Skip to content

Commit

Permalink
Downgrade security level in tests using TLS < 1.2
Browse files Browse the repository at this point in the history 
A few additional tests have been added on master that require
lower security level.
  • Loading branch information
@nikic
nikic committed Jun 18, 2020
1 parent f3ff070 commit c2a6395
Show file tree
Hide file tree
Showing 5 changed files with 15 additions and 5 deletions.
6 changes: 4 additions & 2 deletions ext/openssl/tests/session_meta_capture.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ $serverCode = <<<'CODE'
$serverUri = "ssl://127.0.0.1:64321";
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s'
'local_cert' => '%s',
'security_level' => 1,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
Expand All @@ -34,7 +35,8 @@ $clientCode = <<<'CODE'
$clientCtx = stream_context_create(['ssl' => [
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s'
'peer_name' => '%s',
'security_level' => 1,
]]);
phpt_wait();
Expand Down
4 changes: 3 additions & 1 deletion ext/openssl/tests/stream_crypto_flags_001.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ $serverCode = <<<'CODE'
$serverUri = "ssl://127.0.0.1:64321";
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s'
'local_cert' => '%s',
'security_level' => 1,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
Expand All @@ -34,6 +35,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
'security_level' => 1,
]]);
phpt_wait();
Expand Down
4 changes: 3 additions & 1 deletion ext/openssl/tests/stream_crypto_flags_002.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,8 @@ $serverCode = <<<'CODE'
$serverUri = "ssl://127.0.0.1:64321";
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s'
'local_cert' => '%s',
'security_level' => 1,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
Expand All @@ -35,6 +36,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
'security_level' => 1,
]]);
phpt_wait();
Expand Down
4 changes: 3 additions & 1 deletion ext/openssl/tests/stream_crypto_flags_003.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,9 @@ $serverCode = <<<'CODE'
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s',
// Only accept TLSv1.2 connections
// Only accept TLSv1.0 and TLSv1.2 connections
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_0_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER,
'security_level' => 1,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
Expand All @@ -39,6 +40,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
'security_level' => 1,
]]);
phpt_wait();
Expand Down
2 changes: 2 additions & 0 deletions ext/openssl/tests/stream_crypto_flags_004.phpt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ $serverCode = <<<'CODE'
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s',
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_0_SERVER,
'security_level' => 1,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
Expand All @@ -36,6 +37,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
'security_level' => 1,
]]);
phpt_wait();
Expand Down

0 comments on commit c2a6395

Please sign in to comment.