Add a bunch of session id / session encryption tests from Ben.

author: Stefan Esser 2014-02-15 12:13:19 +0100
committer: Stefan Esser 2014-02-15 12:13:19 +0100
commit: 71c70de8df61ff1446efb1c168d3c2deccf58586 (patch)
tree: c157eb11e83912026f2f4fbe72681d0c729ad92b
parent: d556e8afdd33cbe89ed2f3f4e2d0700e495dadc9 (diff)
15 files changed, 357 insertions, 0 deletions
diff --git a/tests/session/crypt.checkraddr_4.phpt b/tests/session/crypt.checkraddr_4.phpt
new file mode 100644
index 0000000..42ac96a
--- /dev/null
+++ b/tests/session/crypt.checkraddr_4.phpt
@@ -0,0 +1,29 @@
+--TEST--
+session encryption with checkraddr=4
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+PHPSESSID=test
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=0
+suhosin.session.checkraddr=4
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start(new RemoteAddrSessionHandler());
+var_dump($_SESSION);
+?>
+--EXPECTF--
+array(1) {
+  ["a"]=>
+  string(1) "b"
+}
diff --git a/tests/session/crypt.checkraddr_4_incorrect.phpt b/tests/session/crypt.checkraddr_4_incorrect.phpt
new file mode 100644
index 0000000..cc468b8
--- /dev/null
+++ b/tests/session/crypt.checkraddr_4_incorrect.phpt
@@ -0,0 +1,27 @@
+--TEST--
+session encryption with checkraddr=4 and incorrect REMOTE_ADDR
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.2
+PHPSESSID=test
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=0
+suhosin.session.checkraddr=4
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start(new RemoteAddrSessionHandler());
+var_dump($_SESSION);
+?>
+--EXPECTF--
+array(0) {
+}
diff --git a/tests/session/crypt.docroot.phpt b/tests/session/crypt.docroot.phpt
new file mode 100644
index 0000000..d5b6fc6
--- /dev/null
+++ b/tests/session/crypt.docroot.phpt
@@ -0,0 +1,25 @@
+--TEST--
+session with encryption using docroot
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+DOCUMENT_ROOT=/var/www
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=On
+suhosin.session.cryptraddr=0
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: NKChb1rdctXd-Acz0uzOYVnJT_J2mxYRVUgSh0w5mlk.
diff --git a/tests/session/crypt.key_default.phpt b/tests/session/crypt.key_default.phpt
new file mode 100644
index 0000000..8e4f12a
--- /dev/null
+++ b/tests/session/crypt.key_default.phpt
@@ -0,0 +1,21 @@
+--TEST--
+session with encryption default key
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=0
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: RIuy2LSSd3_s3hhDCnN89bNWyCnhvNAO0YUq7OQKuJc.
diff --git a/tests/session/crypt.key_empty.phpt b/tests/session/crypt.key_empty.phpt
new file mode 100644
index 0000000..3e5da11
--- /dev/null
+++ b/tests/session/crypt.key_empty.phpt
@@ -0,0 +1,21 @@
+--TEST--
+session with encryption key empty
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=0
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: RIuy2LSSd3_s3hhDCnN89bNWyCnhvNAO0YUq7OQKuJc.
diff --git a/tests/session/crypt.key_empty_remote_addr.phpt b/tests/session/crypt.key_empty_remote_addr.phpt
new file mode 100644
index 0000000..cf1292a
--- /dev/null
+++ b/tests/session/crypt.key_empty_remote_addr.phpt
@@ -0,0 +1,25 @@
+--TEST--
+session with encryption key empty and REMOTE_ADDR set
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=0
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: j1YTvIOAUqxZMjuJ_ZnHPHWY5XEayycsr7O94aMzmBQ.
diff --git a/tests/session/crypt.no_encryption.phpt b/tests/session/crypt.no_encryption.phpt
new file mode 100644
index 0000000..6b6bc97
--- /dev/null
+++ b/tests/session/crypt.no_encryption.phpt
@@ -0,0 +1,15 @@
+--TEST--
+session without encryption
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--INI--
+suhosin.session.encrypt=Off
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: a|s:1:"b";
+\ No newline at end of file
diff --git a/tests/session/crypt.raddr_1.phpt b/tests/session/crypt.raddr_1.phpt
new file mode 100644
index 0000000..2070d03
--- /dev/null
+++ b/tests/session/crypt.raddr_1.phpt
@@ -0,0 +1,25 @@
+--TEST--
+session with encryption using REMOTE_ADDR (cryptraddr=1)
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=1
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: wkiQGgZgWnBFDyCs_4QYD_oaw_m35l_5I35XRg0wX_g.
diff --git a/tests/session/crypt.raddr_2.phpt b/tests/session/crypt.raddr_2.phpt
new file mode 100644
index 0000000..b8c21bc
--- /dev/null
