summaryrefslogtreecommitdiff
path: root/ext/openssl/tests
Commit message (Collapse)AuthorAgeFilesLines
* Try to fix intermittent failures of stream_server_reneg_limit.phpt on macosNikita Popov2021-01-041-0/+2
| | | | Make sure the server has started up before we try to connect to it.
* Merge branch 'PHP-7.4' into PHP-8.0Jakub Zelenka2020-11-271-1/+2
|\
| * Merge branch 'PHP-7.3' into PHP-7.4Jakub Zelenka2020-11-271-1/+2
| |\
| | * Fix test for bug62890 to not depend on system cert storeJakub Zelenka2020-11-271-1/+2
| | |
| | * Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)Stanislav Malyshev2020-09-283-17/+52
| | |
* | | Merge branch 'PHP-7.4' into PHP-8.0Nikita Popov2020-10-193-1/+172
|\ \ \ | |/ / | | | | | | | | | * PHP-7.4: Fix bug #79983: Add support for OCB mode
| * | Fix bug #79983: Add support for OCB modeNikita Popov2020-10-193-1/+172
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OCB mode ciphers were already exposed to openssl_encrypt/decrypt, but misbehaved, because they were not treated as AEAD ciphers. From that perspective, OCB should be treated the same way as GCM. In OpenSSL 1.1 the necessary controls were unified under EVP_CTRL_AEAD_* (and OCB is only supported since OpenSSL 1.1). Closes GH-6337.
* | | Merge branch 'PHP-7.4' into PHP-8.0Nikita Popov2020-10-143-11/+7
|\ \ \ | |/ / | | | | | | | | | * PHP-7.4: Allow passing $tag for non-authenticated encryption
| * | Allow passing $tag for non-authenticated encryptionNikita Popov2020-10-143-11/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | openssl_encrypt() currently throws a warning if the $tag out parameter is passed for a non-authenticated cipher. This violates the principle that a function should behave the same if a parameter is not passed, and if the default value is passed for the parameter. I believe this warning should simply be dropped and the $tag be populated with null, as is already the case. Otherwise, it is not possible to use openssl_encrypt() in generic wrapper APIs, that are compatible with both authenticated and non-authenticated encryption. Closes GH-6333.
* | | Merge branch 'PHP-7.4' into PHP-8.0Nikita Popov2020-10-121-12/+0
|\ \ \ | |/ / | | | | | | | | | * PHP-7.4: Revert "Add missing X509 purpose constants"
| * | Revert "Add missing X509 purpose constants"Nikita Popov2020-10-121-12/+0
| | | | | | | | | | | | | | | | | | This reverts commit 1e53e14bc31aec98a408e517c7c8493ef4bf80cd. This fails on Travis.
* | | Merge branch 'PHP-7.4' into PHP-8.0Nikita Popov2020-10-121-0/+12
|\ \ \ | |/ / | | | | | | | | | * PHP-7.4: Add missing X509 purpose constants
| * | Add missing X509 purpose constantsVincent JARDIN2020-10-121-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | X509_PURPOSE_OCSP_HELPER, X509_PURPOSE_TIMESTAMP_SIGN are available from OpenSSL for many years: - X509_PURPOSE_OCSP_HELPER, since 2001 - X509_PURPOSE_TIMESTAMP_SIGN, since 2006 Also drop the ifdef check for X509_PURPOSE_ANY, as it is always available in supported OpenSSL versions. Closes GH-6312.
* | | Merge branch 'PHP-7.4'Stanislav Malyshev2020-09-283-17/+52
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | * PHP-7.4: Update UPGRADING Update UPGRADING Update NEWS & UPGRADING Do not decode cookie names anymore Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
| * | Merge branch 'PHP-7.3' into PHP-7.4Stanislav Malyshev2020-09-283-17/+52
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | * PHP-7.3: Update UPGRADING Update NEWS & UPGRADING Do not decode cookie names anymore Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
| | * \ Merge branch 'PHP-7.2' into PHP-7.3Stanislav Malyshev2020-09-283-17/+52
| | |\ \ | | | |/ | | |/| | | | | | | | | | | | | | | | | * PHP-7.2: Update NEWS & UPGRADING Do not decode cookie names anymore Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)
| | | * Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV)Stanislav Malyshev2020-09-263-17/+52
| | | |
* | | | Run tidyNikita Popov2020-09-186-9/+9
| | | | | | | | | | | | | | | | | | | | This should fix most of the remaining issues with tabs and spaces being mixed in tests.
* | | | missing fix for test for new param. nameRemi Collet2020-09-161-1/+1
| | | |
* | | | Adjust ext/openssl parameter namesMáté Kocsis2020-09-151-1/+1
| | | | | | | | | | | | | | | | Closes GH-6121
* | | | Fix broken testMatteo Beccati2020-09-131-1/+1
| | | | | | | | | | | | | | | | Since e8e4ddce
* | | | Improve parameter handling in ext/opensslMáté Kocsis2020-09-1213-17/+17
| | | | | | | | | | | | | | | | Closes GH-6025
* | | | Improve error messages mentioning parameters instead of argumentsMáté Kocsis2020-09-091-1/+1
| | | | | | | | | | | | | | | | Closes GH-5999
* | | | Require $method parameter in openssl_seal/openssl_openNikita Popov2020-09-085-49/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RC4 is considered insecure, and it's not possible to change the default of these functions. As such, require the method to be passed explicitly. Closes GH-6093.
