Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
  • Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.

Differences Between: [Versions 310 and 311] [Versions 310 and 400] [Versions 310 and 401] [Versions 310 and 402] [Versions 310 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Upgrade utility class  tests.
  19   *
  20   * @package    core
  21   * @copyright  2016 Cameron Ball <cameron@cameron1729.xyz>
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  defined('MOODLE_INTERNAL') || die();
  26  
  27  // Hack to let tests run on Travis CI.
  28  defined('CURL_SSLVERSION_TLSv1_2') || define('CURL_SSLVERSION_TLSv1_2', 6);
  29  
  30  /**
  31   * Upgrade utility class tests.
  32   *
  33   * @package   core
  34   * @copyright 2016 Cameron Ball <cameron@cameron1729.xyz>
  35   * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  36   */
  37  class upgrade_util_testcase extends advanced_testcase {
  38  
  39      /**
  40       * The value of PHP_ZTS when thread safety is enabled.
  41       */
  42      const PHP_ZTS_ENABLED = 1;
  43  
  44      /**
  45       * The value of PHP_ZTS when thread safety is disabled.
  46       */
  47      const PHP_ZTS_DISABLED = 0;
  48  
  49      /**
  50       * Test PHP/cURL validation.
  51       *
  52       * @dataProvider validate_php_curl_tls_testcases()
  53       * @param array $curlinfo server curl_version array
  54       * @param int   $zts      0 or 1 as defined by PHP_ZTS
  55       * @param bool  $expected expected result
  56       */
  57      public function test_validate_php_curl_tls($curlinfo, $zts, $expected) {
  58          $this->assertSame($expected, \core\upgrade\util::validate_php_curl_tls($curlinfo, $zts));
  59      }
  60  
  61      /**
  62       * Test cases for validate_php_curl_tls test.
  63       */
  64      public function validate_php_curl_tls_testcases() {
  65          $base = curl_version();
  66  
  67          return [
  68              'Not threadsafe - Valid SSL (GnuTLS)' => [
  69                  ['ssl_version' => 'GnuTLS/4.20'] + $base,
  70                  self::PHP_ZTS_DISABLED,
  71                  true
  72              ],
  73              'Not threadsafe - Valid SSL (OpenSSL)' => [
  74                  ['ssl_version' => 'OpenSSL'] + $base,
  75                  self::PHP_ZTS_DISABLED,
  76                  true
  77              ],
  78              'Not threadsafe - Valid SSL (WinSSL)' => [
  79                  ['ssl_version' => 'WinSSL'] + $base,
  80                  self::PHP_ZTS_DISABLED,
  81                  true
  82              ],
  83              'Not threadsafe - Invalid SSL' => [
  84                  ['ssl_version' => ''] + $base,
  85                  self::PHP_ZTS_DISABLED,
  86                  false
  87              ],
  88              'Threadsafe - Valid SSL (OpenSSL)' => [
  89                  ['ssl_version' => 'OpenSSL/1729'] + $base,
  90                  self::PHP_ZTS_ENABLED,
  91                  true
  92              ],
  93              'Threadsafe - Valid SSL (GnuTLS)' => [
  94                  ['ssl_version' => 'GnuTLS/3.14'] + $base,
  95                  self::PHP_ZTS_ENABLED,
  96                  true
  97              ],
  98              'Threadsafe - Invalid SSL' => [
  99                  ['ssl_version' => ''] + $base,
 100                  self::PHP_ZTS_ENABLED,
 101                  false
 102              ],
 103              'Threadsafe - Invalid SSL (but not empty)' => [
 104                  ['ssl_version' => 'Not GnuTLS or OpenSSL'] + $base,
 105                  self::PHP_ZTS_ENABLED,
 106                  false
 107              ]
 108          ];
 109      }
 110  
 111      /**
 112       * Test various combinations of SSL/TLS libraries.
 113       *
 114       * @dataProvider can_use_tls12_testcases
 115       * @param string $sslversion the ssl_version string.
 116       * @param string|null $uname uname string (or null if not relevant)
 117       * @param bool $expected expected result
 118       */
 119      public function test_can_use_tls12($sslversion, $uname, $expected) {
 120          // Populate curlinfo with whats installed on this php install.
 121          $curlinfo = curl_version();
 122  
 123          // Set the curl values we are testing to the passed data.
 124          $curlinfo['ssl_version'] = $sslversion;
 125  
 126          // Set uname to system value if none passed in test case.
 127          $uname = !empty($uname) ? $uname : php_uname('r');
 128  
 129          $this->assertSame($expected, \core\upgrade\util::can_use_tls12($curlinfo, $uname));
 130      }
 131  
 132      /**
 133       * Test cases for the can_use_tls12 test.
 134       * The returned data format is:
 135       *  [(string) ssl_version, (string|null) uname (null if not relevant), (bool) expectation ]
 136       *
 137       * @return array of testcases
 138       */
 139      public function can_use_tls12_testcases() {
 140          return [
 141              // Bad versions.
 142              ['OpenSSL/0.9.8o', null, false],
 143              ['GnuTLS/1.5.0', null, false],
 144              ['NSS/3.14.15', null, false],
 145              ['CyaSSL/0.9.9', null, false],
 146              ['wolfSSL/1.0.0', null, false],
 147              ['WinSSL', '5.1', false],
 148              ['SecureTransport', '10.7.5', false],
 149              // Lowest good version.
 150              ['OpenSSL/1.0.1c', null, true],
 151              ['GnuTLS/1.7.1', null, true],
 152              ['NSS/3.15.1 Basic ECC', null, true],
 153              ['CyaSSL/1.1.0', null, true],
 154              ['wolfSSL/1.1.0', null, true],
 155              ['WinSSL', '6.1', true],
 156              ['SecureTransport', '10.8.0', true],
 157              // More higher good versions.
 158              ['OpenSSL/1.0.1t', null, true],
 159              ['GnuTLS/1.8.1', null, true],
 160              ['NSS/3.17.2 Basic ECC', null, true],
 161              ['CyaSSL/1.2.0', null, true],
 162              ['wolfSSL/1.2.0', null, true],
 163              ['WinSSL', '7.0', true],
 164              ['SecureTransport', '10.9.0', true],
 165          ];
 166      }
 167  }