+++ b/tests/session/crypt.raddr_2.phpt
@@ -0,0 +1,25 @@
+--TEST--
+session with encryption using REMOTE_ADDR (cryptraddr=2)
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=2
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: WDyvE0R4mUqvOG6e5VzhfgWMjfCWSFC5bNNI_3dIT3w.
diff --git a/tests/session/crypt.raddr_3.phpt b/tests/session/crypt.raddr_3.phpt
new file mode 100644
index 0000000..afe2729
--- /dev/null
+++ b/tests/session/crypt.raddr_3.phpt
@@ -0,0 +1,25 @@
+--TEST--
+session with encryption using REMOTE_ADDR (cryptraddr=3)
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=3
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: 6kLKLrgCmlOuEPXPON_K5SWHLuIbHdLsh4MJ0QtTFj8.
diff --git a/tests/session/crypt.raddr_4.phpt b/tests/session/crypt.raddr_4.phpt
new file mode 100644
index 0000000..28b4098
--- /dev/null
+++ b/tests/session/crypt.raddr_4.phpt
@@ -0,0 +1,25 @@
+--TEST--
+session with encryption using REMOTE_ADDR (cryptraddr=4)
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=Off
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=4
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: QYSbWh8enETvdtKfao8G6aiXqK7_lhzFmRNYa2lo-UM.
diff --git a/tests/session/crypt.ua.phpt b/tests/session/crypt.ua.phpt
new file mode 100644
index 0000000..4c53273
--- /dev/null
+++ b/tests/session/crypt.ua.phpt
@@ -0,0 +1,25 @@
+--TEST--
+session with encryption using ua
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--ENV--
+return <<<END
+HTTP_USER_AGENT=test
+END;
+--INI--
+suhosin.session.encrypt=On
+suhosin.session.cryptkey=D3F4UL7
+suhosin.session.cryptua=On
+suhosin.session.cryptdocroot=Off
+suhosin.session.cryptraddr=0
+suhosin.session.checkraddr=0
+--FILE--
+<?php
+include "sessionhandler.inc";
+session_test_start();
+$_SESSION['a'] = 'b';
+?>
+--EXPECTF--
+SESSION: 3pVZdIv7vHG-PwO_rLQLUGerd4L_UX60xJoAM-IoVC4.
diff --git a/tests/session/max_id_length_ok.phpt b/tests/session/max_id_length_ok.phpt
new file mode 100644
index 0000000..9f91c94
--- /dev/null
+++ b/tests/session/max_id_length_ok.phpt
@@ -0,0 +1,14 @@
+--TEST--
+session id not too long
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--INI--
+suhosin.session.max_id_length=32
+--FILE--
+<?php
+session_id('12345678901234567890123456789012');
+session_start();
+echo session_id();
+?>
+--EXPECTF--
+12345678901234567890123456789012
+\ No newline at end of file
diff --git a/tests/session/max_id_length_toolong.phpt b/tests/session/max_id_length_toolong.phpt
new file mode 100644
index 0000000..0e16621
--- /dev/null
+++ b/tests/session/max_id_length_toolong.phpt
@@ -0,0 +1,14 @@
+--TEST--
+session id too long
+--SKIPIF--
+<?php include "../skipifcli.inc"; ?>
+--INI--
+suhosin.session.max_id_length=32
+--FILE--
+<?php
+session_id('123456789012345678901234567890123');
+session_start();
+echo strlen(session_id());
+?>
+--EXPECTF--
+32
+\ No newline at end of file
diff --git a/tests/session/sessionhandler.inc b/tests/session/sessionhandler.inc
new file mode 100644
index 0000000..31b7546
--- /dev/null
+++ b/tests/session/sessionhandler.inc
@@ -0,0 +1,41 @@
+<?php
+class GenericSessionHandler implements SessionHandlerInterface
+{
+        function open($savePath, $sessionName) { return true; }
+        function close() { return true; }
+        function read($id) { return (string)""; }
+        function write($id, $data) { return true; }
+        function destroy($id) { return true; }
+        function gc($maxlifetime) { return true; }
+}
+class WriteSessionHandler extends GenericSessionHandler
+{
+        function write($id, $data)
+        {
+                echo "SESSION: $data\n";
+                return true;
+        }
+}
+class RemoteAddrSessionHandler extends GenericSessionHandler
+{
+        ## key empty and REMOTE_ADDR set to 127.0.0.1
+        function read($id) { return (string)"j1YTvIOAUqxZMjuJ_ZnHPHWY5XEayycsr7O94aMzmBQ."; }
+}
+function session_test_start($handler=null) {
+        if (!$handler) {
+                $handler = new WriteSessionHandler();
+        }
+        session_set_save_handler($handler, true);
+        session_start();
+        return $handler;
+}
+?>
author	Stefan Esser	2014-02-15 12:13:19 +0100
committer	Stefan Esser	2014-02-15 12:13:19 +0100
commit	71c70de8df61ff1446efb1c168d3c2deccf58586 (patch)
tree	c157eb11e83912026f2f4fbe72681d0c729ad92b
parent	d556e8afdd33cbe89ed2f3f4e2d0700e495dadc9 (diff)

