weekly release 3.2dev
[moodle.git] / lib / tests / upgrade_util_test.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * Upgrade utility class  tests.
19  *
20  * @package    core
21  * @copyright  2016 Cameron Ball <cameron@cameron1729.xyz>
22  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
23  */
25 defined('MOODLE_INTERNAL') || die();
27 /**
28  * Upgrade utility class tests.
29  *
30  * @package   core
31  * @copyright 2016 Cameron Ball <cameron@cameron1729.xyz>
32  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
33  */
34 class upgrade_util_testcase extends advanced_testcase {
36     /**
37      * A cURL version that supports TLS 1.2.
38      */
39     const VALID_CURL_VERSION = 467456;
41     /**
42      * A cURL version that does not support TLS 1.2.
43      */
44     const INVALID_CURL_VERSION = 467455;
46     /**
47      * The value of PHP_ZTS when thread safety is enabled.
48      */
49     const PHP_ZTS_ENABLED = 1;
51     /**
52      * The value of PHP_ZTS when thread safety is disabled.
53      */
54     const PHP_ZTS_DISABLED = 0;
56     /**
57      * Test PHP/cURL validation.
58      *
59      * @dataProvider validate_php_curl_tls_testcases()
60      * @param array $curlinfo server curl_version array
61      * @param int   $zts      0 or 1 as defined by PHP_ZTS
62      * @param bool  $expected expected result
63      */
64     public function test_validate_php_curl_tls($curlinfo, $zts, $expected) {
65         $this->assertSame($expected, \core\upgrade\util::validate_php_curl_tls($curlinfo, $zts));
66     }
68     /**
69      * Test cases for validate_php_curl_tls test.
70      */
71     public function validate_php_curl_tls_testcases() {
72         $base = curl_version();
74         return [
75             'Not threadsafe - Valid SSL (GnuTLS)' => [
76                 ['ssl_version' => 'GnuTLS/4.20'] + $base,
77                 self::PHP_ZTS_DISABLED,
78                 true
79             ],
80             'Not threadsafe - Valid SSL (OpenSSL)' => [
81                 ['ssl_version' => 'OpenSSL'] + $base,
82                 self::PHP_ZTS_DISABLED,
83                 true
84             ],
85             'Not threadsafe - Valid SSL (WinSSL)' => [
86                 ['ssl_version' => 'WinSSL'] + $base,
87                 self::PHP_ZTS_DISABLED,
88                 true
89             ],
90             'Not threadsafe - Invalid SSL' => [
91                 ['ssl_version' => ''] + $base,
92                 self::PHP_ZTS_DISABLED,
93                 false
94             ],
95             'Threadsafe - Valid SSL (OpenSSL)' => [
96                 ['ssl_version' => 'OpenSSL/1729'] + $base,
97                 self::PHP_ZTS_ENABLED,
98                 true
99             ],
100             'Threadsafe - Valid SSL (GnuTLS)' => [
101                 ['ssl_version' => 'GnuTLS/3.14'] + $base,
102                 self::PHP_ZTS_ENABLED,
103                 true
104             ],
105             'Threadsafe - Invalid SSL' => [
106                 ['ssl_version' => ''] + $base,
107                 self::PHP_ZTS_ENABLED,
108                 false
109             ],
110             'Threadsafe - Invalid SSL (but not empty)' => [
111                 ['ssl_version' => 'Not GnuTLS or OpenSSL'] + $base,
112                 self::PHP_ZTS_ENABLED,
113                 false
114             ]
115         ];
116     }
118     /**
119      * Test various combinations of SSL/TLS libraries.
120      *
121      * @dataProvider can_use_tls12_testcases
122      * @param string $sslversion the ssl_version string.
123      * @param string|null $uname uname string (or null if not relevant)
124      * @param bool $expected expected result
125      */
126     public function test_can_use_tls12($sslversion, $uname, $expected) {
127         // Populate curlinfo with whats installed on this php install.
128         $curlinfo = curl_version();
130         // Set the curl values we are testing to the passed data.
131         $curlinfo['ssl_version'] = $sslversion;
132         $curlinfo['version_number'] = self::VALID_CURL_VERSION;
134         // Set uname to system value if none passed in test case.
135         $uname = !empty($uname) ? $uname : php_uname('r');
137         $this->assertSame($expected, \core\upgrade\util::can_use_tls12($curlinfo, $uname));
139         // Now set the curl version to outdated one.
140         $curlinfo['version_number'] = self::INVALID_CURL_VERSION;
141         // Tls12 should never be possible now curl version is bad.
142         $this->assertFalse(\core\upgrade\util::can_use_tls12($curlinfo, $uname));
143     }
145     /**
146      * Test cases for the can_use_tls12 test.
147      * The returned data format is:
148      *  [(string) ssl_version, (string|null) uname (null if not relevant), (bool) expectation ]
149      *
150      * @return array of testcases
151      */
152     public function can_use_tls12_testcases() {
153         return [
154             // Bad versions.
155             ['OpenSSL/0.9.8o', null, false],
156             ['GnuTLS/1.5.0', null, false],
157             ['NSS/3.14.15', null, false],
158             ['CyaSSL/0.9.9', null, false],
159             ['wolfSSL/1.0.0', null, false],
160             ['WinSSL', '5.1', false],
161             ['SecureTransport', '10.7.5', false],
162             // Lowest good version.
163             ['OpenSSL/1.0.1c', null, true],
164             ['GnuTLS/1.7.1', null, true],
165             ['NSS/3.15.1 Basic ECC', null, true],
166             ['CyaSSL/1.1.0', null, true],
167             ['wolfSSL/1.1.0', null, true],
168             ['WinSSL', '6.1', true],
169             ['SecureTransport', '10.8.0', true],
170             // More higher good versions.
171             ['OpenSSL/1.0.1t', null, true],
172             ['GnuTLS/1.8.1', null, true],
173             ['NSS/3.17.2 Basic ECC', null, true],
174             ['CyaSSL/1.2.0', null, true],
175             ['wolfSSL/1.2.0', null, true],
176             ['WinSSL', '7.0', true],
177             ['SecureTransport', '10.9.0', true],
178         ];
179     }