1--TEST-- 2Server bitwise stream crypto flag assignment 3--SKIPIF-- 4<?php 5if (!extension_loaded("openssl")) die("skip openssl not loaded"); 6if (!function_exists("proc_open")) die("skip no proc_open"); 7if (OPENSSL_VERSION_NUMBER < 0x10001001) die("skip OpenSSLv1.0.1 required"); 8--FILE-- 9<?php 10$serverCode = <<<'CODE' 11 $serverUri = "ssl://127.0.0.1:64321"; 12 $serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN; 13 $serverCtx = stream_context_create(['ssl' => [ 14 'local_cert' => __DIR__ . '/bug54992.pem', 15 16 // Only accept TLSv1.2 connections 17 'crypto_method' => STREAM_CRYPTO_METHOD_SSLv3_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER, 18 ]]); 19 20 $server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx); 21 phpt_notify(); 22 23 @stream_socket_accept($server, 1); 24 @stream_socket_accept($server, 1); 25 @stream_socket_accept($server, 1); 26 @stream_socket_accept($server, 1); 27CODE; 28 29$clientCode = <<<'CODE' 30 $serverUri = "ssl://127.0.0.1:64321"; 31 $clientFlags = STREAM_CLIENT_CONNECT; 32 $clientCtx = stream_context_create(['ssl' => [ 33 'verify_peer' => true, 34 'cafile' => __DIR__ . '/bug54992-ca.pem', 35 'peer_name' => 'bug54992.local', 36 ]]); 37 38 phpt_wait(); 39 40 stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT); 41 var_dump(stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); 42 43 stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT); 44 var_dump(@stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); 45 46 stream_context_set_option($clientCtx, 'ssl', 'crypto_method', STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT); 47 var_dump(@stream_socket_client($serverUri, $errno, $errstr, 1, $clientFlags, $clientCtx)); 48CODE; 49 50include 'ServerClientTestCase.inc'; 51ServerClientTestCase::getInstance()->run($clientCode, $serverCode); 52--EXPECTF-- 53resource(%d) of type (stream) 54bool(false) 55bool(false) 56 57