diff --git a/tests/session/crypt.checkraddr_4.phpt b/tests/session/crypt.checkraddr_4.phpt new file mode 100644 index 0000000..42ac96a --- /dev/null +++ b/tests/session/crypt.checkraddr_4.phpt
@@ -0,0 +1,29 @@
	1	--TEST--
	2	session encryption with checkraddr=4
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	REMOTE_ADDR=127.0.0.1
	8	PHPSESSID=test
	9	END;
	10	--INI--
	11	suhosin.session.encrypt=On
	12	suhosin.session.cryptkey=D3F4UL7
	13	suhosin.session.cryptua=Off
	14	suhosin.session.cryptdocroot=Off
	15	suhosin.session.cryptraddr=0
	16	suhosin.session.checkraddr=4
	17	--FILE--
	18	<?php
	19	include "sessionhandler.inc";
	20
	21	session_test_start(new RemoteAddrSessionHandler());
	22	var_dump($_SESSION);
	23
	24	?>
	25	--EXPECTF--
	26	array(1) {
	27	["a"]=>
	28	string(1) "b"
	29	}


diff --git a/tests/session/crypt.checkraddr_4_incorrect.phpt b/tests/session/crypt.checkraddr_4_incorrect.phpt new file mode 100644 index 0000000..cc468b8 --- /dev/null +++ b/tests/session/crypt.checkraddr_4_incorrect.phpt
@@ -0,0 +1,27 @@
	1	--TEST--
	2	session encryption with checkraddr=4 and incorrect REMOTE_ADDR
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	REMOTE_ADDR=127.0.0.2
	8	PHPSESSID=test
	9	END;
	10	--INI--
	11	suhosin.session.encrypt=On
	12	suhosin.session.cryptkey=D3F4UL7
	13	suhosin.session.cryptua=Off
	14	suhosin.session.cryptdocroot=Off
	15	suhosin.session.cryptraddr=0
	16	suhosin.session.checkraddr=4
	17	--FILE--
	18	<?php
	19	include "sessionhandler.inc";
	20
	21	session_test_start(new RemoteAddrSessionHandler());
	22	var_dump($_SESSION);
	23
	24	?>
	25	--EXPECTF--
	26	array(0) {
	27	}


