert.pem' +]]); +file_get_contents('https://github.com', false, $clientCtx); +?> +--EXPECTF-- +Warning: remote cafile streams are disabled for security purposes in %s on line %d + +Warning: file_get_contents(): failed to create an SSL handle in %s on line %d + +Warning: file_get_contents(): Failed to enable crypto in %s on line %d + +Warning: file_get_contents(%s): failed to open stream: operation failed in %s on line %d diff --git a/ext/openssl/tests/bug65538_003.phpt b/ext/openssl/tests/bug65538_003.phpt new file mode 100644 index 0000000000..c522d029b5 --- /dev/null +++ b/ext/openssl/tests/bug65538_003.phpt @@ -0,0 +1,52 @@ +--TEST-- +Bug #65538 SSL context "cafile" supports phar wrapper +--SKIPIF-- + +--FILE-- + [ + 'local_cert' => __DIR__ . '/bug54992.pem' +]]); +$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; +$server = stream_socket_server('ssl://127.0.0.1:64321', $errno, $errstr, $serverFlags, $serverCtx); + +$pid = pcntl_fork(); + +if ($pid == -1) { + die('could not fork'); +} else if ($pid) { + $clientCtx = stream_context_create(['ssl' => [ + 'cafile' => 'phar://' . __DIR__ . '/bug65538.phar/bug54992-ca.pem', + 'CN_match' => 'bug54992.local' + ]]); + $html = file_get_contents('https://127.0.0.1:64321', false, $clientCtx); + var_dump($html); +} else { + @pcntl_wait($status); + + $client = @stream_socket_accept($server); + if ($client) { + $in = ''; + while (!preg_match('/\r?\n\r?\n/', $in)) { + $in .= fread($client, 2048); + } + $response = << +--EXPECTF-- +string(12) "Hello World!"