File: SSLConnectionTest.php

package info (click to toggle)
php-amqplib 3.7.3-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,060 kB
  • sloc: php: 13,145; makefile: 77; sh: 27
file content (100 lines) | stat: -rw-r--r-- 2,701 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
<?php

namespace PhpAmqpLib\Tests\Functional\Connection;

use PhpAmqpLib\Tests\Functional\AbstractConnectionTestCase;
use PHPUnit\Framework\Attributes\DataProvider;
use PHPUnit\Framework\Attributes\RequiresPhpunit;
use PHPUnit\Framework\Attributes\Test;

/**
 * @group connection
 * @requires OS Linux|Darwin
 */
class SSLConnectionTest extends AbstractConnectionTestCase
{
    #[DataProvider('secure_connection_params')]
    #[RequiresPhpunit('< 11')]
    #[Test]
    public function secure_connection_default_params($options)
    {
        $port = $options['port'] ?? 5671;
        $connection = $this->connection_create('ssl', HOST, $port, $options);
        self::assertTrue($connection->isConnected());
        $channel = $connection->channel();
        self::assertTrue($channel->is_open());

        $channel->close();
        $connection->close();
    }

    #[DataProvider('secure_connection_params')]
    #[RequiresPhpunit('< 11')]
    #[Test]
    public function secure_connection_default_params_with_keepalive($options)
    {
        $options['keepalive'] = true;
        $this->secure_connection_default_params($options);
    }

    public static function secure_connection_params()
    {
        $sets = [];

        $certsPath = realpath(__DIR__ . '/../../certs');

        // #0 peer verification
        $options = [
            'ssl' => [
                'cafile' => $certsPath . '/ca_certificate.pem',
                'local_cert' => $certsPath . '/client_certificate.pem',
                'local_pk' => $certsPath . '/client_key.pem',
                'verify_peer' => true,
                'verify_peer_name' => false,
            ],
        ];
        $sets[] = [
            $options
        ];

        // #1 TLS protocol
        $options['protocol'] = 'tlsv1.3';
        $sets[] = [$options];

        // #2 SNI_enabled
        $options = [
            'ssl' => [
                'cafile' => $certsPath . 'ca_certificate.pem',
                'verify_peer' => false,
                'verify_peer_name' => false,
                'SNI_enabled' => true,
            ]
        ];
        $sets[] = [$options];

        // #3 capath option
        $options = [
            'ssl' => [
                'capath' => $certsPath . '/hashed/',
                'verify_peer_name' => false,
            ],
        ];
        $sets[] = [
            $options
        ];

        // #4 non-TLS options
        $options = ['port' => 5672];
        $sets[] = [
            $options
        ];

        // #5 TLS crypto method
        $options[] = ['ssl' => ['crypto_method' => STREAM_CRYPTO_METHOD_ANY_CLIENT]];
        $sets[] = [
            $options
        ];

        return $sets;
    }
}