diff --git a/tests/session/crypt.docroot.phpt b/tests/session/crypt.docroot.phpt new file mode 100644 index 0000000..d5b6fc6 --- /dev/null +++ b/tests/session/crypt.docroot.phpt
@@ -0,0 +1,25 @@
	1	--TEST--
	2	session with encryption using docroot
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	DOCUMENT_ROOT=/var/www
	8	END;
	9	--INI--
	10	suhosin.session.encrypt=On
	11	suhosin.session.cryptkey=D3F4UL7
	12	suhosin.session.cryptua=Off
	13	suhosin.session.cryptdocroot=On
	14	suhosin.session.cryptraddr=0
	15	suhosin.session.checkraddr=0
	16	--FILE--
	17	<?php
	18	include "sessionhandler.inc";
	19	session_test_start();
	20	$_SESSION['a'] = 'b';
	21
	22
	23	?>
	24	--EXPECTF--
	25	SESSION: NKChb1rdctXd-Acz0uzOYVnJT_J2mxYRVUgSh0w5mlk.


diff --git a/tests/session/crypt.key_default.phpt b/tests/session/crypt.key_default.phpt new file mode 100644 index 0000000..8e4f12a --- /dev/null +++ b/tests/session/crypt.key_default.phpt
@@ -0,0 +1,21 @@
	1	--TEST--
	2	session with encryption default key
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--INI--
	6	suhosin.session.encrypt=On
	7	suhosin.session.cryptkey=D3F4UL7
	8	suhosin.session.cryptua=Off
	9	suhosin.session.cryptdocroot=Off
	10	suhosin.session.cryptraddr=0
	11	suhosin.session.checkraddr=0
	12	--FILE--
	13	<?php
	14	include "sessionhandler.inc";
	15	session_test_start();
	16	$_SESSION['a'] = 'b';
	17
	18
	19	?>
	20	--EXPECTF--
	21	SESSION: RIuy2LSSd3_s3hhDCnN89bNWyCnhvNAO0YUq7OQKuJc.


diff --git a/tests/session/crypt.key_empty.phpt b/tests/session/crypt.key_empty.phpt new file mode 100644 index 0000000..3e5da11 --- /dev/null +++ b/tests/session/crypt.key_empty.phpt
@@ -0,0 +1,21 @@
	1	--TEST--
	2	session with encryption key empty
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--INI--
	6	suhosin.session.encrypt=On
	7	suhosin.session.cryptkey=
	8	suhosin.session.cryptua=Off
	9	suhosin.session.cryptdocroot=Off
	10	suhosin.session.cryptraddr=0
	11	suhosin.session.checkraddr=0
	12	--FILE--
	13	<?php
	14	include "sessionhandler.inc";
	15	session_test_start();
	16	$_SESSION['a'] = 'b';
	17
	18
	19	?>
	20	--EXPECTF--
	21	SESSION: RIuy2LSSd3_s3hhDCnN89bNWyCnhvNAO0YUq7OQKuJc.


diff --git a/tests/session/crypt.key_empty_remote_addr.phpt b/tests/session/crypt.key_empty_remote_addr.phpt new file mode 100644 index 0000000..cf1292a --- /dev/null +++ b/tests/session/crypt.key_empty_remote_addr.phpt
@@ -0,0 +1,25 @@
	1	--TEST--
	2	session with encryption key empty and REMOTE_ADDR set
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	REMOTE_ADDR=127.0.0.1
	8	END;
	9	--INI--
	10	suhosin.session.encrypt=On
	11	suhosin.session.cryptkey=
	12	suhosin.session.cryptua=Off
	13	suhosin.session.cryptdocroot=Off
	14	suhosin.session.cryptraddr=0
	15	suhosin.session.checkraddr=0
	16	--FILE--
	17	<?php
	18	include "sessionhandler.inc";
	19	session_test_start();
	20	$_SESSION['a'] = 'b';
	21
	22
	23	?>
	24	--EXPECTF--
	25	SESSION: j1YTvIOAUqxZMjuJ_ZnHPHWY5XEayycsr7O94aMzmBQ.


