1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-07-15 20:25:17 +03:00
aports/testing/php8/fix-tests-openssl3-3.patch
2022-10-31 17:09:29 +00:00

266 lines
10 KiB
Diff

Patch-Source: https://github.com/php/php-src/commit/3ea57cf83834e07aae6953201015e39b4a2ac6dd
From 3ea57cf83834e07aae6953201015e39b4a2ac6dd Mon Sep 17 00:00:00 2001
From: Nikita Popov <nikita.ppv@gmail.com>
Date: Wed, 4 Aug 2021 09:46:07 +0200
Subject: [PATCH] Reduce security level in some OpenSSL tests
This allows tests using older protocols and algorithms to work
under OpenSSL 3.
Also account for minor changes in error reporting.
---
ext/openssl/tests/session_meta_capture.phpt | 4 ++--
ext/openssl/tests/stream_crypto_flags_001.phpt | 4 ++--
ext/openssl/tests/stream_crypto_flags_002.phpt | 4 ++--
ext/openssl/tests/stream_crypto_flags_003.phpt | 4 ++--
ext/openssl/tests/stream_crypto_flags_004.phpt | 4 ++--
ext/openssl/tests/stream_security_level.phpt | 4 ++--
ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt | 4 ++--
ext/openssl/tests/tls_wrapper.phpt | 4 ++--
ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt | 4 ++--
ext/openssl/tests/tlsv1.0_wrapper.phpt | 4 ++--
ext/openssl/tests/tlsv1.1_wrapper.phpt | 4 ++--
11 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/ext/openssl/tests/session_meta_capture.phpt b/ext/openssl/tests/session_meta_capture.phpt
index e7019034f664..36e3855f80aa 100644
--- a/ext/openssl/tests/session_meta_capture.phpt
+++ b/ext/openssl/tests/session_meta_capture.phpt
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
@@ -37,7 +37,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/stream_crypto_flags_001.phpt b/ext/openssl/tests/stream_crypto_flags_001.phpt
index bb8806e1588a..74caacc2ea91 100644
--- a/ext/openssl/tests/stream_crypto_flags_001.phpt
+++ b/ext/openssl/tests/stream_crypto_flags_001.phpt
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
@@ -36,7 +36,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/stream_crypto_flags_002.phpt b/ext/openssl/tests/stream_crypto_flags_002.phpt
index cbc287bb6b3f..870fd00e581b 100644
--- a/ext/openssl/tests/stream_crypto_flags_002.phpt
+++ b/ext/openssl/tests/stream_crypto_flags_002.phpt
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
$serverFlags = STREAM_SERVER_BIND | STREAM_SERVER_LISTEN;
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
@@ -37,7 +37,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/stream_crypto_flags_003.phpt b/ext/openssl/tests/stream_crypto_flags_003.phpt
index 99fad900d837..a75dd18cf6a7 100644
--- a/ext/openssl/tests/stream_crypto_flags_003.phpt
+++ b/ext/openssl/tests/stream_crypto_flags_003.phpt
@@ -20,7 +20,7 @@ $serverCode = <<<'CODE'
// Only accept TLSv1.0 and TLSv1.2 connections
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_0_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
@@ -41,7 +41,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/stream_crypto_flags_004.phpt b/ext/openssl/tests/stream_crypto_flags_004.phpt
index c0793538601e..0a2fbc123dfd 100644
--- a/ext/openssl/tests/stream_crypto_flags_004.phpt
+++ b/ext/openssl/tests/stream_crypto_flags_004.phpt
@@ -17,7 +17,7 @@ $serverCode = <<<'CODE'
$serverCtx = stream_context_create(['ssl' => [
'local_cert' => '%s',
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_0_SERVER,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
@@ -38,7 +38,7 @@ $clientCode = <<<'CODE'
'verify_peer' => true,
'cafile' => '%s',
'peer_name' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/stream_security_level.phpt b/ext/openssl/tests/stream_security_level.phpt
index 9454e3c47a72..0892857a2df2 100644
--- a/ext/openssl/tests/stream_security_level.phpt
+++ b/ext/openssl/tests/stream_security_level.phpt
@@ -25,7 +25,7 @@ $serverCode = <<<'CODE'
'local_cert' => '%s',
// Make sure the server side starts up successfully if the default security level is
// higher. We want to test the error at the client side.
