mirrors/php-src
0
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2024-12-01 13:54:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
b6f5fcfc3a
php-src/ext/mysqli/tests/bug51647.phpt
Andrey Hristov 6d51b7b2e3 Another Fix for Bug #68344 MySQLi does not provide way to disable peer certificate validation 
Added the possibility to explicitly state that the peer certificate should not be checked.
Back to the default - checking the certificate.
Exported MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
Usage : mysqli_real_connect( , , , , , MYSQLI_CLIENT_SSL | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT)

If mysqli_ssl_set() is not called, but only MYSQLI_CLIENT_SSL is passed, without the (don't) very flag,
then no verification takes place.
2015-10-27 12:59:09 +01:00

117 lines
3.4 KiB
PHP
Raw Blame History

--TEST--
Bug #51647 (Certificate file without private key (pk in another file) doesn't work)
--SKIPIF--
<?php
require_once('skipif.inc');
require_once('skipifconnectfailure.inc');
require_once("connect.inc");
if ($IS_MYSQLND && !extension_loaded("openssl"))
die("skip PHP streams lack support for SSL. mysqli is compiled to use mysqlnd which uses PHP streams in turn.");
if (!($link = @my_mysqli_connect($host, $user, $passwd, $db, $port, $socket)))
die(sprintf("skip Connect failed, [%d] %s", mysqli_connect_errno(), mysqli_connect_error()));
$row = NULL;
if ($res = $link->query('SHOW VARIABLES LIKE "have_ssl"')) {
$row = $res->fetch_row();
} else {
if ($link->errno == 1064 && ($res = $link->query("SHOW VARIABLES"))) {
while ($row = $res->fetch_row())
if ($row[0] == 'have_ssl')
break;
} else {
die(sprintf("skip Failed to test for MySQL SSL support, [%d] %s", $link->errno, $link->error));
}
}
if (empty($row))
die(sprintf("skip Failed to test for MySQL SSL support, [%d] %s", $link->errno, $link->error));
if (($row[1] == 'NO') || ($row[1] == 'DISABLED'))
die(sprintf("skip MySQL has no SSL support, [%d] %s", $link->errno, $link->error));
$link->close();
?>
--FILE--
<?php
include ("connect.inc");
if (!is_object($link = mysqli_init()))
printf("[001] Cannot create link\n");
if (!my_mysqli_real_connect($link, $host, $user, $passwd, $db, $port, $socket, MYSQLI_CLIENT_SSL | MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT)) {
printf("[003] Connect failed, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
}
if (!$res = $link->query('SHOW STATUS like "Ssl_cipher"')) {
if (1064 == $link->errno) {
/* ERROR 1064 (42000): You have an error in your SQL syntax; = sql strict mode */
if ($res = $link->query("SHOW STATUS")) {
while ($row = $res->fetch_assoc())
if ($row['Variable_name'] == 'Ssl_cipher')
break;
} else {
printf("[005] [%d] %s\n", $link->errno, $link->error);
}
} else {
printf("[004] [%d] %s\n", $link->errno, $link->error);
}
} else {
if (!$row = $res->fetch_assoc())
printf("[006] [%d] %s\n", $link->errno, $link->error);
if (!strlen($row["Value"]))
printf("[007] Empty cipher. No encrytion!");
var_dump($row);
}
$link->close();
if (!is_object($link = mysqli_init()))
printf("[008] Cannot create link\n");
if (!my_mysqli_real_connect($link, $host, $user, $passwd, $db, $port, $socket, MYSQLI_CLIENT_SSL)) {
printf("[009] Connect failed, [%d] %s\n", mysqli_connect_errno(), mysqli_connect_error());
}
if (!$res = $link->query('SHOW STATUS like "Ssl_cipher"')) {
if (1064 == $link->errno) {
/* ERROR 1064 (42000): You have an error in your SQL syntax; = sql strict mode */
if ($res = $link->query("SHOW STATUS")) {
while ($row = $res->fetch_assoc())
if ($row['Variable_name'] == 'Ssl_cipher')
break;
} else {
printf("[010] [%d] %s\n", $link->errno, $link->error);
}
} else {
printf("[011] [%d] %s\n", $link->errno, $link->error);
}
} else {
if (!$row = $res->fetch_assoc())
printf("[012] [%d] %s\n", $link->errno, $link->error);
if (!strlen($row["Value"]))
printf("[013] Empty cipher. No encrytion!");
var_dump($row);
}
$link->close();
print "done!";
?>
--EXPECTF--
array(2) {
["Variable_name"]=>
string(10) "Ssl_cipher"
["Value"]=>
string(%d) "%S"
}
array(2) {
["Variable_name"]=>
string(10) "Ssl_cipher"
["Value"]=>
string(%d) "%S"
}
done!
Reference in New Issue View Git Blame Copy Permalink