diff --git a/tests/session/crypt.no_encryption.phpt b/tests/session/crypt.no_encryption.phpt new file mode 100644 index 0000000..6b6bc97 --- /dev/null +++ b/tests/session/crypt.no_encryption.phpt
@@ -0,0 +1,15 @@
	1	--TEST--
	2	session without encryption
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--INI--
	6	suhosin.session.encrypt=Off
	7	--FILE--
	8	<?php
	9	include "sessionhandler.inc";
	10	session_test_start();
	11	$_SESSION['a'] = 'b';
	12
	13	?>
	14	--EXPECTF--
	15	SESSION: a\|s:1:"b"; \ No newline at end of file


diff --git a/tests/session/crypt.raddr_1.phpt b/tests/session/crypt.raddr_1.phpt new file mode 100644 index 0000000..2070d03 --- /dev/null +++ b/tests/session/crypt.raddr_1.phpt
@@ -0,0 +1,25 @@
	1	--TEST--
	2	session with encryption using REMOTE_ADDR (cryptraddr=1)
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	REMOTE_ADDR=127.0.0.1
	8	END;
	9	--INI--
	10	suhosin.session.encrypt=On
	11	suhosin.session.cryptkey=D3F4UL7
	12	suhosin.session.cryptua=Off
	13	suhosin.session.cryptdocroot=Off
	14	suhosin.session.cryptraddr=1
	15	suhosin.session.checkraddr=0
	16	--FILE--
	17	<?php
	18	include "sessionhandler.inc";
	19	session_test_start();
	20	$_SESSION['a'] = 'b';
	21
	22
	23	?>
	24	--EXPECTF--
	25	SESSION: wkiQGgZgWnBFDyCs_4QYD_oaw_m35l_5I35XRg0wX_g.


diff --git a/tests/session/crypt.raddr_2.phpt b/tests/session/crypt.raddr_2.phpt new file mode 100644 index 0000000..b8c21bc --- /dev/null +++ b/tests/session/crypt.raddr_2.phpt
@@ -0,0 +1,25 @@
	1	--TEST--
	2	session with encryption using REMOTE_ADDR (cryptraddr=2)
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	REMOTE_ADDR=127.0.0.1
	8	END;
	9	--INI--
	10	suhosin.session.encrypt=On
	11	suhosin.session.cryptkey=D3F4UL7
	12	suhosin.session.cryptua=Off
	13	suhosin.session.cryptdocroot=Off
	14	suhosin.session.cryptraddr=2
	15	suhosin.session.checkraddr=0
	16	--FILE--
	17	<?php
	18	include "sessionhandler.inc";
	19	session_test_start();
	20	$_SESSION['a'] = 'b';
	21
	22
	23	?>
	24	--EXPECTF--
	25	SESSION: WDyvE0R4mUqvOG6e5VzhfgWMjfCWSFC5bNNI_3dIT3w.


diff --git a/tests/session/crypt.raddr_3.phpt b/tests/session/crypt.raddr_3.phpt new file mode 100644 index 0000000..afe2729 --- /dev/null +++ b/tests/session/crypt.raddr_3.phpt
@@ -0,0 +1,25 @@
	1	--TEST--
	2	session with encryption using REMOTE_ADDR (cryptraddr=3)
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	REMOTE_ADDR=127.0.0.1
	8	END;
	9	--INI--
	10	suhosin.session.encrypt=On
	11	suhosin.session.cryptkey=D3F4UL7
	12	suhosin.session.cryptua=Off
	13	suhosin.session.cryptdocroot=Off
	14	suhosin.session.cryptraddr=3
	15	suhosin.session.checkraddr=0
	16	--FILE--
	17	<?php
	18	include "sessionhandler.inc";
	19	session_test_start();
	20	$_SESSION['a'] = 'b';
	21
	22
	23	?>
	24	--EXPECTF--
	25	SESSION: 6kLKLrgCmlOuEPXPON_K5SWHLuIbHdLsh4MJ0QtTFj8.


diff --git a/tests/session/crypt.raddr_4.phpt b/tests/session/crypt.raddr_4.phpt new file mode 100644 index 0000000..28b4098 --- /dev/null +++ b/tests/session/crypt.raddr_4.phpt
@@ -0,0 +1,25 @@
	1	--TEST--
	2	session with encryption using REMOTE_ADDR (cryptraddr=4)
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	REMOTE_ADDR=127.0.0.1
	8	END;
	9	--INI--
	10	suhosin.session.encrypt=On
	11	suhosin.session.cryptkey=D3F4UL7
	12	suhosin.session.cryptua=Off
	13	suhosin.session.cryptdocroot=Off
	14	suhosin.session.cryptraddr=4
	15	suhosin.session.checkraddr=0
	16	--FILE--
	17	<?php
	18	include "sessionhandler.inc";
	19	session_test_start();
	20	$_SESSION['a'] = 'b';
	21
	22
	23	?>
	24	--EXPECTF--
	25	SESSION: QYSbWh8enETvdtKfao8G6aiXqK7_lhzFmRNYa2lo-UM.