* | | | Promote various OpenSSL warnings into ErrorsGeorge Peter Banyard2020-08-169-59/+74
| | | | | | | | | | | | | | | | Closes GH-5111
* | | | Add many missing closing PHP tags to testsMáté Kocsis2020-08-091-0/+1
| | | | | | | | | | | | | | | | Closes GH-5958
* | | | Convert resources to objects in ext/opensslMáté Kocsis2020-08-0130-116/+185
| | | | | | | | | | | | | | | | | | | | | | | | Closes GH-5860 Co-authored-by: Nikita Popov <nikita.ppv@gmail.com>
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-07-221-0/+45
|\ \ \ \ | |/ / / | | | | | | | | | | | | * PHP-7.4: Fixed bug #79881
| * | | Fixed bug #79881Nikita Popov2020-07-221-0/+45
| | | |
* | | | Replace EXPECTF when possibleFabien Villepinte2020-06-299-9/+9
| | | | | | | | | | | | | | | | Closes GH-5779
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-06-192-37/+47
|\ \ \ \ | |/ / /
| * | | Generate temporary config file when generating certificatesNikita Popov2020-06-192-37/+47
| | | | | | | | | | | | | | | | | | | | The putenv trick doesn't work on ZTS Windows, so generate a new openssl config every time.
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-06-181-1/+4
|\ \ \ \ | |/ / /
| * | | Downgrade server security level in security level testNikita Popov2020-06-181-1/+4
| | | | | | | | | | | | | | | | | | | | We want to test the client side error here, so make sure the server side can start up successfully.
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-06-187-77/+71
|\ \ \ \ | |/ / /
| * | | Add SubjectAltName support to certificate generatorNikita Popov2020-06-187-77/+71
| | | | | | | | | | | | | | | | | | | | | | | | | | | | And switch tests using SAN certificates to the generator. This is ugly, but there doesn't seem to be a more direct way to privide SAN in PHP.
* | | | Downgrade security level in tests using TLS < 1.2Nikita Popov2020-06-185-5/+15
| | | | | | | | | | | | | | | | | | | | A few additional tests have been added on master that require lower security level.
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-06-187-122/+52
|\ \ \ \ | |/ / /
| * | | Generate certificates for bug69215.phptNikita Popov2020-06-184-86/+22
| | | |
| * | | Generate certificate for bug68920.phptNikita Popov2020-06-181-1/+12
| | | | | | | | | | | | | | | | | | | | The certificate really doesn't matter here, but it still needs to comply with security level...
| * | | Generate certificate for bug65729.pemNikita Popov2020-06-182-35/+18
| | | | | | | | | | | | | | | | Make this test pass under security level 2.
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-06-183-36/+18
|\ \ \ \ | |/ / /
| * | | Revert "Fix tests regarding OpenSSL security_level"Nikita Popov2020-06-183-36/+18
| | | | | | | | | | | | | | | | This reverts commit b281493503401a2b5c45c11fcd0498d8448998c2.
* | | | Merge branch 'PHP-7.4'Christoph M. Becker2020-06-183-18/+36
|\ \ \ \ | |/ / / | | | | | | | | | | | | * PHP-7.4: Fix tests regarding OpenSSL security_level
| * | | Fix tests regarding OpenSSL security_levelChristoph M. Becker2020-06-183-18/+36
| | | | | | | | | | | | | | | | | | | | | | | | The `security_level` stream option is only available as of OpenSSL 1.1.0, so we only set it for these versions. Older OpenSSL versions do not have security levels at all.
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-06-189-41/+106
|\ \ \ \ | |/ / /
| * | | Migrate some tests to certificate generatorNikita Popov2020-06-189-41/+106
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This migrates all the tests using ext/openssl/tests/streams_crypto_method.pem to the certificate generator, so we can easily adjust needed parameters. In particular, this makes the cert security level 2 compatible. However, we still need to downgrade security_level to 1 in a number of tests, because they are testing TLS < 1.2 connections.
* | | | Merge branch 'PHP-7.4'Nikita Popov2020-06-171-1/+2
|\ \ \ \ | |/ / /
| * | | Use sha256 as digest algorithm in certificate generatorNikita Popov2020-06-171-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes the generated certificates compatible with security level 2, which is apparently the default on Ubuntu 20.04. Unfortunately this does not fix all tests, because some are using pre-generated certificates.
* | | | Merge branch 'PHP-7.4'Christoph M. Becker2020-06-091-0/+15
|\ \ \ \ | |/ / / | | | | | | | | | | | | * PHP-7.4: Fix #62890: default_socket_timeout=-1 causes connection to timeout
View Lorry Controller Status