lib/tests/upgrade_util_test.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Upgrade utility class  tests.
  19  *
  20  * @package    core
  21  * @copyright  2016 Cameron Ball <cameron@cameron1729.xyz>
  22  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23  */
  24
  25 defined('MOODLE_INTERNAL') || die();
  26
  27 /**
  28  * Upgrade utility class tests.
  29  *
  30  * @package   core
  31  * @copyright 2016 Cameron Ball <cameron@cameron1729.xyz>
  32  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  33  */
  34 class upgrade_util_testcase extends advanced_testcase {
  35
  36     /**
  37      * A cURL version that supports TLS 1.2.
  38      */
  39     const VALID_CURL_VERSION = 467456;
  40
  41     /**
  42      * A cURL version that does not support TLS 1.2.
  43      */
  44     const INVALID_CURL_VERSION = 467455;
  45
  46     /**
  47      * The value of PHP_ZTS when thread safety is enabled.
  48      */
  49     const PHP_ZTS_ENABLED = 1;
  50
  51     /**
  52      * The value of PHP_ZTS when thread safety is disabled.
  53      */
  54     const PHP_ZTS_DISABLED = 0;
  55
  56     /**
  57      * Test PHP/cURL validation.
  58      *
  59      * @dataProvider validate_php_curl_tls_testcases()
  60      * @param array $curlinfo server curl_version array
  61      * @param int   $zts      0 or 1 as defined by PHP_ZTS
  62      * @param bool  $expected expected result
  63      */
  64     public function test_validate_php_curl_tls($curlinfo, $zts, $expected) {
  65         $this->assertSame($expected, \core\upgrade\util::validate_php_curl_tls($curlinfo, $zts));
  66     }
  67
  68     /**
  69      * Test cases for validate_php_curl_tls test.
  70      */
  71     public function validate_php_curl_tls_testcases() {
  72         $base = curl_version();
  73
  74         return [
  75             'Not threadsafe - Valid SSL (GnuTLS)' => [
  76                 ['ssl_version' => 'GnuTLS/4.20'] + $base,
  77                 self::PHP_ZTS_DISABLED,
  78                 true
  79             ],
  80             'Not threadsafe - Valid SSL (OpenSSL)' => [
  81                 ['ssl_version' => 'OpenSSL'] + $base,
  82                 self::PHP_ZTS_DISABLED,
  83                 true
  84             ],
  85             'Not threadsafe - Valid SSL (WinSSL)' => [
  86                 ['ssl_version' => 'WinSSL'] + $base,
  87                 self::PHP_ZTS_DISABLED,
  88                 true
  89             ],
  90             'Not threadsafe - Invalid SSL' => [
  91                 ['ssl_version' => ''] + $base,
  92                 self::PHP_ZTS_DISABLED,
  93                 false
  94             ],
  95             'Threadsafe - Valid SSL (OpenSSL)' => [
  96                 ['ssl_version' => 'OpenSSL/1729'] + $base,
  97                 self::PHP_ZTS_ENABLED,
  98                 true
  99             ],
 100             'Threadsafe - Valid SSL (GnuTLS)' => [
 101                 ['ssl_version' => 'GnuTLS/3.14'] + $base,
 102                 self::PHP_ZTS_ENABLED,
 103                 true
 104             ],
 105             'Threadsafe - Invalid SSL' => [
 106                 ['ssl_version' => ''] + $base,
 107                 self::PHP_ZTS_ENABLED,
 108                 false
 109             ],
 110             'Threadsafe - Invalid SSL (but not empty)' => [
 111                 ['ssl_version' => 'Not GnuTLS or OpenSSL'] + $base,
 112                 self::PHP_ZTS_ENABLED,
 113                 false
 114             ]
 115         ];
 116     }
 117
 118     /**
 119      * Test various combinations of SSL/TLS libraries.
 120      *
 121      * @dataProvider can_use_tls12_testcases
 122      * @param string $sslversion the ssl_version string.
 123      * @param string|null $uname uname string (or null if not relevant)
 124      * @param bool $expected expected result
 125      */
 126     public function test_can_use_tls12($sslversion, $uname, $expected) {
 127         // Populate curlinfo with whats installed on this php install.
 128         $curlinfo = curl_version();
 129
 130         // Set the curl values we are testing to the passed data.
 131         $curlinfo['ssl_version'] = $sslversion;
 132         $curlinfo['version_number'] = self::VALID_CURL_VERSION;
 133
 134         // Set uname to system value if none passed in test case.
 135         $uname = !empty($uname) ? $uname : php_uname('r');
 136
 137         $this->assertSame($expected, \core\upgrade\util::can_use_tls12($curlinfo, $uname));
 138
 139         // Now set the curl version to outdated one.
 140         $curlinfo['version_number'] = self::INVALID_CURL_VERSION;
 141         // Tls12 should never be possible now curl version is bad.
 142         $this->assertFalse(\core\upgrade\util::can_use_tls12($curlinfo, $uname));
 143     }
 144
 145     /**
 146      * Test cases for the can_use_tls12 test.
 147      * The returned data format is:
 148      *  [(string) ssl_version, (string|null) uname (null if not relevant), (bool) expectation ]
 149      *
 150      * @return array of testcases
 151      */
 152     public function can_use_tls12_testcases() {
 153         return [
 154             // Bad versions.
 155             ['OpenSSL/0.9.8o', null, false],
 156             ['GnuTLS/1.5.0', null, false],
 157             ['NSS/3.14.15', null, false],
 158             ['CyaSSL/0.9.9', null, false],
 159             ['wolfSSL/1.0.0', null, false],
 160             ['WinSSL', '5.1', false],
 161             ['SecureTransport', '10.7.5', false],
 162             // Lowest good version.
 163             ['OpenSSL/1.0.1c', null, true],
 164             ['GnuTLS/1.7.1', null, true],
 165             ['NSS/3.15.1 Basic ECC', null, true],
 166             ['CyaSSL/1.1.0', null, true],
 167             ['wolfSSL/1.1.0', null, true],
 168             ['WinSSL', '6.1', true],
 169             ['SecureTransport', '10.8.0', true],
 170             // More higher good versions.
 171             ['OpenSSL/1.0.1t', null, true],
 172             ['GnuTLS/1.8.1', null, true],
 173             ['NSS/3.17.2 Basic ECC', null, true],
 174             ['CyaSSL/1.2.0', null, true],
 175             ['wolfSSL/1.2.0', null, true],
 176             ['WinSSL', '7.0', true],
 177             ['SecureTransport', '10.9.0', true],
 178         ];
 179     }
 180 }