Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.3.x will end 7 October 2024 (12 months).
  • Bug fixes for security issues in 4.3.x will end 21 April 2025 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.2.x is supported too.

Differences Between: [Versions 310 and 403] [Versions 311 and 403] [Versions 39 and 403] [Versions 400 and 403] [Versions 401 and 403]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  namespace core;
  18  
  19  /**
  20   * Upgrade utility class tests.
  21   *
  22   * @package   core
  23   * @copyright 2016 Cameron Ball <cameron@cameron1729.xyz>
  24   * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  25   */
  26  class upgrade_util_test extends \advanced_testcase {
  27  
  28      /**
  29       * The value of PHP_ZTS when thread safety is enabled.
  30       */
  31      const PHP_ZTS_ENABLED = 1;
  32  
  33      /**
  34       * The value of PHP_ZTS when thread safety is disabled.
  35       */
  36      const PHP_ZTS_DISABLED = 0;
  37  
  38      /**
  39       * Test PHP/cURL validation.
  40       *
  41       * @dataProvider validate_php_curl_tls_testcases()
  42       * @param array $curlinfo server curl_version array
  43       * @param int   $zts      0 or 1 as defined by PHP_ZTS
  44       * @param bool  $expected expected result
  45       */
  46      public function test_validate_php_curl_tls($curlinfo, $zts, $expected) {
  47          $this->assertSame($expected, \core\upgrade\util::validate_php_curl_tls($curlinfo, $zts));
  48      }
  49  
  50      /**
  51       * Test cases for validate_php_curl_tls test.
  52       */
  53      public function validate_php_curl_tls_testcases() {
  54          $base = curl_version();
  55  
  56          return [
  57              'Not threadsafe - Valid SSL (GnuTLS)' => [
  58                  ['ssl_version' => 'GnuTLS/4.20'] + $base,
  59                  self::PHP_ZTS_DISABLED,
  60                  true
  61              ],
  62              'Not threadsafe - Valid SSL (OpenSSL)' => [
  63                  ['ssl_version' => 'OpenSSL'] + $base,
  64                  self::PHP_ZTS_DISABLED,
  65                  true
  66              ],
  67              'Not threadsafe - Valid SSL (WinSSL)' => [
  68                  ['ssl_version' => 'WinSSL'] + $base,
  69                  self::PHP_ZTS_DISABLED,
  70                  true
  71              ],
  72              'Not threadsafe - Invalid SSL' => [
  73                  ['ssl_version' => ''] + $base,
  74                  self::PHP_ZTS_DISABLED,
  75                  false
  76              ],
  77              'Threadsafe - Valid SSL (OpenSSL)' => [
  78                  ['ssl_version' => 'OpenSSL/1729'] + $base,
  79                  self::PHP_ZTS_ENABLED,
  80                  true
  81              ],
  82              'Threadsafe - Valid SSL (GnuTLS)' => [
  83                  ['ssl_version' => 'GnuTLS/3.14'] + $base,
  84                  self::PHP_ZTS_ENABLED,
  85                  true
  86              ],
  87              'Threadsafe - Invalid SSL' => [
  88                  ['ssl_version' => ''] + $base,
  89                  self::PHP_ZTS_ENABLED,
  90                  false
  91              ],
  92              'Threadsafe - Invalid SSL (but not empty)' => [
  93                  ['ssl_version' => 'Not GnuTLS or OpenSSL'] + $base,
  94                  self::PHP_ZTS_ENABLED,
  95                  false
  96              ]
  97          ];
  98      }
  99  
 100      /**
 101       * Test various combinations of SSL/TLS libraries.
 102       *
 103       * @dataProvider can_use_tls12_testcases
 104       * @param string $sslversion the ssl_version string.
 105       * @param string|null $uname uname string (or null if not relevant)
 106       * @param bool $expected expected result
 107       */
 108      public function test_can_use_tls12($sslversion, $uname, $expected) {
 109          // Populate curlinfo with whats installed on this php install.
 110          $curlinfo = curl_version();
 111  
 112          // Set the curl values we are testing to the passed data.
 113          $curlinfo['ssl_version'] = $sslversion;
 114  
 115          // Set uname to system value if none passed in test case.
 116          $uname = !empty($uname) ? $uname : php_uname('r');
 117  
 118          $this->assertSame($expected, \core\upgrade\util::can_use_tls12($curlinfo, $uname));
 119      }
 120  
 121      /**
 122       * Test cases for the can_use_tls12 test.
 123       * The returned data format is:
 124       *  [(string) ssl_version, (string|null) uname (null if not relevant), (bool) expectation ]
 125       *
 126       * @return array of testcases
 127       */
 128      public function can_use_tls12_testcases() {
 129          return [
 130              // Bad versions.
 131              ['OpenSSL/0.9.8o', null, false],
 132              ['GnuTLS/1.5.0', null, false],
 133              ['NSS/3.14.15', null, false],
 134              ['CyaSSL/0.9.9', null, false],
 135              ['wolfSSL/1.0.0', null, false],
 136              ['WinSSL', '5.1', false],
 137              ['SecureTransport', '10.7.5', false],
 138              // Lowest good version.
 139              ['OpenSSL/1.0.1c', null, true],
 140              ['GnuTLS/1.7.1', null, true],
 141              ['NSS/3.15.1 Basic ECC', null, true],
 142              ['CyaSSL/1.1.0', null, true],
 143              ['wolfSSL/1.1.0', null, true],
 144              ['WinSSL', '6.1', true],
 145              ['SecureTransport', '10.8.0', true],
 146              // More higher good versions.
 147              ['OpenSSL/1.0.1t', null, true],
 148              ['GnuTLS/1.8.1', null, true],
 149              ['NSS/3.17.2 Basic ECC', null, true],
 150              ['CyaSSL/1.2.0', null, true],
 151              ['wolfSSL/1.2.0', null, true],
 152              ['WinSSL', '7.0', true],
 153              ['SecureTransport', '10.9.0', true],
 154          ];
 155      }
 156  }