protectkey + tests

author: Ben Fuhrmannek 2016-03-04 15:04:30 +0100
committer: Ben Fuhrmannek 2016-03-04 15:04:30 +0100
commit: 5c0b5f357fb9dc38e21513d4d19ea6925e81a3f4 (patch)
tree: 0193cf12e248026bd35b259da9cb6dd575ac3273
parent: 1ac3a99cf162b34bdf8fd01e5aa90438374cc14f (diff)
3 files changed, 55 insertions, 1 deletions
diff --git a/suhosin7.c b/suhosin7.c
index 14b7fa0..7986f2a 100644
--- a/suhosin7.c
+++ b/suhosin7.c
@@ -378,7 +378,7 @@ PHP_INI_BEGIN()
 #ifdef HAVE_PHP_SESSION
        // STD_S7_INI_BOOLEAN("suhosin.session.encrypt",                "1",            PHP_INI_PERDIR|PHP_INI_SYSTEM,  OnUpdateMiscBool, session_encrypt)
-        // STD_S7_INI_ENTRY("suhosin.session.cryptkey", "", PHP_INI_ALL, OnUpdateMiscString, session_cryptkey)
+        STD_S7_INI_ENTRY("suhosin.session.cryptkey", "", PHP_INI_ALL, OnUpdateMiscString, session_cryptkey)
        // STD_S7_INI_BOOLEAN("suhosin.session.cryptua",                "0",            PHP_INI_PERDIR|PHP_INI_SYSTEM,  OnUpdateMiscBool, session_cryptua)
        // STD_S7_INI_BOOLEAN("suhosin.session.cryptdocroot",           "1",            PHP_INI_PERDIR|PHP_INI_SYSTEM,  OnUpdateMiscBool, session_cryptdocroot)
        // STD_S7_INI_ENTRY("suhosin.session.cryptraddr", "0", PHP_INI_SYSTEM|PHP_INI_PERDIR, OnUpdateMiscLong, session_cryptraddr)     
diff --git a/tests/misc/protectkey_off.phpt b/tests/misc/protectkey_off.phpt
new file mode 100644
index 0000000..3120e58
--- /dev/null
+++ b/tests/misc/protectkey_off.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Testing: suhosin.protectkey=On
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.log.syslog=0
+suhosin.protectkey=0
+suhosin.session.cryptkey=SUHOSIN_TEST_SESSION_CRYPTKEY
+suhosin.cookie.cryptkey=SUHOSIN_TEST_COOKIE_CRYPTKEY
+suhosin.rand.seedingkey=SUHOSIN_TEST_SEEDINGKEY
+--FILE--
+<?php
+ob_start();
+phpinfo();
+$data = ob_get_contents();
+ob_clean();
+var_dump(strpos($data, "SUHOSIN_TEST_SESSION_CRYPTKEY")===FALSE);
+var_dump(strpos($data, "SUHOSIN_TEST_COOKIE_CRYPTKEY")===FALSE);
+var_dump(strpos($data, "SUHOSIN_TEST_SEEDINGKEY")===FALSE);
+?>
+--EXPECTF--
+bool(false)
+bool(false)
+bool(false)
diff --git a/tests/misc/protectkey_on.phpt b/tests/misc/protectkey_on.phpt
new file mode 100644
index 0000000..969d556
--- /dev/null
+++ b/tests/misc/protectkey_on.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Testing: suhosin.protectkey=On
+--SKIPIF--
+<?php include "../skipifnotcli.inc"; ?>
+--INI--
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.log.syslog=0
+suhosin.protectkey=1
+suhosin.session.cryptkey=SUHOSIN_TEST_SESSION_CRYPTKEY
+suhosin.cookie.cryptkey=SUHOSIN_TEST_COOKIE_CRYPTKEY
+suhosin.rand.seedingkey=SUHOSIN_TEST_SEEDINGKEY
+--FILE--
+<?php
+ob_start();
+phpinfo();
+$data = ob_get_contents();
+ob_clean();
+var_dump(strpos($data, "SUHOSIN_TEST_SESSION_CRYPTKEY")===FALSE);
+var_dump(strpos($data, "SUHOSIN_TEST_COOKIE_CRYPTKEY")===FALSE);
+var_dump(strpos($data, "SUHOSIN_TEST_SEEDINGKEY")===FALSE);
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+bool(true)
author	Ben Fuhrmannek	2016-03-04 15:04:30 +0100
committer	Ben Fuhrmannek	2016-03-04 15:04:30 +0100
commit	5c0b5f357fb9dc38e21513d4d19ea6925e81a3f4 (patch)
tree	0193cf12e248026bd35b259da9cb6dd575ac3273
parent	1ac3a99cf162b34bdf8fd01e5aa90438374cc14f (diff)

