path: root/ext/openssl/tests/sni_001.phpt
diff options
Diffstat (limited to 'ext/openssl/tests/sni_001.phpt')
1 files changed, 0 insertions, 184 deletions
diff --git a/ext/openssl/tests/sni_001.phpt b/ext/openssl/tests/sni_001.phpt
deleted file mode 100644
index e7dbf3f19e..0000000000
--- a/ext/openssl/tests/sni_001.phpt
+++ /dev/null
@@ -1,184 +0,0 @@
-SNI 001
- if (!extension_loaded('openssl')) die("skip openssl extension not available");
- if (!getenv('SNI_TESTS')) die("skip Set SNI_TESTS to enable this test (uses remote resources)");
-/* Server Name Indication (SNI) tests
- *
- * This test relies on and thus is disabled by default.
- *
- * uses 3 certificates :
- * - (sent in response to server_name = or not set)
- * - (sent in response to server_name =
- * - CN=* (sent in response to server_name = or * or
- *
- * The test sends requests to the server, sending different names, and checks which certificate
- * the server returned.
- */
-function context($host = NULL) {
- $ctx = stream_context_create();
- stream_context_set_option($ctx, 'ssl', 'capture_peer_cert', true);
- stream_context_set_option($ctx, 'ssl', 'verify_peer', false);
- if ($host) {
- stream_context_set_option($ctx, 'ssl', 'peer_name', $host);
- } else {
- stream_context_set_option($ctx, 'ssl', 'verify_peer_name', false);
- }
- return $ctx;
-function get_CN($context) {
- $ary = stream_context_get_options($context);
- assert($ary);
- $cert = $ary['ssl']['peer_certificate'];
- assert($cert);
- $cert_ary = openssl_x509_parse($cert);
- return $cert_ary['subject']['CN'];
-function do_http_test($url, $context) {
- $fh = fopen($url, 'r', false, $context);
- assert($fh);
- var_dump(get_CN($context));
-function do_ssl_test($url, $context) {
- $fh = stream_socket_client($url, $errno, $errstr,
- ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
- assert($fh);
- var_dump(get_CN($context));
-function do_enable_crypto_test($url, $context) {
- $fh = stream_socket_client($url, $errno, $errstr,
- ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
- assert($fh);
- $r = stream_socket_enable_crypto($fh, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
- assert($r);
- var_dump(get_CN($context));
-/* Test https:// streams */
-echo "-- auto host name (1) --\n";
-do_http_test('', context(''));
-echo "-- auto host name (2) --\n";
-do_http_test('', context(''));
-echo "-- auto host name (3) --\n";
-do_http_test('', context(''));
-echo "-- user supplied server name --\n";
-$context = context();
-stream_context_set_option($context, 'ssl', 'peer_name', '');
-stream_context_set_option($context, 'http', 'header', b'Host:');
-do_http_test('', $context);
-echo "-- sni disabled --\n";
-$context = context();
-stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
-do_http_test('', $context);
-/* Test ssl:// socket streams */
-echo "-- raw SSL stream (1) --\n";
-do_ssl_test('ssl://', context(''));
-echo "-- raw SSL stream (2) --\n";
-do_ssl_test('ssl://', context(''));
-echo "-- raw SSL stream with user supplied sni --\n";
-$context = context('');
-stream_context_set_option($context, 'ssl', 'peer_name', '');
-do_ssl_test('ssl://', $context);
-echo "-- raw SSL stream with sni disabled --\n";
-$context = context();
-stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
-do_ssl_test('ssl://', $context);
-/* Test tcp:// socket streams with SSL enabled */
-echo "-- stream_socket_enable_crypto (1) --\n";
-do_enable_crypto_test('tcp://', context());
-echo "-- stream_socket_enable_crypto (2) --\n";
-do_enable_crypto_test('tcp://', context());
-echo "-- stream_socket_enable_crypto with user supplied sni --\n";
-$context = context();
-stream_context_set_option($context, 'ssl', 'peer_name', '');
-do_enable_crypto_test('tcp://', $context);
-echo "-- stream_socket_enable_crypto with sni disabled --\n";
-$context = context();
-stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
-do_enable_crypto_test('tcp://', $context);
-echo "-- stream_socket_enable_crypto with long name --\n";
-$context = context();
-stream_context_set_option($context, 'ssl', 'peer_name', str_repeat('a.', 500) . '');
-do_enable_crypto_test('tcp://', $context);
--- auto host name (1) --
-%unicode|string%(18) ""
--- auto host name (2) --
-%unicode|string%(16) ""
--- auto host name (3) --
-%unicode|string%(16) ""
--- user supplied server name --
-%unicode|string%(16) ""
--- sni disabled --
-%unicode|string%(18) ""
--- raw SSL stream (1) --
-%unicode|string%(16) ""
--- raw SSL stream (2) --
-%unicode|string%(14) "*"
--- raw SSL stream with user supplied sni --
-%unicode|string%(16) ""
--- raw SSL stream with sni disabled --
-%unicode|string%(18) ""
--- stream_socket_enable_crypto (1) --
-%unicode|string%(16) ""
--- stream_socket_enable_crypto (2) --
-%unicode|string%(14) "*"
--- stream_socket_enable_crypto with user supplied sni --
-%unicode|string%(16) ""
--- stream_socket_enable_crypto with sni disabled --
-%unicode|string%(18) ""
--- stream_socket_enable_crypto with long name --
-%unicode|string%(18) ""