Fix tests regarding OpenSSL security_level

The `security_level` stream option is only available as of OpenSSL 1.1.0, so we only set it for these versions. Older OpenSSL versions do not have security levels at all.
author: Christoph M. Becker <cmbecker69@gmx.de> 2020-06-18 13:28:09 +0200
committer: Christoph M. Becker <cmbecker69@gmx.de> 2020-06-18 13:28:09 +0200
commit: b281493503401a2b5c45c11fcd0498d8448998c2 (patch)
tree: 89838a58574c1aef5f38b5d277792a7387410037
parent: 6b702eea15e34a3d6b81a78b7d7c7fbe16c5d2ae (diff)
download: php-git-b281493503401a2b5c45c11fcd0498d8448998c2.tar.gz
3 files changed, 36 insertions, 18 deletions
diff --git a/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt b/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
index ac31192da4..a6745c8797 100644
--- a/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
+++ b/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
@@ -11,12 +11,15 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'tls_min_v1.0_max_v1.1_wrapper.pem.t
 
 $serverCode = <<<'CODE'
     $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
-    $ctx = stream_context_create(['ssl' => [
+    $ssl_opts = [
         'local_cert' => '%s',
         'min_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_0,
         'max_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_1,
-        'security_level' => 1,
-    ]]);
+    ];
+    if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
+        $ssl_opts['security_level'] = 1;
+    }
+    $ctx = stream_context_create(['ssl' => $ssl_opts]);
 
     $server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
     phpt_notify();
@@ -29,11 +32,14 @@ $serverCode = sprintf($serverCode, $certFile);
 
 $clientCode = <<<'CODE'
     $flags = STREAM_CLIENT_CONNECT;
-    $ctx = stream_context_create(['ssl' => [
+    $ssl_opts = [
         'verify_peer' => false,
         'verify_peer_name' => false,
-        'security_level' => 1,
-    ]]);
+    ];
+    if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
+        $ssl_opts['security_level'] = 1;
+    }
+    $ctx = stream_context_create(['ssl' => $ssl_opts]);
 
     phpt_wait();
 
diff --git a/ext/openssl/tests/tlsv1.0_wrapper.phpt b/ext/openssl/tests/tlsv1.0_wrapper.phpt
index adbe7b6308..3460764c66 100644
--- a/ext/openssl/tests/tlsv1.0_wrapper.phpt
+++ b/ext/openssl/tests/tlsv1.0_wrapper.phpt
@@ -11,10 +11,13 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'tlsv1.0_wrapper.pem.tmp';
 
 $serverCode = <<<'CODE'
     $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
-    $ctx = stream_context_create(['ssl' => [
+    $ssl_opts = [
         'local_cert' => '%s',
-        'security_level' => 1,
-    ]]);
+    ];
+    if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
+        $ssl_opts['security_level'] = 1;
+    }
+    $ctx = stream_context_create(['ssl' => $ssl_opts]);
 
     $server = stream_socket_server('tlsv1.0://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
     phpt_notify();
@@ -27,11 +30,14 @@ $serverCode = sprintf($serverCode, $certFile);
 
 $clientCode = <<<'CODE'
     $flags = STREAM_CLIENT_CONNECT;
-    $ctx = stream_context_create(['ssl' => [
+    $ssl_opts = [
         'verify_peer' => false,
         'verify_peer_name' => false,
-        'security_level' => 1,
-    ]]);
+    ];
+    if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
+        $ssl_opts['security_level'] = 1;
+    }
+    $ctx = stream_context_create(['ssl' => $ssl_opts]);
 
     phpt_wait();
 
diff --git a/ext/openssl/tests/tlsv1.1_wrapper.phpt b/ext/openssl/tests/tlsv1.1_wrapper.phpt
index c1aaa04919..acca3e0d9f 100644
--- a/ext/openssl/tests/tlsv1.1_wrapper.phpt
+++ b/ext/openssl/tests/tlsv1.1_wrapper.phpt
@@ -11,10 +11,13 @@ $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'tlsv1.1_wrapper.pem.tmp';
 
 $serverCode = <<<'CODE'
     $flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
-    $ctx = stream_context_create(['ssl' => [
+    $ssl_opts = [
         'local_cert' => '%s',
-        'security_level' => 1,
-    ]]);
+    ];
+    if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
+        $ssl_opts['security_level'] = 1;
+    }
+    $ctx = stream_context_create(['ssl' => $ssl_opts]);
 
     $server = stream_socket_server('tlsv1.1://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
     phpt_notify();
@@ -27,11 +30,14 @@ $serverCode = sprintf($serverCode, $certFile);
 
 $clientCode = <<<'CODE'
     $flags = STREAM_CLIENT_CONNECT;
-    $ctx = stream_context_create(['ssl' => [
+    $ssl_opts = [
         'verify_peer' => false,
         'verify_peer_name' => false,
-        'security_level' => 1,
-    ]]);
+    ];
+    if (OPENSSL_VERSION_NUMBER >= 0x10100000) {
+        $ssl_opts['security_level'] = 1;
+    }
+    $ctx = stream_context_create(['ssl' => $ssl_opts]);
 
     phpt_wait();
author	Christoph M. Becker <cmbecker69@gmx.de>	2020-06-18 13:28:09 +0200
committer	Christoph M. Becker <cmbecker69@gmx.de>	2020-06-18 13:28:09 +0200
commit	b281493503401a2b5c45c11fcd0498d8448998c2 (patch)
tree	89838a58574c1aef5f38b5d277792a7387410037
parent	6b702eea15e34a3d6b81a78b7d7c7fbe16c5d2ae (diff)
download	php-git-b281493503401a2b5c45c11fcd0498d8448998c2.tar.gz