From 6fef70730793eccc4943bca48c47439cd19b213e Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Tue, 18 Feb 2014 14:52:12 +0100
Subject: Some tests for the cookie encryption feature from Ben

---
 tests/cookie/crypt.checkraddr_4.phpt           | 28 +++++++++++++++++++++++++
 tests/cookie/crypt.checkraddr_4_incorrect.phpt | 26 +++++++++++++++++++++++
 tests/cookie/crypt.cryptlist.phpt              | 29 ++++++++++++++++++++++++++
 tests/cookie/crypt.docroot.phpt                | 27 ++++++++++++++++++++++++
 tests/cookie/crypt.invalid.phpt                | 26 +++++++++++++++++++++++
 tests/cookie/crypt.key_default.phpt            | 23 ++++++++++++++++++++
 tests/cookie/crypt.key_empty.phpt              | 23 ++++++++++++++++++++
 tests/cookie/crypt.key_empty_remote_addr.phpt  | 27 ++++++++++++++++++++++++
 tests/cookie/crypt.no_encryption.phpt          | 16 ++++++++++++++
 tests/cookie/crypt.plainlist.phpt              | 29 ++++++++++++++++++++++++++
 tests/cookie/crypt.raddr_1.phpt                | 27 ++++++++++++++++++++++++
 tests/cookie/crypt.raddr_2.phpt                | 27 ++++++++++++++++++++++++
 tests/cookie/crypt.raddr_3.phpt                | 27 ++++++++++++++++++++++++
 tests/cookie/crypt.raddr_4.phpt                | 27 ++++++++++++++++++++++++
 tests/cookie/crypt.ua.phpt                     | 27 ++++++++++++++++++++++++
 15 files changed, 389 insertions(+)
 create mode 100644 tests/cookie/crypt.checkraddr_4.phpt
 create mode 100644 tests/cookie/crypt.checkraddr_4_incorrect.phpt
 create mode 100644 tests/cookie/crypt.cryptlist.phpt
 create mode 100644 tests/cookie/crypt.docroot.phpt
 create mode 100644 tests/cookie/crypt.invalid.phpt
 create mode 100644 tests/cookie/crypt.key_default.phpt
 create mode 100644 tests/cookie/crypt.key_empty.phpt
 create mode 100644 tests/cookie/crypt.key_empty_remote_addr.phpt
 create mode 100644 tests/cookie/crypt.no_encryption.phpt
 create mode 100644 tests/cookie/crypt.plainlist.phpt
 create mode 100644 tests/cookie/crypt.raddr_1.phpt
 create mode 100644 tests/cookie/crypt.raddr_2.phpt
 create mode 100644 tests/cookie/crypt.raddr_3.phpt
 create mode 100644 tests/cookie/crypt.raddr_4.phpt
 create mode 100644 tests/cookie/crypt.ua.phpt

(limited to 'tests')

diff --git a/tests/cookie/crypt.checkraddr_4.phpt b/tests/cookie/crypt.checkraddr_4.phpt
new file mode 100644
index 0000000..35c3495
--- /dev/null
+++ b/tests/cookie/crypt.checkraddr_4.phpt
@@ -0,0 +1,28 @@
+--TEST--
+cookie encryption with checkraddr=4
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=Off
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=4
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8.
+--FILE--
+<?php
+var_dump($_COOKIE);
+?>
+--EXPECTF--
+array(1) {
+  ["foo"]=>
+  string(3) "bar"
+}
\ No newline at end of file
diff --git a/tests/cookie/crypt.checkraddr_4_incorrect.phpt b/tests/cookie/crypt.checkraddr_4_incorrect.phpt
new file mode 100644
index 0000000..00c2e23
--- /dev/null
+++ b/tests/cookie/crypt.checkraddr_4_incorrect.phpt
@@ -0,0 +1,26 @@
+--TEST--
+cookie encryption with checkraddr=4
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=Off
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=4
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.2
+END;
+--COOKIE--
+foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8.
