首页 发现 帮助
登录
SoftwareDesign
/
csu3_am335x
8
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
目录树: dc68c6eb46
分支列表 标签列表
csu3_am335x
/
EVSE
/
GPL
/
php-7.3.28
/
ext
/
openssl
/
tests
/
peer_verification.phpt

peer_verification.phpt 2.6 KB
文件历史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. --TEST--
    2. 

  2. Peer verification enabled for client streams
    3. 

  3. --SKIPIF--
    4. 

  4. <?php
    5. 

  5. if (!extension_loaded("openssl")) die("skip openssl not loaded");
    6. 

  6. if (!function_exists("proc_open")) die("skip no proc_open");
    7. 

  7. ?>
    8. 

  8. --FILE--
    9. 

  9. <?php
    10. 

  10. $certFile = __DIR__ . DIRECTORY_SEPARATOR . 'peer_verification.pem.tmp';
    11. 

  11. $cacertFile = __DIR__ . DIRECTORY_SEPARATOR . 'peer_verification-ca.pem.tmp';
    12. 

  12. 

  13. $serverCode = <<<'CODE'
    14. 

  14.     $serverUri = "ssl://127.0.0.1:64321";
    15. 

  15.     $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
    16. 

  16.     $serverCtx = stream_context_create(['ssl' => [
    17. 

  17.         'local_cert' => '%s'
    18. 

  18.     ]]);
    19. 

  19. 

  20.     $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
    21. 

  21.     phpt_notify();
    22. 

  22. 

  23.     for ($i = 0; $i < 5; $i++) {
    24. 

  24.         @stream_socket_accept($server, 1);
    25. 

  25.     }
    26. 

  26. CODE;
    27. 

  27. $serverCode = sprintf($serverCode, $certFile);
    28. 

  28. 

  29. $peerName = 'peer_verification';
    30. 

  30. $clientCode = <<<'CODE'
    31. 

  31.     $serverUri = "ssl://127.0.0.1:64321";
    32. 

  32.     $clientFlags = STREAM_CLIENT_CONNECT;
    33. 

  33.     $caFile = '%s';
    34. 

  34. 

  35.     phpt_wait();
    36. 

  36. 

  37.     // Expected to fail -- untrusted server cert and no CA File present
    38. 

  38.     var_dump(@stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags));
    39. 

  39. 

  40.     // Expected to fail -- untrusted server cert and no CA File present
    41. 

  41.     $clientCtx = stream_context_create(['ssl' => [
    42. 

  42.         'verify_peer' => true,
    43. 

  43.     ]]);
    44. 

  44.     var_dump(@stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx));
    45. 

  45. 

  46.     // Should succeed with peer verification disabled in context
    47. 

  47.     $clientCtx = stream_context_create(['ssl' => [
    48. 

  48.         'verify_peer' => false,
    49. 

  49.         'verify_peer_name' => false,
    50. 

  50.     ]]);
    51. 

  51.     var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx));
    52. 

  52. 

  53.     // Should succeed with CA file specified in context
    54. 

  54.     $clientCtx = stream_context_create(['ssl' => [
    55. 

  55.         'cafile'   => $caFile,
    56. 

  56.         'peer_name' => '%s',
    57. 

  57.     ]]);
    58. 

  58.     var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx));
    59. 

  59. CODE;
    60. 

  60. $clientCode = sprintf($clientCode, $cacertFile, $peerName);
    61. 

  61. 

  62. include 'CertificateGenerator.inc';
    63. 

  63. $certificateGenerator = new CertificateGenerator();
    64. 

  64. $certificateGenerator->saveCaCert($cacertFile);
    65. 

  65. $certificateGenerator->saveNewCertAsFileWithKey($peerName, $certFile);
    66. 

  66. 

  67. include 'ServerClientTestCase.inc';
    68. 

  68. ServerClientTestCase::getInstance()->run($clientCode, $serverCode);
    69. 

  69. ?>
    70. 

  70. --CLEAN--
    71. 

  71. <?php
    72. 

  72. @unlink(__DIR__ . DIRECTORY_SEPARATOR . 'peer_verification.pem.tmp');
    73. 

  73. @unlink(__DIR__ . DIRECTORY_SEPARATOR . 'peer_verification-ca.pem.tmp');
    74. 

  74. ?>
    75. 

  75. --EXPECTF--
    76. 

  76. bool(false)
    77. 

  77. bool(false)
    78. 

  78. resource(%d) of type (stream)
    79. 

  79. resource(%d) of type (stream)
    80.