1--TEST-- 2Bug #68920: peer_fingerprint input checks should be strict 3--SKIPIF-- 4<?php 5if (!extension_loaded("openssl")) die("skip openssl not loaded"); 6if (!function_exists("proc_open")) die("skip no proc_open"); 7--FILE-- 8<?php 9$serverCode = <<<'CODE' 10 $serverUri = "ssl://127.0.0.1:64321"; 11 $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; 12 $serverCtx = stream_context_create(['ssl' => [ 13 'local_cert' => __DIR__ . '/san-cert.pem', 14 ]]); 15 16 $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); 17 phpt_notify(); 18 19 stream_socket_accept($server, 30); 20 stream_socket_accept($server, 30); 21 stream_socket_accept($server, 30); 22 stream_socket_accept($server, 30); 23CODE; 24 25$clientCode = <<<'CODE' 26 $serverUri = "ssl://127.0.0.1:64321"; 27 $clientFlags = STREAM_CLIENT_CONNECT; 28 29 phpt_wait(); 30 31 $ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => true]]); 32 $sock = stream_socket_client($serverUri, $errno, $errstr, 30, $clientFlags, $ctx); 33 var_dump($sock); 34 35 $ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => null]]); 36 $sock = stream_socket_client($serverUri, $errno, $errstr, 30, $clientFlags, $ctx); 37 var_dump($sock); 38 39 $ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => []]]); 40 $sock = stream_socket_client($serverUri, $errno, $errstr, 30, $clientFlags, $ctx); 41 var_dump($sock); 42 43 $ctx = stream_context_create(['ssl' => ['verify_peer'=> false, 'peer_fingerprint' => ['foo']]]); 44 $sock = stream_socket_client($serverUri, $errno, $errstr, 30, $clientFlags, $ctx); 45 var_dump($sock); 46CODE; 47 48include 'ServerClientTestCase.inc'; 49ServerClientTestCase::getInstance()->run($clientCode, $serverCode); 50--EXPECTF-- 51Warning: stream_socket_client(): Expected peer fingerprint must be a string or an array in %s on line %d 52 53Warning: stream_socket_client(): Failed to enable crypto in %s on line %d 54 55Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d 56bool(false) 57 58Warning: stream_socket_client(): Expected peer fingerprint must be a string or an array in %s on line %d 59 60Warning: stream_socket_client(): Failed to enable crypto in %s on line %d 61 62Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d 63bool(false) 64 65Warning: stream_socket_client(): Invalid peer_fingerprint array; [algo => fingerprint] form required in %s on line %d 66 67Warning: stream_socket_client(): peer_fingerprint match failure in %s on line %d 68 69Warning: stream_socket_client(): Failed to enable crypto in %s on line %d 70 71Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d 72bool(false) 73 74Warning: stream_socket_client(): Invalid peer_fingerprint array; [algo => fingerprint] form required in %s on line %d 75 76Warning: stream_socket_client(): peer_fingerprint match failure in %s on line %d 77 78Warning: stream_socket_client(): Failed to enable crypto in %s on line %d 79 80Warning: stream_socket_client(): unable to connect to %s (Unknown error) in %s on line %d 81bool(false) 82
