Skip to content

Commit c3e12aa

Browse files
remicolletremicollet
committed
add more ldaps/tls tests with TLS_CACERTFILE
1 parent 4b9a5b7 commit c3e12aa

File tree

2 files changed

+95
-0
lines changed

2 files changed

+95
-0
lines changed

ext/ldap/tests/ldap_start_tls_basic2.phpt

+39
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
--TEST--
2+
ldap_start_tls() - Basic ldap_start_tls test with TLS_CACERTFILE
3+
--CREDITS--
4+
Patrick Allaert <[email protected]>
5+
# Belgian PHP Testfest 2009
6+
--EXTENSIONS--
7+
ldap
8+
--SKIPIF--
9+
<?php
10+
require_once __DIR__ .'/skipifbindfailure.inc';
11+
if (!ldap_get_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, $val)) die('skip missing TLS_CACERTFILE');
12+
?>
13+
--FILE--
14+
<?php
15+
require_once "connect.inc";
16+
17+
// CI uses self signed certificate
18+
19+
// No cert option
20+
$link = ldap_connect($uri);
21+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
22+
var_dump(@ldap_start_tls($link));
23+
24+
// No cert check
25+
$link = ldap_connect($uri);
26+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
27+
ldap_set_option($link, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER);
28+
var_dump(@ldap_start_tls($link));
29+
30+
// With cert check
31+
$link = ldap_connect($uri);
32+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
33+
ldap_set_option($link, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_DEMAND);
34+
var_dump(@ldap_start_tls($link));
35+
?>
36+
--EXPECT--
37+
bool(true)
38+
bool(true)
39+
bool(true)

ext/ldap/tests/ldaps_basic2.phpt

+56
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
--TEST--
2+
ldap_connect() - Basic ldaps test with TLS_CACERTFILE
3+
--EXTENSIONS--
4+
ldap
5+
--SKIPIF--
6+
<?php
7+
require_once __DIR__ .'/skipifbindfailure.inc';
8+
if (!ldap_get_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, $val)) die('skip missing TLS_CACERTFILE');
9+
?>
10+
--FILE--
11+
<?php
12+
require_once "connect.inc";
13+
14+
$uri = "ldaps://$host:636";
15+
16+
// CI uses self signed certificate
17+
18+
// No cert option
19+
$link = ldap_connect($uri);
20+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
21+
var_dump(@ldap_bind($link, $user, $passwd));
22+
ldap_unbind($link);
23+
24+
// No cert check
25+
ldap_set_option(null, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_ALLOW);
26+
$link = ldap_connect($uri);
27+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
28+
var_dump(@ldap_bind($link, $user, $passwd));
29+
ldap_unbind($link);
30+
31+
// No change to TLS options
32+
$link = ldap_connect($uri);
33+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
34+
var_dump(@ldap_bind($link, $user, $passwd));
35+
ldap_unbind($link);
36+
37+
// With cert check
38+
ldap_set_option(null, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_DEMAND);
39+
$link = ldap_connect($uri);
40+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
41+
var_dump(@ldap_bind($link, $user, $passwd));
42+
ldap_unbind($link);
43+
44+
// No change to TLS options
45+
$link = ldap_connect($uri);
46+
ldap_set_option($link, LDAP_OPT_PROTOCOL_VERSION, $protocol_version);
47+
var_dump(@ldap_bind($link, $user, $passwd));
48+
ldap_unbind($link);
49+
50+
?>
51+
--EXPECT--
52+
bool(true)
53+
bool(true)
54+
bool(true)
55+
bool(true)
56+
bool(true)

0 commit comments

Comments
 (0)