From 2e4fda2c67ce98c9be9092effe2522c1de9f7efc Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Fri, 3 Sep 2021 13:25:33 +0200
Subject: fixed session encryption in php8 + related test cases

---
 .../session_encryption/crypt_session_read_uncrypt.phpt   | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'src/tests/session_encryption/crypt_session_read_uncrypt.phpt')

diff --git a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
index 5e81b52..e2e1737 100644
--- a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
+++ b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt
@@ -4,25 +4,28 @@ SESSION crypt/decrypt valid
 <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
 --INI--
 sp.configuration_file={PWD}/config/config_crypt_session_simul.ini
+session.save_path="{PWD}"
+display_errors=0
+log_errors=1
+error_log="{PWD}"/crypt_session_read_uncrypt.tmp
 --ENV--
 return <<<EOF
 REMOTE_ADDR=127.0.0.1
 EOF;
 --FILE--
 <?php
-$current_path = dirname(getcwd()) . "/src/tests/" ;
-ini_set("session.save_path", $current_path);
-
 session_start();
 $id = session_id(); 											// Get the session_id to use it later
-$filename_sess = $current_path . "sess_" . $id;
-file_put_contents($filename_sess, "toto|s:4:\"tata\";"); 			// Write a unencrypted session
+$filename_sess = dirname(__FILE__) . "/sess_" . $id;
+file_put_contents($filename_sess, "toto|s:4:\"tata\";"); 			// Write unencrypted session
 session_write_close(); 											// Close the session
 
 session_id($id);
 session_start();												// Try to read the unencrypted session, it will fail to decrypt but it must return the session
 var_dump($_SESSION);
-echo "OK";
+echo "OK\n";
+echo file_get_contents(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp");
+unlink(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp");
 unlink($filename_sess);
 ?>
 --EXPECTF--
@@ -31,3 +34,4 @@ array(1) {
   string(4) "tata"
 }
 OK
+%aPHP Warning:  [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Buffer underflow tentative detected in cookie encryption handling for the session. Using the cookie 'as is' instead of decrypting it in %a/crypt_session_read_uncrypt.php on line 9
-- 
cgit v1.3