Added two more test cases for CN matching.

datibbaw · datibbaw · commit 674dd73f8c34 · 2013-10-07T22:10:05.000+08:00
diff --git a/ext/openssl/tests/bug65729.phpt b/ext/openssl/tests/bug65729.phpt
@@ -13,24 +13,28 @@ stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
 $server = stream_socket_server('ssl://127.0.0.1:64321', $errno, $errstr,
 	STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context);
 
+$expected_names = array('foo.test.com.sg', 'foo.test.com', 'foo.bar.test.com');
+
 $pid = pcntl_fork();
 if ($pid == -1) {
 	die('could not fork');
 } else if ($pid) {
-	$contextC = stream_context_create(
-		array(
+	foreach ($expected_names as $expected_name) {
+		$contextC = stream_context_create(array(
 			'ssl' => array(
 				'verify_peer'		=> true,
 				'allow_self_signed'	=> true,
-				'CN_match'		=> 'foo.test.com.sg',
+				'CN_match'		=> $expected_name,
 			)
-		)
-	);
-	var_dump(stream_socket_client("ssl://127.0.0.1:64321", $errno, $errstr, 1,
+		));
+		var_dump(stream_socket_client("ssl://127.0.0.1:64321", $errno, $errstr, 1,
 		STREAM_CLIENT_CONNECT, $contextC));
+	}
 } else {	
 	@pcntl_wait($status);
-	@stream_socket_accept($server, 1);
+	foreach ($expected_names as $name) {
+		@stream_socket_accept($server, 1);
+	}
 }
 --EXPECTF--
 Warning: stream_socket_client(): Peer certificate CN=`*.test.com' did not match expected CN=`foo.test.com.sg' in %s on line %d
@@ -39,4 +43,11 @@ Warning: stream_socket_client(): Failed to enable crypto in %s on line %d
 
 Warning: stream_socket_client(): unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d
 bool(false)
+resource(%d) of type (stream)
+
+Warning: stream_socket_client(): Peer certificate CN=`*.test.com' did not match expected CN=`foo.bar.test.com' in %s on line %d
+
+Warning: stream_socket_client(): Failed to enable crypto in %s on line %d
 
+Warning: stream_socket_client(): unable to connect to ssl://127.0.0.1:64321 (Unknown error) in %s on line %d
+bool(false)