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server($serverUri, $errno, $errstr, $serverFlags, $serverCtx);
@@ -67,7 +67,7 @@ ServerClientTestCase::getInstance()->run($clientCode, $serverCode);
?>
--EXPECTF--
Warning: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
-error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in %s : eval()'d code on line %d
+error:%s:SSL routines:%S:certificate verify failed in %s : eval()'d code on line %d
Warning: stream_socket_client(): Failed to enable crypto in %s : eval()'d code on line %d
diff --git a/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt b/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
index 55c14c64bc83..5d04263cfbc7 100644
--- a/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
+++ b/ext/openssl/tests/tls_min_v1.0_max_v1.1_wrapper.phpt
@@ -16,7 +16,7 @@ $serverCode = <<<'CODE'
'local_cert' => '%s',
'min_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_0,
'max_proto_version' => STREAM_CRYPTO_PROTO_TLSv1_1,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
@@ -33,7 +33,7 @@ $clientCode = <<<'CODE'
$ctx = stream_context_create(['ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/tls_wrapper.phpt b/ext/openssl/tests/tls_wrapper.phpt
index 8cb5279dd5cf..2220fbc0ac1d 100644
--- a/ext/openssl/tests/tls_wrapper.phpt
+++ b/ext/openssl/tests/tls_wrapper.phpt
@@ -15,7 +15,7 @@ $serverCode = <<<'CODE'
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
$ctx = stream_context_create(['ssl' => [
'local_cert' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
@@ -32,7 +32,7 @@ $clientCode = <<<'CODE'
$ctx = stream_context_create(['ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt b/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt
index b1ae724f08f6..67c30cac87bc 100644
--- a/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt
+++ b/ext/openssl/tests/tls_wrapper_with_tls_v1.3.phpt
@@ -15,7 +15,7 @@ $serverCode = <<<'CODE'
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
$ctx = stream_context_create(['ssl' => [
'local_cert' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server('tls://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
@@ -32,7 +32,7 @@ $clientCode = <<<'CODE'
$ctx = stream_context_create(['ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/tlsv1.0_wrapper.phpt b/ext/openssl/tests/tlsv1.0_wrapper.phpt
index 0cf8bb486635..c712217271b1 100644
--- a/ext/openssl/tests/tlsv1.0_wrapper.phpt
+++ b/ext/openssl/tests/tlsv1.0_wrapper.phpt
@@ -14,7 +14,7 @@ $serverCode = <<<'CODE'
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
$ctx = stream_context_create(['ssl' => [
'local_cert' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server('tlsv1.0://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
@@ -31,7 +31,7 @@ $clientCode = <<<'CODE'
$ctx = stream_context_create(['ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();
diff --git a/ext/openssl/tests/tlsv1.1_wrapper.phpt b/ext/openssl/tests/tlsv1.1_wrapper.phpt
index fe010626e909..a1525350572b 100644
--- a/ext/openssl/tests/tlsv1.1_wrapper.phpt
+++ b/ext/openssl/tests/tlsv1.1_wrapper.phpt
@@ -14,7 +14,7 @@ $serverCode = <<<'CODE'
$flags = STREAM_SERVER_BIND|STREAM_SERVER_LISTEN;
$ctx = stream_context_create(['ssl' => [
'local_cert' => '%s',
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
$server = stream_socket_server('tlsv1.1://127.0.0.1:64321', $errno, $errstr, $flags, $ctx);
@@ -31,7 +31,7 @@ $clientCode = <<<'CODE'
$ctx = stream_context_create(['ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
- 'security_level' => 1,
+ 'security_level' => 0,
]]);
phpt_wait();