mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-07-15 20:25:17 +03:00
266 lines
10 KiB
Diff
266 lines
10 KiB
Diff
Patch-Source: https://github.com/php/php-src/commit/3ea57cf83834e07aae6953201015e39b4a2ac6dd
|
|
From 3ea57cf83834e07aae6953201015e39b4a2ac6dd Mon Sep 17 00:00:00 2001
|
|
From: Nikita Popov <nikita.ppv@gmail.com>
|
|
Date: Wed, 4 Aug 2021 09:46:07 +0200
|
|
Subject: [PATCH] Reduce security level in some OpenSSL tests
|
|
|
|
This allows tests using older protocols and algorithms to work
|
|
under OpenSSL 3.
|
|
|
|
Also account for minor changes in error reporting.
|
|
---
|
|
ext/openssl/tests/session_meta_capture.phpt | 4 ++--
|
|
ext/openssl/tests/stream_crypto_flags_001.phpt | 4 ++--
|
|
ext/openssl/tests/stream_crypto_flags_002.phpt | 4 ++--
|
|
ext/openssl/tests/stream_crypto_flags_003.phpt | 4 ++--
|
|
ext/openssl/tests/stream_crypto_flags_004.phpt | 4 ++--
|
|
ext/openssl/tests/stream_security_level.phpt | 4 ++--
|
|
ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt | 4 ++--
|
|
ext/openssl/tests/tls_wrapper.phpt | 4 ++--
|
|
ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt | 4 ++--
|
|
ext/openssl/tests/tlsv1.0_wrapper.phpt | 4 ++--
|
|
ext/openssl/tests/tlsv1.1_wrapper.phpt | 4 ++--
|
|
11 files changed, 22 insertions(+), 22 deletions(-)
|
|
|
|
diff --git a/ext/openssl/tests/session_meta_capture.phpt b/ext/openssl/tests/session_meta_capture.phpt
|
|
index e7019034f664..36e3855f80aa 100644
|
|
--- a/ext/openssl/tests/session_meta_capture.phpt
|
|
+++ b/ext/openssl/tests/session_meta_capture.phpt
|
|
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
|
|
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
|
|
$serverCtx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
|
|
@@ -37,7 +37,7 @@ $clientCode = <<<'CODE'
|
|
'verify_peer' => true,
|
|
'cafile' => '%s',
|
|
'peer_name' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/stream_crypto_flags_001.phpt b/ext/openssl/tests/stream_crypto_flags_001.phpt
|
|
index bb8806e1588a..74caacc2ea91 100644
|
|
--- a/ext/openssl/tests/stream_crypto_flags_001.phpt
|
|
+++ b/ext/openssl/tests/stream_crypto_flags_001.phpt
|
|
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
|
|
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
|
|
$serverCtx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
|
|
@@ -36,7 +36,7 @@ $clientCode = <<<'CODE'
|
|
'verify_peer' => true,
|
|
'cafile' => '%s',
|
|
'peer_name' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/stream_crypto_flags_002.phpt b/ext/openssl/tests/stream_crypto_flags_002.phpt
|
|
index cbc287bb6b3f..870fd00e581b 100644
|
|
--- a/ext/openssl/tests/stream_crypto_flags_002.phpt
|
|
+++ b/ext/openssl/tests/stream_crypto_flags_002.phpt
|
|
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
|
|
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
|
|
$serverCtx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
|
|
@@ -37,7 +37,7 @@ $clientCode = <<<'CODE'
|
|
'verify_peer' => true,
|
|
'cafile' => '%s',
|
|
'peer_name' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/stream_crypto_flags_003.phpt b/ext/openssl/tests/stream_crypto_flags_003.phpt
|
|
index 99fad900d837..a75dd18cf6a7 100644
|
|
--- a/ext/openssl/tests/stream_crypto_flags_003.phpt
|
|
+++ b/ext/openssl/tests/stream_crypto_flags_003.phpt
|
|
@@ -20,7 +20,7 @@ $serverCode = <<<'CODE'
|
|
|
|
// Only accept TLSv1.0 and TLSv1.2 connections
|
|
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_0_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
|
|
@@ -41,7 +41,7 @@ $clientCode = <<<'CODE'
|
|
'verify_peer' => true,
|
|
'cafile' => '%s',
|
|
'peer_name' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/stream_crypto_flags_004.phpt b/ext/openssl/tests/stream_crypto_flags_004.phpt
|
|
index c0793538601e..0a2fbc123dfd 100644
|
|
--- a/ext/openssl/tests/stream_crypto_flags_004.phpt
|
|
+++ b/ext/openssl/tests/stream_crypto_flags_004.phpt
|
|
@@ -17,7 +17,7 @@ $serverCode = <<<'CODE'
|
|
$serverCtx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_0_SERVER,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
|
|
@@ -38,7 +38,7 @@ $clientCode = <<<'CODE'
|
|
'verify_peer' => true,
|
|
'cafile' => '%s',
|
|
'peer_name' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/stream_security_level.phpt b/ext/openssl/tests/stream_security_level.phpt
|
|
index 9454e3c47a72..0892857a2df2 100644
|
|
--- a/ext/openssl/tests/stream_security_level.phpt
|
|
+++ b/ext/openssl/tests/stream_security_level.phpt
|
|
@@ -25,7 +25,7 @@ $serverCode = <<<'CODE'
|
|
'local_cert' => '%s',
|
|
// Make sure the server side starts up successfully if the default security level is
|
|
// higher. We want to test the error at the client side.