+--FILE--
+<?php
+var_dump($_COOKIE);
+?>
+--EXPECTF--
+array(0) {
+}
\ No newline at end of file
diff --git a/tests/cookie/crypt.cryptlist.phpt b/tests/cookie/crypt.cryptlist.phpt
new file mode 100644
index 0000000..e56ac24
--- /dev/null
+++ b/tests/cookie/crypt.cryptlist.phpt
@@ -0,0 +1,29 @@
+--TEST--
+cookie encryption with cryptlist set
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=0
+suhosin.cookie.cryptdocroot=0
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+suhosin.cookie.cryptlist=a,b,foo,c
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+setcookie('foo2', 'bar2');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8.
+Set-Cookie: foo2=bar2
\ No newline at end of file
diff --git a/tests/cookie/crypt.docroot.phpt b/tests/cookie/crypt.docroot.phpt
new file mode 100644
index 0000000..9eeb24b
--- /dev/null
+++ b/tests/cookie/crypt.docroot.phpt
@@ -0,0 +1,27 @@
+--TEST--
+cookie encryption using document root
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=On
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+DOCUMENT_ROOT=/var/www
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=CY8CspcGmDQPsap1NqJO1uAjB6fobur1Os5ZCqFGhU8.
\ No newline at end of file
diff --git a/tests/cookie/crypt.invalid.phpt b/tests/cookie/crypt.invalid.phpt
new file mode 100644
index 0000000..b1d11dd
--- /dev/null
+++ b/tests/cookie/crypt.invalid.phpt
@@ -0,0 +1,26 @@
+--TEST--
+cookie encryption with invalid cookie
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=Off
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+foo=test
+--FILE--
+<?php
+var_dump($_COOKIE);
+?>
+--EXPECTF--
+array(0) {
+}
\ No newline at end of file
diff --git a/tests/cookie/crypt.key_default.phpt b/tests/cookie/crypt.key_default.phpt
new file mode 100644
index 0000000..91b1fcf
--- /dev/null
+++ b/tests/cookie/crypt.key_default.phpt
@@ -0,0 +1,23 @@
+--TEST--
+cookie encryption with default key
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=D3F4UL7
+suhosin.cookie.cryptua=0
+suhosin.cookie.cryptdocroot=0
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=Jq5FsTmo4aEWrLMKdoEeUuFxZ4IujCzrQjg-8Y-xphg.
\ No newline at end of file
diff --git a/tests/cookie/crypt.key_empty.phpt b/tests/cookie/crypt.key_empty.phpt
new file mode 100644
index 0000000..1736575
--- /dev/null
+++ b/tests/cookie/crypt.key_empty.phpt
@@ -0,0 +1,23 @@
+--TEST--
+cookie encryption with empty key
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=0
+suhosin.cookie.cryptdocroot=0
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=Jq5FsTmo4aEWrLMKdoEeUuFxZ4IujCzrQjg-8Y-xphg.
\ No newline at end of file
diff --git a/tests/cookie/crypt.key_empty_remote_addr.phpt b/tests/cookie/crypt.key_empty_remote_addr.phpt
new file mode 100644
index 0000000..fb00766
--- /dev/null
+++ b/tests/cookie/crypt.key_empty_remote_addr.phpt
@@ -0,0 +1,27 @@
+--TEST--
+cookie encryption with empty key and REMOTE_ADDR set
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=0
+suhosin.cookie.cryptdocroot=0
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8.
\ No newline at end of file
diff --git a/tests/cookie/crypt.no_encryption.phpt b/tests/cookie/crypt.no_encryption.phpt
new file mode 100644
index 0000000..095ce5f
--- /dev/null
+++ b/tests/cookie/crypt.no_encryption.phpt
@@ -0,0 +1,16 @@
+--TEST--
+cookie without encryption
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=0
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=bar
\ No newline at end of file
diff --git a/tests/cookie/crypt.plainlist.phpt b/tests/cookie/crypt.plainlist.phpt
new file mode 100644
index 0000000..8a29bb0
--- /dev/null
+++ b/tests/cookie/crypt.plainlist.phpt
@@ -0,0 +1,29 @@
+--TEST--
+cookie encryption with plainlist set
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=0
+suhosin.cookie.cryptdocroot=0
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+suhosin.cookie.plainlist=a,b,foo2,c
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+setcookie('foo2', 'bar2');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=EgJxlQxzPwoAcVFj395vssv3hy1rAem1lH9qZYUvRi8.
