Test Failure Report for ext/openssl/tests/sni_001.phpt ('SNI 001')
Script
1:
<?php
2: /* Server Name Indication (SNI) tests
3: *
4: * This test relies on https://sni.velox.ch/ and thus is disabled by default.
5: *
6: * sni.velox.ch uses 3 certificates :
7: * - CN=alice.sni.velox.ch (sent in response to server_name = alice.sni.velox.ch or not set)
8: * - CN=bob.sni.velox.ch (sent in response to server_name = bob.sni.velox.ch)
9: * - CN=*.sni.velox.ch (sent in response to server_name = mallory.sni.velox.ch or *.sni.velox.ch or sni.velox.ch)
10: *
11: * The test sends requests to the server, sending different names, and checks which certificate
12: * the server returned.
13: */
14:
15: function context() {
16: return stream_context_create(array(
17: 'ssl' => array(
18: 'capture_peer_cert' => true,
19: ),
20: ));
21: }
22:
23: function get_CN($context) {
24:
25: $ary = stream_context_get_options($context);
26: assert($ary);
27:
28: $cert = $ary['ssl']['peer_certificate'];
29: assert($cert);
30:
31: $cert_ary = openssl_x509_parse($cert);
32: return $cert_ary['subject']['CN'];
33: }
34:
35: function do_http_test($url, $context) {
36:
37: $fh = fopen($url, 'r', false, $context);
38: assert($fh);
39:
40: var_dump(get_CN($context));
41: }
42:
43: function do_ssl_test($url, $context) {
44:
45: $fh = stream_socket_client($url, $errno, $errstr,
46: ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
47: assert($fh);
48:
49: var_dump(get_CN($context));
50: }
51:
52: function do_enable_crypto_test($url, $context) {
53:
54: $fh = stream_socket_client($url, $errno, $errstr,
55: ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
56: assert($fh);
57:
58: $r = stream_socket_enable_crypto($fh, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
59: assert($r);
60:
61: var_dump(get_CN($context));
62: }
63:
64: /* Test https:// streams */
65:
66: echo "-- auto host name (1) --\n";
67: do_http_test('https://alice.sni.velox.ch/', context());
68:
69: echo "-- auto host name (2) --\n";
70: do_http_test('https://bob.sni.velox.ch/', context());
71:
72: echo "-- auto host name (3) --\n";
73: do_http_test('https://bob.sni.velox.ch./', context());
74:
75: echo "-- user supplied server name --\n";
76:
77: $context = context();
78: stream_context_set_option($context, 'ssl', 'SNI_server_name', 'bob.sni.velox.ch');
79: stream_context_set_option($context, 'http', 'header', b'Host: bob.sni.velox.ch');
80: do_http_test('https://alice.sni.velox.ch/', $context);
81:
82: echo "-- sni disabled --\n";
83:
84: $context = context();
85: stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
86: do_http_test('https://bob.sni.velox.ch/', $context);
87:
88: /* Test ssl:// socket streams */
89:
90: echo "-- raw SSL stream (1) --\n";
91: do_ssl_test('ssl://bob.sni.velox.ch:443', context());
92:
93: echo "-- raw SSL stream (2) --\n";
94: do_ssl_test('ssl://mallory.sni.velox.ch:443', context());
95:
96: echo "-- raw SSL stream with user supplied sni --\n";
97:
98: $context = context();
99: stream_context_set_option($context, 'ssl', 'SNI_server_name', 'bob.sni.velox.ch');
100:
101: do_ssl_test('ssl://mallory.sni.velox.ch:443', $context);
102:
103: echo "-- raw SSL stream with sni disabled --\n";
104:
105: $context = context();
106: stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
107:
108: do_ssl_test('ssl://mallory.sni.velox.ch:443', $context);
109:
110: /* Test tcp:// socket streams with SSL enabled */
111:
112: echo "-- stream_socket_enable_crypto (1) --\n";
113:
114: do_enable_crypto_test('tcp://bob.sni.velox.ch:443', context());
115:
116: echo "-- stream_socket_enable_crypto (2) --\n";
117:
118: do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', context());
119:
120: echo "-- stream_socket_enable_crypto with user supplied sni --\n";
121:
122: $context = context();
123: stream_context_set_option($context, 'ssl', 'SNI_server_name', 'bob.sni.velox.ch');
