PHP  
 PHP_7_1
downloads | QA | documentation | faq | getting help | mailing lists | reporting bugs | php.net sites | links | my php.net 
 

Test Failure Report for ext/openssl/tests/bug54992.phpt ('Bug #54992: Stream not closed and error not returned when SSL CN_match fails')

Script

1: <?php
2:
/*
3:  How to generate bug54992.pem and bug54992-ca.pem and all dependants:
4:
5:  All the commands below assume you're in the root of php sources
6:
7:  Generate new key for CA:
8:  $ openssl genrsa -out ./ext/openssl/tests/bug54992-ca.key 4096
9:
10:  Create new CA:
11:  $ openssl req -new -x509 -key ./ext/openssl/tests/bug54992-ca.key \
12:       -out ext/openssl/tests/bug54992-ca.pem \
13:       -subj '/C=PT/ST=Lisboa/L=Lisboa/O=PHP Foundation/CN=Root CA for PHP Tests/emailAddress=internals@lists.php.net' \
14:       -days 400
15:
16:  Extract private key from the bundle:
17:  $ openssl rsa -in ext/openssl/tests/bug54992.pem > ext/openssl/tests/bug54992.key
18:
19:  Extract CSR from existing certificate:
20:  $ openssl x509 -x509toreq -in ext/openssl/tests/bug54992.pem -out ext/openssl/tests/bug54992.csr -signkey ext/openssl/tests/bug54992.key
21:
22:  Sign the CSR:
23:  $ openssl x509 -CA ext/openssl/tests/bug54992-ca.pem \
24:         -CAcreateserial \
25:         -CAkey ./ext/openssl/tests/bug54992-ca.key \
26:         -req \
27:         -in ext/openssl/tests/bug54992.csr \
28:         -sha256 \
29:         -days 400 \
30:         -out ./ext/openssl/tests/bug54992.pem
31:
32:  Bundle certificate's private key with the certificate:
33:  $ cat ext/openssl/tests/bug54992.key >> ext/openssl/tests/bug54992.pem\
34:
35:
36:  Dependants:
37:
38:  1. ext/openssl/tests/bug65538_003.phpt
39:     Run the following to generate required phar:
40:     php -d phar.readonly=Off -r '$phar = new Phar("ext/openssl/tests/bug65538.phar"); $phar->addFile("ext/openssl/tests/bug54992.pem", "bug54992.pem"); $phar->addFile("ext/openssl/tests/bug54992-ca.pem", "bug54992-ca.pem");'
41:
42:  2. Update ext/openssl/tests/openssl_peer_fingerprint_basic.phpt (see instructions in there)
43:  */
44:
$serverCode = <<<'CODE'
45:
    $serverUri = "ssl://127.0.0.1:64321";
46:     $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
47:     $serverCtx = stream_context_create(['ssl' => [
48:         'local_cert' => __DIR__ . '/bug54992.pem',
49:     ]]);
50:
51:     $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
52:     phpt_notify();
53:
54:     @stream_socket_accept($server, 1);
55:
CODE;
56:
57:
$clientCode = <<<'CODE'
58:
    $serverUri = "ssl://127.0.0.1:64321";
59:     $clientFlags = STREAM_CLIENT_CONNECT;
60:     $clientCtx = stream_context_create(['ssl' => [
61:         'verify_peer' => true,
62:         'cafile' => __DIR__ . '/bug54992-ca.pem',
63:         'peer_name' => 'buga_buga',
64:     ]]);
65:
66:     phpt_wait();
67:     $client = stream_socket_client($serverUri, $errno, $errstr, 2, $clientFlags, $clientCtx);
68:
69:     var_dump($client);
70:
CODE;
71:
72: include 
'ServerClientTestCase.inc';
73:
ServerClientTestCase::getInstance()->run($clientCode$serverCode);
74:
?>
75:

Expected

Warning: stream_socket_client(): Peer certificate CN=`bug54992.local' did not match expected CN=`buga_buga' in %s on line %d

Warning: stream_socket_client(): Failed to enable crypto in %s on line %d

Warning: stream_socket_client(): unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d
bool(false)

Output

Warning: stream_socket_client(): SSL: Handshake timed out in /var/php_gcov/PHP_7_1/ext/openssl/tests/ServerClientTestCase.inc(96) : eval()'d code on line 10

Warning: stream_socket_client(): Failed to enable crypto in /var/php_gcov/PHP_7_1/ext/openssl/tests/ServerClientTestCase.inc(96) : eval()'d code on line 10

Warning: stream_socket_client(): unable to connect to ssl://127.0.0.1:64321 (Unknown error) in /var/php_gcov/PHP_7_1/ext/openssl/tests/ServerClientTestCase.inc(96) : eval()'d code on line 10
bool(false)

Diff

001+ Warning: stream_socket_client(): SSL: Handshake timed out in /var/php_gcov/PHP_7_1/ext/openssl/tests/ServerClientTestCase.inc(96) : eval()'d code on line 10
001- Warning: stream_socket_client(): Peer certificate CN=`bug54992.local' did not match expected CN=`buga_buga' in %s on line %d

 

Generated at Sun, 23 Jun 2019 06:34:16 +0000 (3 days ago)

Copyright © 2005-2019 The PHP Group
All rights reserved.