Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

adding enableCrypto() method to CakeSocket class

  • Loading branch information...
commit 27a895d7d8789334def82f32402c6bb282ed632a 1 parent a7865b5
Jorge M. González Martín steinkel authored
53 lib/Cake/Network/CakeSocket.php
View
@@ -77,6 +77,27 @@ class CakeSocket {
public $lastError = array();
/**
+ * True if the socket stream is encrypted after a CakeSocket::enableCrypto() call
+ * @var type
+ */
+ public $encrypted = false;
+
+/**
+ * Contains all the encryption methods available
+ * @var array
+ */
+ protected $_encryptMethods = array(
+ 'sslv2_client' => STREAM_CRYPTO_METHOD_SSLv2_CLIENT,
+ 'sslv3_client' => STREAM_CRYPTO_METHOD_SSLv3_CLIENT,
+ 'sslv23_client' =>STREAM_CRYPTO_METHOD_SSLv23_CLIENT,
+ 'tls_client' => STREAM_CRYPTO_METHOD_TLS_CLIENT,
+ 'sslv2_server' => STREAM_CRYPTO_METHOD_SSLv2_SERVER,
+ 'sslv3_server' => STREAM_CRYPTO_METHOD_SSLv3_SERVER,
+ 'sslv23_server' => STREAM_CRYPTO_METHOD_SSLv23_SERVER,
+ 'tls_server' => STREAM_CRYPTO_METHOD_TLS_SERVER
+ );
+
+/**
* Constructor.
*
* @param array $config Socket configuration, which will be merged with the base configuration
@@ -277,4 +298,34 @@ public function reset($state = null) {
return true;
}
-}
+/**
+ * Encrypts current stream socket, using one of the defined encryption methods
+ *
+ * @param string $type can be one of 'ssl2', 'ssl3', 'ssl23' or 'tls'
+ * @param string $clientOrServer can be one of 'client', 'server'. Default is 'client'
+ * @param boolean $enable enable or disable encryption. Default is true (enable)
+ * @return boolean True on success
+ * @throws SocketException
+ * @see stream_socket_enable_crypto
+ */
+ public function enableCrypto($type, $clientOrServer = 'client', $enable = true) {
+ if (!array_key_exists($type . '_' . $clientOrServer, $this->_encryptMethods)) {
+ throw new InvalidArgumentException();
+ }
+ $enableCryptoResult = false;
+ try {
+ $enableCryptoResult = stream_socket_enable_crypto($this->connection, $enable, $this->_encryptMethods[$type . '_' . $clientOrServer]);
+ } catch (Exception $e) {
+ $this->setLastError(null, $e->getMessage());
+ throw new SocketException($e->getMessage());
+ }
+ if ($enableCryptoResult === true) {
+ $this->encrypted = $enable;
+ return true;
+ } else {
+ $errorMessage = __('Unable to perform enableCrypto operation on CakeSocket');
+ $this->setLastError(null, $errorMessage);
+ throw new SocketException($errorMessage);
+ }
+ }
+}
109 lib/Cake/Test/Case/Network/CakeSocketTest.php
View
@@ -214,4 +214,113 @@ public function testReset() {
$anotherSocket->reset();
$this->assertEquals(array(), $anotherSocket->config);
}
+
+/**
+ * testEncrypt
+ *
+ * @return void
+ */
+ public function testEnableCryptoSocketExceptionNoSsl() {
+ $configNoSslOrTls = array('host' => 'localhost', 'port' => 80, 'timeout' => 0.1);
+
+ // testing exception on no ssl socket server for ssl and tls methods
+ $this->Socket = new CakeSocket($configNoSslOrTls);
+ $this->Socket->connect();
+ $this->setExpectedException('SocketException');
+ $this->Socket->enableCrypto('sslv3', 'client');
+ }
+
+/**
+ * testEnableCryptoSocketExceptionNoTls
+ *
+ * @return void
+ */
+ public function testEnableCryptoSocketExceptionNoTls() {
+ $configNoSslOrTls = array('host' => 'localhost', 'port' => 80, 'timeout' => 0.1);
+
+ // testing exception on no ssl socket server for ssl and tls methods
+ $this->Socket = new CakeSocket($configNoSslOrTls);
+ $this->Socket->connect();
+ $this->setExpectedException('SocketException');
+ $this->Socket->enableCrypto('tls', 'client');
+ }
+
+/**
+ * _connectSocketToSslTls
+ *
+ * @return void
+ */
+ protected function _connectSocketToSslTls() {
+ $configSslTls = array('host' => 'smtp.gmail.com', 'port' => 465, 'timeout' => 5);
+ $this->Socket = new CakeSocket($configSslTls);
+ $this->Socket->connect();
+ }
+
+/**
+ * testEnableCryptoBadMode
+ *
+ * @return void
+ */
+ public function testEnableCryptoBadMode() {
+ // testing wrong encryption mode
+ $this->_connectSocketToSslTls();
+ $this->setExpectedException('InvalidArgumentException');
+ $this->Socket->enableCrypto('doesntExistMode', 'server');
+ $this->Socket->disconnect();
+ }
+
+/**
+ * testEnableCrypto
+ *
+ * @return void
+ */
+ public function testEnableCrypto() {
+ // testing on ssl server
+ $this->_connectSocketToSslTls();
+ $this->assertTrue($this->Socket->enableCrypto('sslv3', 'client'));
+ $this->Socket->disconnect();
+
+ // testing on tls server
+ $this->_connectSocketToSslTls();
+ $this->assertTrue($this->Socket->enableCrypto('tls', 'client'));
+ $this->Socket->disconnect();
+ }
+
+/**
+ * testEnableCryptoExceptionEnableTwice
+ *
+ * @return void
+ */
+ public function testEnableCryptoExceptionEnableTwice() {
+ // testing on tls server
+ $this->_connectSocketToSslTls();
+ $this->Socket->enableCrypto('tls', 'client');
+ $this->setExpectedException('SocketException');
+ $this->Socket->enableCrypto('tls', 'client');
+ }
+
+/**
+ * testEnableCryptoExceptionDisableTwice
+ *
+ * @return void
+ */
+ public function testEnableCryptoExceptionDisableTwice() {
+ // testing on tls server
+ $this->_connectSocketToSslTls();
+ $this->setExpectedException('SocketException');
+ $this->Socket->enableCrypto('tls', 'client', false);
+ }
+
+/**
+ * testEnableCryptoEnableStatus
+ *
+ * @return void
+ */
+ public function testEnableCryptoEnableStatus() {
+ // testing on tls server
+ $this->_connectSocketToSslTls();
+ $this->assertFalse($this->Socket->encrypted);
+ $this->Socket->enableCrypto('tls', 'client', true);
+ $this->assertTrue($this->Socket->encrypted);
+ }
}
Please sign in to comment.
Something went wrong with that request. Please try again.