+Set-Cookie: foo2=bar2
\ No newline at end of file
diff --git a/tests/cookie/crypt.raddr_1.phpt b/tests/cookie/crypt.raddr_1.phpt
new file mode 100644
index 0000000..54400b5
--- /dev/null
+++ b/tests/cookie/crypt.raddr_1.phpt
@@ -0,0 +1,27 @@
+--TEST--
+cookie encryption using REMOTE_ADDR (cryptraddr=1)
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=Off
+suhosin.cookie.cryptraddr=1
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=lwB1g2gEIQbzRLsbKEyLcKlmu6kpBNRd6sft46-la-4.
\ No newline at end of file
diff --git a/tests/cookie/crypt.raddr_2.phpt b/tests/cookie/crypt.raddr_2.phpt
new file mode 100644
index 0000000..e87b5e7
--- /dev/null
+++ b/tests/cookie/crypt.raddr_2.phpt
@@ -0,0 +1,27 @@
+--TEST--
+cookie encryption using REMOTE_ADDR (cryptraddr=2)
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=Off
+suhosin.cookie.cryptraddr=2
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=iTnKmpON_PFkZ2Sv8omXt_myOw0LIxwZTmj5OZYQ5c8.
\ No newline at end of file
diff --git a/tests/cookie/crypt.raddr_3.phpt b/tests/cookie/crypt.raddr_3.phpt
new file mode 100644
index 0000000..a1394a5
--- /dev/null
+++ b/tests/cookie/crypt.raddr_3.phpt
@@ -0,0 +1,27 @@
+--TEST--
+cookie encryption using REMOTE_ADDR (cryptraddr=3)
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=Off
+suhosin.cookie.cryptraddr=3
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=q2LriHN5UE2RN8YKu8N-k2hE5ShtXbk8vZooBU0idWg.
\ No newline at end of file
diff --git a/tests/cookie/crypt.raddr_4.phpt b/tests/cookie/crypt.raddr_4.phpt
new file mode 100644
index 0000000..2862f9f
--- /dev/null
+++ b/tests/cookie/crypt.raddr_4.phpt
@@ -0,0 +1,27 @@
+--TEST--
+cookie encryption using REMOTE_ADDR (cryptraddr=4)
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=Off
+suhosin.cookie.cryptdocroot=Off
+suhosin.cookie.cryptraddr=4
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+REMOTE_ADDR=127.0.0.1
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=KYNdxYn5b1vujSEplr6YyON2A04YRH0YY4pCZWQDxG8.
\ No newline at end of file
diff --git a/tests/cookie/crypt.ua.phpt b/tests/cookie/crypt.ua.phpt
new file mode 100644
index 0000000..48a98b3
--- /dev/null
+++ b/tests/cookie/crypt.ua.phpt
@@ -0,0 +1,27 @@
+--TEST--
+cookie with encryption using HTTP_USER_AGENT
+--SKIPIF--
+<?php include "../skipif.inc"; ?>
+--INI--
+suhosin.cookie.encrypt=1
+suhosin.cookie.cryptkey=
+suhosin.cookie.cryptua=On
+suhosin.cookie.cryptdocroot=0
+suhosin.cookie.cryptraddr=0
+suhosin.cookie.checkraddr=0
+;suhosin.cookie.cryptlist=
+;suhosin.cookie.plainlist=
+--ENV--
+return <<<END
+HTTP_USER_AGENT=test
+END;
+--COOKIE--
+a=b
+--FILE--
+<?php
+setcookie('foo', 'bar');
+$ch = preg_grep("/^Set-Cookie:/", headers_list());
+echo join("\n", array_values($ch));
+?>
+--EXPECTF--
+Set-Cookie: foo=ZWvJsNdplAsT5Uz57vuUq7-_pbjyXTGeMrUfSrgre5w.
\ No newline at end of file
-- 
cgit v1.3