diff --git a/suhosin7.c b/suhosin7.c index 14b7fa0..7986f2a 100644 --- a/suhosin7.c +++ b/suhosin7.c
@@ -378,7 +378,7 @@ PHP_INI_BEGIN()
378		378
379	#ifdef HAVE_PHP_SESSION	379	#ifdef HAVE_PHP_SESSION
380	// STD_S7_INI_BOOLEAN("suhosin.session.encrypt", "1", PHP_INI_PERDIR\|PHP_INI_SYSTEM, OnUpdateMiscBool, session_encrypt)	380	// STD_S7_INI_BOOLEAN("suhosin.session.encrypt", "1", PHP_INI_PERDIR\|PHP_INI_SYSTEM, OnUpdateMiscBool, session_encrypt)
381	// STD_S7_INI_ENTRY("suhosin.session.cryptkey", "", PHP_INI_ALL, OnUpdateMiscString, session_cryptkey)	381	STD_S7_INI_ENTRY("suhosin.session.cryptkey", "", PHP_INI_ALL, OnUpdateMiscString, session_cryptkey)
382	// STD_S7_INI_BOOLEAN("suhosin.session.cryptua", "0", PHP_INI_PERDIR\|PHP_INI_SYSTEM, OnUpdateMiscBool, session_cryptua)	382	// STD_S7_INI_BOOLEAN("suhosin.session.cryptua", "0", PHP_INI_PERDIR\|PHP_INI_SYSTEM, OnUpdateMiscBool, session_cryptua)
383	// STD_S7_INI_BOOLEAN("suhosin.session.cryptdocroot", "1", PHP_INI_PERDIR\|PHP_INI_SYSTEM, OnUpdateMiscBool, session_cryptdocroot)	383	// STD_S7_INI_BOOLEAN("suhosin.session.cryptdocroot", "1", PHP_INI_PERDIR\|PHP_INI_SYSTEM, OnUpdateMiscBool, session_cryptdocroot)
384	// STD_S7_INI_ENTRY("suhosin.session.cryptraddr", "0", PHP_INI_SYSTEM\|PHP_INI_PERDIR, OnUpdateMiscLong, session_cryptraddr)	384	// STD_S7_INI_ENTRY("suhosin.session.cryptraddr", "0", PHP_INI_SYSTEM\|PHP_INI_PERDIR, OnUpdateMiscLong, session_cryptraddr)


diff --git a/tests/misc/protectkey_off.phpt b/tests/misc/protectkey_off.phpt new file mode 100644 index 0000000..3120e58 --- /dev/null +++ b/tests/misc/protectkey_off.phpt
@@ -0,0 +1,27 @@
		1	--TEST--
		2	Testing: suhosin.protectkey=On
		3	--SKIPIF--
		4	<?php include "../skipifnotcli.inc"; ?>
		5	--INI--
		6	suhosin.log.sapi=0
		7	suhosin.log.stdout=255
		8	suhosin.log.script=0
		9	suhosin.log.syslog=0
		10	suhosin.protectkey=0
		11	suhosin.session.cryptkey=SUHOSIN_TEST_SESSION_CRYPTKEY
		12	suhosin.cookie.cryptkey=SUHOSIN_TEST_COOKIE_CRYPTKEY
		13	suhosin.rand.seedingkey=SUHOSIN_TEST_SEEDINGKEY
		14	--FILE--
		15	<?php
		16	ob_start();
		17	phpinfo();
		18	$data = ob_get_contents();
		19	ob_clean();
		20	var_dump(strpos($data, "SUHOSIN_TEST_SESSION_CRYPTKEY")===FALSE);
		21	var_dump(strpos($data, "SUHOSIN_TEST_COOKIE_CRYPTKEY")===FALSE);
		22	var_dump(strpos($data, "SUHOSIN_TEST_SEEDINGKEY")===FALSE);
		23	?>
		24	--EXPECTF--
		25	bool(false)
		26	bool(false)
		27	bool(false)


diff --git a/tests/misc/protectkey_on.phpt b/tests/misc/protectkey_on.phpt new file mode 100644 index 0000000..969d556 --- /dev/null +++ b/tests/misc/protectkey_on.phpt
@@ -0,0 +1,27 @@
		1	--TEST--
		2	Testing: suhosin.protectkey=On
		3	--SKIPIF--
		4	<?php include "../skipifnotcli.inc"; ?>
		5	--INI--
		6	suhosin.log.sapi=0
		7	suhosin.log.stdout=255
		8	suhosin.log.script=0
		9	suhosin.log.syslog=0
		10	suhosin.protectkey=1
		11	suhosin.session.cryptkey=SUHOSIN_TEST_SESSION_CRYPTKEY
		12	suhosin.cookie.cryptkey=SUHOSIN_TEST_COOKIE_CRYPTKEY
		13	suhosin.rand.seedingkey=SUHOSIN_TEST_SEEDINGKEY
		14	--FILE--
		15	<?php
		16	ob_start();
		17	phpinfo();
		18	$data = ob_get_contents();
		19	ob_clean();
		20	var_dump(strpos($data, "SUHOSIN_TEST_SESSION_CRYPTKEY")===FALSE);
		21	var_dump(strpos($data, "SUHOSIN_TEST_COOKIE_CRYPTKEY")===FALSE);
		22	var_dump(strpos($data, "SUHOSIN_TEST_SEEDINGKEY")===FALSE);
		23	?>
		24	--EXPECTF--
		25	bool(true)
		26	bool(true)
		27	bool(true)