adding enableCrypto() method to CakeSocket class

2024-11-15 03:18:26 +00:00 · 2012-07-21 14:23:47 +01:00 · 2012-07-21 14:23:47 +01:00 · 27a895d7d8
commit 27a895d7d8
parent a7865b5d1d
2 changed files with 161 additions and 1 deletions
--- a/lib/Cake/Network/CakeSocket.php
+++ b/lib/Cake/Network/CakeSocket.php
@ -76,6 +76,27 @@ class CakeSocket {
 */
 	public $lastError = array();

+/**
+ * True if the socket stream is encrypted after a CakeSocket::enableCrypto() call
+ * @var type 
+ */	
+	public $encrypted = false;
+	
+/**
+ * Contains all the encryption methods available
+ * @var array 
+ */
+	protected $_encryptMethods = array(
+		'sslv2_client' => STREAM_CRYPTO_METHOD_SSLv2_CLIENT,
+		'sslv3_client' => STREAM_CRYPTO_METHOD_SSLv3_CLIENT,
+		'sslv23_client' =>STREAM_CRYPTO_METHOD_SSLv23_CLIENT,
+		'tls_client' => STREAM_CRYPTO_METHOD_TLS_CLIENT,
+		'sslv2_server' => STREAM_CRYPTO_METHOD_SSLv2_SERVER,
+		'sslv3_server' => STREAM_CRYPTO_METHOD_SSLv3_SERVER,
+		'sslv23_server' => STREAM_CRYPTO_METHOD_SSLv23_SERVER,
+		'tls_server' => STREAM_CRYPTO_METHOD_TLS_SERVER
+	);
+
 /**
 * Constructor.
 *
@ -277,4 +298,34 @@ class CakeSocket {
 		return true;
 	}

-}
+/**
+ * Encrypts current stream socket, using one of the defined encryption methods
+ * 
+ * @param string $type can be one of 'ssl2', 'ssl3', 'ssl23' or 'tls'
+ * @param string $clientOrServer can be one of 'client', 'server'. Default is 'client'
+ * @param boolean $enable enable or disable encryption. Default is true (enable)
+ * @return boolean True on success
+ * @throws SocketException
+ * @see stream_socket_enable_crypto  
+ */
+	public function enableCrypto($type, $clientOrServer = 'client', $enable = true) {
+		if (!array_key_exists($type . '_' . $clientOrServer, $this->_encryptMethods)) {
+			throw new InvalidArgumentException();
+		}
+		$enableCryptoResult = false;
+		try {
+			$enableCryptoResult = stream_socket_enable_crypto($this->connection, $enable, $this->_encryptMethods[$type . '_' . $clientOrServer]);
+		} catch (Exception $e) {
+			$this->setLastError(null, $e->getMessage());
+			throw new SocketException($e->getMessage());
+		}
+		if ($enableCryptoResult === true) {
+			$this->encrypted = $enable;
+			return true;
+		} else {
+			$errorMessage = __('Unable to perform enableCrypto operation on CakeSocket');
+			$this->setLastError(null, $errorMessage);
+			throw new SocketException($errorMessage);
+		}
+	}	
+}
--- a/lib/Cake/Test/Case/Network/CakeSocketTest.php
+++ b/lib/Cake/Test/Case/Network/CakeSocketTest.php
@ -214,4 +214,113 @@ class CakeSocketTest extends CakeTestCase {
 		$anotherSocket->reset();
 		$this->assertEquals(array(), $anotherSocket->config);
 	}
+
+/**
+ * testEncrypt
+ * 
+ * @return void
+ */	
+	public function testEnableCryptoSocketExceptionNoSsl() {
+		$configNoSslOrTls = array('host' => 'localhost', 'port' => 80, 'timeout' => 0.1);
+
+		// testing exception on no ssl socket server for ssl and tls methods
+		$this->Socket = new CakeSocket($configNoSslOrTls);
+		$this->Socket->connect();
+		$this->setExpectedException('SocketException');
+		$this->Socket->enableCrypto('sslv3', 'client');
+	}
+
+/**
+ * testEnableCryptoSocketExceptionNoTls
+ * 
+ * @return void
+ */	
+	public function testEnableCryptoSocketExceptionNoTls() {
+		$configNoSslOrTls = array('host' => 'localhost', 'port' => 80, 'timeout' => 0.1);
+
+		// testing exception on no ssl socket server for ssl and tls methods
+		$this->Socket = new CakeSocket($configNoSslOrTls);
+		$this->Socket->connect();
+		$this->setExpectedException('SocketException');
+		$this->Socket->enableCrypto('tls', 'client');
+	}
+
+/**
+ * _connectSocketToSslTls
+ * 
+ * @return void
+ */	
+	protected function _connectSocketToSslTls() {
+		$configSslTls = array('host' => 'smtp.gmail.com', 'port' => 465, 'timeout' => 5);
+		$this->Socket = new CakeSocket($configSslTls);
+		$this->Socket->connect();
+	}
+
+/**
+ * testEnableCryptoBadMode
+ * 
+ * @return void
+ */	
+	public function testEnableCryptoBadMode() {
+		// testing wrong encryption mode
+		$this->_connectSocketToSslTls();
+		$this->setExpectedException('InvalidArgumentException');
+		$this->Socket->enableCrypto('doesntExistMode', 'server');
+		$this->Socket->disconnect();
+	}
+	
+/**
+ * testEnableCrypto
+ * 
+ * @return void
+ */	
+	public function testEnableCrypto() {
+		// testing on ssl server
+		$this->_connectSocketToSslTls();
+		$this->assertTrue($this->Socket->enableCrypto('sslv3', 'client'));
+		$this->Socket->disconnect();
+
+		// testing on tls server
+		$this->_connectSocketToSslTls();
+		$this->assertTrue($this->Socket->enableCrypto('tls', 'client'));
+		$this->Socket->disconnect();
+	}
+	
+/**
+ * testEnableCryptoExceptionEnableTwice
+ * 
+ * @return void
+ */	
+	public function testEnableCryptoExceptionEnableTwice() {
+		// testing on tls server
+		$this->_connectSocketToSslTls();
+		$this->Socket->enableCrypto('tls', 'client');
+		$this->setExpectedException('SocketException');
+		$this->Socket->enableCrypto('tls', 'client');
+	}
+
+/**
+ * testEnableCryptoExceptionDisableTwice
+ * 
+ * @return void
+ */	
+	public function testEnableCryptoExceptionDisableTwice() {
+		// testing on tls server
+		$this->_connectSocketToSslTls();
+		$this->setExpectedException('SocketException');
+		$this->Socket->enableCrypto('tls', 'client', false);
+	}	
+
+/**
+ * testEnableCryptoEnableStatus
+ * 
+ * @return void
+ */	
+	public function testEnableCryptoEnableStatus() {
+		// testing on tls server
+		$this->_connectSocketToSslTls();
+		$this->assertFalse($this->Socket->encrypted);
+		$this->Socket->enableCrypto('tls', 'client', true);
+		$this->assertTrue($this->Socket->encrypted);
+	}	
 }