Conditionally define TLS constants & add test for new types.

Only map the new TLS constants if they exist.
This commit is contained in:
mark_story 2017-04-04 22:59:05 -04:00
parent 5c1f60baba
commit 7dbc71df8c
2 changed files with 34 additions and 9 deletions

View file

@ -94,14 +94,10 @@ class CakeSocket {
'sslv3_client' => STREAM_CRYPTO_METHOD_SSLv3_CLIENT,
'sslv23_client' => STREAM_CRYPTO_METHOD_SSLv23_CLIENT,
'tls_client' => STREAM_CRYPTO_METHOD_TLS_CLIENT,
'tlsv1_1_client' => STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT,
'tlsv1_2_client' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT,
'sslv2_server' => STREAM_CRYPTO_METHOD_SSLv2_SERVER,
'sslv3_server' => STREAM_CRYPTO_METHOD_SSLv3_SERVER,
'sslv23_server' => STREAM_CRYPTO_METHOD_SSLv23_SERVER,
'tls_server' => STREAM_CRYPTO_METHOD_TLS_SERVER,
'tlsv1_1_server' => STREAM_CRYPTO_METHOD_TLSv1_1_SERVER,
'tlsv1_2_server' => STREAM_CRYPTO_METHOD_TLSv1_2_SERVER
// @codingStandardsIgnoreEnd
);
@ -121,6 +117,20 @@ class CakeSocket {
*/
public function __construct($config = array()) {
$this->config = array_merge($this->_baseConfig, $config);
// These TLS versions are not supported by older PHP versions,
// so we have to conditionally set them if they are supported.
$conditionalCrypto = array(
'tlsv1_1_client' => 'STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT',
'tlsv1_2_client' => 'STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT',
'tlsv1_1_server' => 'STREAM_CRYPTO_METHOD_TLSv1_1_SERVER',
'tlsv1_2_server' => 'STREAM_CRYPTO_METHOD_TLSv1_2_SERVER'
);
foreach ($conditionalCrypto as $key => $const) {
if (defined($const)) {
$this->_encryptMethods[$key] = constant($const);
}
}
}
/**

View file

@ -58,7 +58,8 @@ class CakeSocketTest extends CakeTestCase {
'host' => 'localhost',
'protocol' => 'tcp',
'port' => 80,
'timeout' => 30
'timeout' => 30,
'cryptoType' => 'tls',
));
$this->Socket->reset();
@ -324,6 +325,20 @@ class CakeSocketTest extends CakeTestCase {
$this->Socket->disconnect();
}
/**
* testEnableCrypto tlsv1_1
*
* @return void
*/
public function testEnableCryptoTlsV11() {
$this->skipIf(!defined('STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT'), 'TLS1.1 is not supported on this system');
// testing on tls server
$this->_connectSocketToSslTls();
$this->assertTrue($this->Socket->enableCrypto('tlsv1_1', 'client'));
$this->Socket->disconnect();
}
/**
* testEnableCryptoExceptionEnableTwice
*