diff options
| author | Daniel Lowrey <rdlowrey@php.net> | 2015-03-04 12:54:34 -0500 |
|---|---|---|
| committer | Daniel Lowrey <rdlowrey@php.net> | 2015-03-04 12:47:46 -0700 |
| commit | 241f3c34b89ab55432d5af3fd1e4217540e161a3 (patch) | |
| tree | 45a4e474ae56e322342d38caafe311a9c9e00d0a /ext/openssl/tests/bug68920.phpt | |
| parent | a29b64fc1029b4121e3e9ff20901c35ad600b4da (diff) | |
| download | php-git-241f3c34b89ab55432d5af3fd1e4217540e161a3.tar.gz | |
Fixed bug #68920 (use strict peer_fingerprint input checks)
Diffstat (limited to 'ext/openssl/tests/bug68920.phpt')
| -rw-r--r-- | ext/openssl/tests/bug68920.phpt | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/ext/openssl/tests/bug68920.phpt b/ext/openssl/tests/bug68920.phpt new file mode 100644 index 0000000000..72e3f6c8f9 --- /dev/null +++ b/ext/openssl/tests/bug68920.phpt @@ -0,0 +1,57 @@ +--TEST-- +Bug #68920: peer_fingerprint input checks should be strict +--SKIPIF-- +<?php +if (!extension_loaded("openssl")) die("skip openssl not loaded"); +--FILE-- +<?php +error_reporting(E_ALL); + +$ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => true]]); +$sock = stream_socket_client("ssl://php.net:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $ctx); +var_dump($sock); + +$ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => null]]); +$sock = stream_socket_client("ssl://php.net:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $ctx); +var_dump($sock); + +$ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => []]]); +$sock = stream_socket_client("ssl://php.net:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $ctx); +var_dump($sock); + +$ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => ['foo']]]); +$sock = stream_socket_client("ssl://php.net:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $ctx); +var_dump($sock); +--EXPECTF-- + +Warning: stream_socket_client(): Expected peer fingerprint must be a string or an array in %s on line %d + +Warning: stream_socket_client(): Failed to enable crypto in %s on line %d + +Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d +bool(false) + +Warning: stream_socket_client(): Expected peer fingerprint must be a string or an array in %s on line %d + +Warning: stream_socket_client(): Failed to enable crypto in %s on line %d + +Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d +bool(false) + +Warning: stream_socket_client(): Invalid peer_fingerprint array; [algo => fingerprint] form required in %s on line %d + +Warning: stream_socket_client(): peer_fingerprint match failure in %s on line %d + +Warning: stream_socket_client(): Failed to enable crypto in %s on line %d + +Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d +bool(false) + +Warning: stream_socket_client(): Invalid peer_fingerprint array; [algo => fingerprint] form required in %s on line %d + +Warning: stream_socket_client(): peer_fingerprint match failure in %s on line %d + +Warning: stream_socket_client(): Failed to enable crypto in %s on line %d + +Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d +bool(false) |