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
|
|
@@ -67,7 +67,7 @@ ServerClientTestCase::getInstance()->run($clientCode, $serverCode);
|
|
?>
|
|
--EXPECTF--
|
|
Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
|
|
-error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in %s : eval()'d code on line %d
|
|
+error:%s:SSL routines:%S:certificate verify failed in %s : eval()'d code on line %d
|
|
|
|
Warning: stream_socket_client(): Failed to enable crypto in %s : eval()'d code on line %d
|
|
|
|
diff --git a/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt b/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
|
|
index 55c14c64bc83..5d04263cfbc7 100644
|
|
--- a/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
|
|
+++ b/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
|
|
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
|
|
'local_cert' => '%s',
|
|
'min_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_0,
|
|
'max_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_1,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
|
|
@@ -33,7 +33,7 @@ $clientCode = <<<'CODE'
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'verify_peer' => false,
|
|
'verify_peer_name' => false,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/tls_wrapper.phpt b/ext/openssl/tests/tls_wrapper.phpt
|
|
index 8cb5279dd5cf..2220fbc0ac1d 100644
|
|
--- a/ext/openssl/tests/tls_wrapper.phpt
|
|
+++ b/ext/openssl/tests/tls_wrapper.phpt
|
|
@@ -15,7 +15,7 @@ $serverCode = <<<'CODE'
|
|
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
|
|
@@ -32,7 +32,7 @@ $clientCode = <<<'CODE'
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'verify_peer' => false,
|
|
'verify_peer_name' => false,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt b/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt
|
|
index b1ae724f08f6..67c30cac87bc 100644
|
|
--- a/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt
|
|
+++ b/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt
|
|
@@ -15,7 +15,7 @@ $serverCode = <<<'CODE'
|
|
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
|
|
@@ -32,7 +32,7 @@ $clientCode = <<<'CODE'
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'verify_peer' => false,
|
|
'verify_peer_name' => false,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/tlsv1.0_wrapper.phpt b/ext/openssl/tests/tlsv1.0_wrapper.phpt
|
|
index 0cf8bb486635..c712217271b1 100644
|
|
--- a/ext/openssl/tests/tlsv1.0_wrapper.phpt
|
|
+++ b/ext/openssl/tests/tlsv1.0_wrapper.phpt
|
|
@@ -14,7 +14,7 @@ $serverCode = <<<'CODE'
|
|
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server('tlsv1.0://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
|
|
@@ -31,7 +31,7 @@ $clientCode = <<<'CODE'
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'verify_peer' => false,
|
|
'verify_peer_name' => false,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|
|
diff --git a/ext/openssl/tests/tlsv1.1_wrapper.phpt b/ext/openssl/tests/tlsv1.1_wrapper.phpt
|
|
index fe010626e909..a1525350572b 100644
|
|
--- a/ext/openssl/tests/tlsv1.1_wrapper.phpt
|
|
+++ b/ext/openssl/tests/tlsv1.1_wrapper.phpt
|
|
@@ -14,7 +14,7 @@ $serverCode = <<<'CODE'
|
|
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'local_cert' => '%s',
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
$server = stream_socket_server('tlsv1.1://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
|
|
@@ -31,7 +31,7 @@ $clientCode = <<<'CODE'
|
|
$ctx = stream_context_create(['ssl' => [
|
|
'verify_peer' => false,
|
|
'verify_peer_name' => false,
|
|
- 'security_level' => 1,
|
|
+ 'security_level' => 0,
|
|
]]);
|
|
|
|
phpt_wait();
|