diff --git a/tests/session/crypt.ua.phpt b/tests/session/crypt.ua.phpt new file mode 100644 index 0000000..4c53273 --- /dev/null +++ b/tests/session/crypt.ua.phpt
@@ -0,0 +1,25 @@
	1	--TEST--
	2	session with encryption using ua
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--ENV--
	6	return <<<END
	7	HTTP_USER_AGENT=test
	8	END;
	9	--INI--
	10	suhosin.session.encrypt=On
	11	suhosin.session.cryptkey=D3F4UL7
	12	suhosin.session.cryptua=On
	13	suhosin.session.cryptdocroot=Off
	14	suhosin.session.cryptraddr=0
	15	suhosin.session.checkraddr=0
	16	--FILE--
	17	<?php
	18	include "sessionhandler.inc";
	19	session_test_start();
	20	$_SESSION['a'] = 'b';
	21
	22
	23	?>
	24	--EXPECTF--
	25	SESSION: 3pVZdIv7vHG-PwO_rLQLUGerd4L_UX60xJoAM-IoVC4.


diff --git a/tests/session/max_id_length_ok.phpt b/tests/session/max_id_length_ok.phpt new file mode 100644 index 0000000..9f91c94 --- /dev/null +++ b/tests/session/max_id_length_ok.phpt
@@ -0,0 +1,14 @@
	1	--TEST--
	2	session id not too long
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--INI--
	6	suhosin.session.max_id_length=32
	7	--FILE--
	8	<?php
	9	session_id('12345678901234567890123456789012');
	10	session_start();
	11	echo session_id();
	12	?>
	13	--EXPECTF--
	14	12345678901234567890123456789012 \ No newline at end of file


diff --git a/tests/session/max_id_length_toolong.phpt b/tests/session/max_id_length_toolong.phpt new file mode 100644 index 0000000..0e16621 --- /dev/null +++ b/tests/session/max_id_length_toolong.phpt
@@ -0,0 +1,14 @@
	1	--TEST--
	2	session id too long
	3	--SKIPIF--
	4	<?php include "../skipifcli.inc"; ?>
	5	--INI--
	6	suhosin.session.max_id_length=32
	7	--FILE--
	8	<?php
	9	session_id('123456789012345678901234567890123');
	10	session_start();
	11	echo strlen(session_id());
	12	?>
	13	--EXPECTF--
	14	32 \ No newline at end of file


diff --git a/tests/session/sessionhandler.inc b/tests/session/sessionhandler.inc new file mode 100644 index 0000000..31b7546 --- /dev/null +++ b/tests/session/sessionhandler.inc
@@ -0,0 +1,41 @@
	1	<?php
	2	class GenericSessionHandler implements SessionHandlerInterface
	3	{
	4	function open($savePath, $sessionName) { return true; }
	5
	6	function close() { return true; }
	7
	8	function read($id) { return (string)""; }
	9
	10	function write($id, $data) { return true; }
	11
	12	function destroy($id) { return true; }
	13
	14	function gc($maxlifetime) { return true; }
	15
	16	}
	17	class WriteSessionHandler extends GenericSessionHandler
	18	{
	19	function write($id, $data)
	20	{
	21	echo "SESSION: $data\n";
	22	return true;
	23	}
	24	}
	25	class RemoteAddrSessionHandler extends GenericSessionHandler
	26	{
	27	## key empty and REMOTE_ADDR set to 127.0.0.1
	28	function read($id) { return (string)"j1YTvIOAUqxZMjuJ_ZnHPHWY5XEayycsr7O94aMzmBQ."; }
	29	}
	30
	31
	32	function session_test_start($handler=null) {
	33	if (!$handler) {
	34	$handler = new WriteSessionHandler();
	35	}
	36	session_set_save_handler($handler, true);
	37	session_start();
	38	return $handler;
	39	}
	40
	41	?>