diff options
| author | jvoisin | 2022-03-20 18:20:45 +0100 |
|---|---|---|
| committer | jvoisin | 2022-03-20 18:20:45 +0100 |
| commit | 81dd7f2ef07af306fe83d7755cbac4529aa9fc8d (patch) | |
| tree | 32cc44c6231b30db5ac7b15699297863460784aa /src/tests/session_encryption/crypt_session_read_uncrypt.phpt | |
| parent | 83b01942dfc80474cc05e09aeef4b44307a7120b (diff) | |
| parent | c38df1077a6c1dfbca1baca049214d053e2e7684 (diff) | |
Merge remote-tracking branch 'sektioneins/master'
Diffstat (limited to 'src/tests/session_encryption/crypt_session_read_uncrypt.phpt')
| -rw-r--r-- | src/tests/session_encryption/crypt_session_read_uncrypt.phpt | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt index 5e81b52..5966f8e 100644 --- a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt +++ b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt | |||
| @@ -2,27 +2,33 @@ | |||
| 2 | SESSION crypt/decrypt valid | 2 | SESSION crypt/decrypt valid |
| 3 | --SKIPIF-- | 3 | --SKIPIF-- |
| 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> | 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> |
| 5 | <?php if (!extension_loaded("session")) print "skip"; ?> | ||
| 6 | --EXTENSIONS-- | ||
| 7 | session | ||
| 5 | --INI-- | 8 | --INI-- |
| 6 | sp.configuration_file={PWD}/config/config_crypt_session_simul.ini | 9 | sp.configuration_file={PWD}/config/config_crypt_session_simul.ini |
| 10 | session.save_path="{PWD}" | ||
| 11 | display_errors=0 | ||
| 12 | log_errors=1 | ||
| 13 | error_log="{PWD}"/crypt_session_read_uncrypt.tmp | ||
| 7 | --ENV-- | 14 | --ENV-- |
| 8 | return <<<EOF | 15 | return <<<EOF |
| 9 | REMOTE_ADDR=127.0.0.1 | 16 | REMOTE_ADDR=127.0.0.1 |
| 10 | EOF; | 17 | EOF; |
| 11 | --FILE-- | 18 | --FILE-- |
| 12 | <?php | 19 | <?php |
| 13 | $current_path = dirname(getcwd()) . "/src/tests/" ; | ||
| 14 | ini_set("session.save_path", $current_path); | ||
| 15 | |||
| 16 | session_start(); | 20 | session_start(); |
| 17 | $id = session_id(); // Get the session_id to use it later | 21 | $id = session_id(); // Get the session_id to use it later |
| 18 | $filename_sess = $current_path . "sess_" . $id; | 22 | $filename_sess = dirname(__FILE__) . "/sess_" . $id; |
| 19 | file_put_contents($filename_sess, "toto|s:4:\"tata\";"); // Write a unencrypted session | 23 | file_put_contents($filename_sess, "toto|s:4:\"tata\";"); // Write unencrypted session |
| 20 | session_write_close(); // Close the session | 24 | session_write_close(); // Close the session |
| 21 | 25 | ||
| 22 | session_id($id); | 26 | session_id($id); |
| 23 | session_start(); // Try to read the unencrypted session, it will fail to decrypt but it must return the session | 27 | session_start(); // Try to read the unencrypted session, it will fail to decrypt but it must return the session |
| 24 | var_dump($_SESSION); | 28 | var_dump($_SESSION); |
| 25 | echo "OK"; | 29 | echo "OK\n"; |
| 30 | echo file_get_contents(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp"); | ||
| 31 | unlink(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp"); | ||
| 26 | unlink($filename_sess); | 32 | unlink($filename_sess); |
| 27 | ?> | 33 | ?> |
| 28 | --EXPECTF-- | 34 | --EXPECTF-- |
| @@ -31,3 +37,4 @@ array(1) { | |||
| 31 | string(4) "tata" | 37 | string(4) "tata" |
| 32 | } | 38 | } |
| 33 | OK | 39 | OK |
| 40 | %aPHP Warning: [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Buffer underflow tentative detected in cookie encryption handling for the session. Using the cookie 'as is' instead of decrypting it in %a/crypt_session_read_uncrypt.php on line 9 | ||