124:
125: do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', $context);
126:
127: echo "-- stream_socket_enable_crypto with sni disabled --\n";
128:
129: $context = context();
130: stream_context_set_option($context, 'ssl', 'SNI_enabled', false);
131:
132: do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', $context);
133:
134: echo "-- stream_socket_enable_crypto with long name --\n";
135:
136: $context = context();
137: stream_context_set_option($context, 'ssl', 'SNI_server_name', str_repeat('a.', 500) . '.sni.velox.ch');
138:
139: do_enable_crypto_test('tcp://mallory.sni.velox.ch:443', $context);
140:
141: ?>
142:
Expected
-- auto host name (1) --
%unicode|string%(18) "alice.sni.velox.ch"
-- auto host name (2) --
%unicode|string%(16) "bob.sni.velox.ch"
-- auto host name (3) --
%unicode|string%(16) "bob.sni.velox.ch"
-- user supplied server name --
%unicode|string%(16) "bob.sni.velox.ch"
-- sni disabled --
%unicode|string%(18) "alice.sni.velox.ch"
-- raw SSL stream (1) --
%unicode|string%(16) "bob.sni.velox.ch"
-- raw SSL stream (2) --
%unicode|string%(14) "*.sni.velox.ch"
-- raw SSL stream with user supplied sni --
%unicode|string%(16) "bob.sni.velox.ch"
-- raw SSL stream with sni disabled --
%unicode|string%(18) "alice.sni.velox.ch"
-- stream_socket_enable_crypto (1) --
%unicode|string%(16) "bob.sni.velox.ch"
-- stream_socket_enable_crypto (2) --
%unicode|string%(14) "*.sni.velox.ch"
-- stream_socket_enable_crypto with user supplied sni --
%unicode|string%(16) "bob.sni.velox.ch"
-- stream_socket_enable_crypto with sni disabled --
%unicode|string%(18) "alice.sni.velox.ch"
-- stream_socket_enable_crypto with long name --
%unicode|string%(18) "alice.sni.velox.ch"
Output
-- auto host name (1) --
Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
NULL
-- auto host name (2) --
Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
NULL
-- auto host name (3) --
Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
NULL
-- user supplied server name --
Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
NULL
-- sni disabled --
Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
NULL
-- raw SSL stream (1) --
string(16) "bob.sni.velox.ch"
-- raw SSL stream (2) --
string(14) "*.sni.velox.ch"
-- raw SSL stream with user supplied sni --
string(16) "bob.sni.velox.ch"
-- raw SSL stream with sni disabled --
string(18) "alice.sni.velox.ch"
-- stream_socket_enable_crypto (1) --
string(16) "bob.sni.velox.ch"
-- stream_socket_enable_crypto (2) --
string(14) "*.sni.velox.ch"
-- stream_socket_enable_crypto with user supplied sni --
string(16) "bob.sni.velox.ch"
-- stream_socket_enable_crypto with sni disabled --
string(18) "alice.sni.velox.ch"
-- stream_socket_enable_crypto with long name --
string(18) "alice.sni.velox.ch"
Diff
002+
003+ Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
004+
005+ Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
006+ NULL
002- %unicode|string%(18) "alice.sni.velox.ch"
004- %unicode|string%(16) "bob.sni.velox.ch"
006- %unicode|string%(16) "bob.sni.velox.ch"
008+
009+ Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
010+
011+ Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
012+ NULL
008- %unicode|string%(16) "bob.sni.velox.ch"
010- %unicode|string%(18) "alice.sni.velox.ch"
014+
015+ Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
016+
017+ Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
018+ NULL
020+
021+ Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
022+
023+ Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
024+ NULL
026+
027+ Notice: Undefined index: peer_certificate in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 28
028+
029+ Warning: assert(): Assertion failed in /var/php_gcov/PHP_5_4/ext/openssl/tests/sni_001.php on line 29
030+ NULL
Generated at Tue, 21 May 2013 17:04:51 +0000 (24 hours ago)
|
