Created
July 20, 2017 22:06
-
-
Save greggles/66c9c350742c5fd85724c07a6b6343f6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| print "<pre>"; | |
| $urls = [ | |
| [ | |
| 'url' => 'https://badssl.com/', | |
| 'expected_http' => 200, | |
| 'expected_curl_errno' => 0, | |
| 'expected_curl_error' => '', | |
| ], | |
| // cool, works normal ^ | |
| [ | |
| 'url' => 'https://revoked.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'something for sure', | |
| ], | |
| [ | |
| 'url' => 'https://pinning-test.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'something, for sure', | |
| ], | |
| [ | |
| 'url' => 'https://tls-v1-0.badssl.com/', | |
| 'port' => 1010, | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'something, for sure', | |
| ], | |
| [ | |
| 'url' => 'https://tls-v1-1.badssl.com/', | |
| 'port' => 1011, | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'something, for sure', | |
| ], | |
| [ | |
| 'url' => 'https://tls-v1-1.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'something, for sure', | |
| ], | |
| [ | |
| 'url' => 'https://no-common-name.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'maybe something?', | |
| ], | |
| [ | |
| 'url' => 'https://no-subject.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'probably something', | |
| ], | |
| [ | |
| 'url' => 'https://sha1-intermediate.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'something, for sure', | |
| ], | |
| [ | |
| 'url' => 'https://cbc.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'maybe something', | |
| ], | |
| [ | |
| 'url' => 'https://3des.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'maybe something?', | |
| ], | |
| [ | |
| 'url' => 'https://dh-small-subgroup.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'maybe something?', | |
| ], | |
| [ | |
| 'url' => 'https://dh-composite.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'maybe something?', | |
| ], | |
| [ | |
| 'url' => 'https://dh1024.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 35, | |
| 'expected_curl_error' => 'something, probably', | |
| ], | |
| [ | |
| 'url' => 'https://dh2048.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 35, | |
| 'expected_curl_error' => 'something, probably', | |
| ], | |
| [ | |
| 'url' => 'https://invalid-expected-sct.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'something, for sure', | |
| ], | |
| // Failed - false errno = 0^^ | |
| [ | |
| 'url' => 'https://bad.host.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: Invalid certificate chain', | |
| ], | |
| [ | |
| 'url' => 'https://untrusted-root.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: Invalid certificate chain', | |
| ], | |
| // failed - errno 60 but gave error text "unable to get local issuer certificate" instead of the same error I get from CLI version of cURL. | |
| [ | |
| 'url' => 'https://expired.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: certificate has expired', | |
| ], | |
| [ | |
| 'url' => 'https://wrong.host.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 51, | |
| 'expected_curl_error' => 'SSL: no alternative certificate subject name matches target host name \'wrong.host.badssl.com\'', | |
| ], | |
| [ | |
| 'url' => 'https://self-signed.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: self signed certificate', | |
| ], | |
| [ | |
| 'url' => 'https://incomplete-chain.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: unable to get local issuer certificate', | |
| ], | |
| [ | |
| 'url' => 'https://rc4-md5.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 35, | |
| 'expected_curl_error' => 'error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure', | |
| ], | |
| [ | |
| 'url' => 'https://rc4.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 35, | |
| 'expected_curl_error' => 'error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure', | |
| ], | |
| [ | |
| 'url' => 'https://null.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 35, | |
| 'expected_curl_error' => 'error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure', | |
| ], | |
| [ | |
| 'url' => 'https://dh480.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 35, | |
| 'expected_curl_error' => 'error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small', | |
| ], | |
| [ | |
| 'url' => 'https://dh512.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 35, | |
| 'expected_curl_error' => 'error:14082174:SSL routines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small', | |
| ], | |
| [ | |
| 'url' => 'https://superfish.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: unable to get local issuer certificate', | |
| ], | |
| [ | |
| 'url' => 'https://edellroot.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: unable to get local issuer certificate', | |
| ], | |
| [ | |
| 'url' => 'https://dsdtestprovider.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: unable to get local issuer certificate', | |
| ], | |
| [ | |
| 'url' => 'https://preact-cli.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: unable to get local issuer certificate', | |
| ], | |
| [ | |
| 'url' => 'https://webpack-dev-server.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: unable to get local issuer certificate', | |
| ], | |
| [ | |
| 'url' => 'https://sha1-2016.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: certificate has expired', | |
| ], | |
| [ | |
| 'url' => 'https://sha1-2017.badssl.com/', | |
| 'expected_http' => 0, | |
| 'expected_curl_errno' => 60, | |
| 'expected_curl_error' => 'SSL certificate problem: certificate has expired', | |
| ], | |
| ]; | |
| $cool = $error = 0; | |
| foreach ($urls as $url) { | |
| print "Url is " . $url['url']. PHP_EOL; | |
| // Make that call. | |
| $ch = curl_init(); | |
| curl_setopt($ch, CURLOPT_URL, $url['url']); | |
| curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); | |
| curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE); | |
| curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); | |
| if (isset($url['port'])) { | |
| curl_setopt($ch, CURLOPT_PORT, $url['port']); | |
| } | |
| // Below needs curl 7.41.0 or later (Ubuntu 14.04 has 7.35). | |
| // curl_setopt($ch, CURLOPT_SSL_VERIFYSTATUS, TRUE); | |
| $result= curl_exec($ch); | |
| $info = curl_getinfo($ch); | |
| $curl_error = curl_error($ch); | |
| $curl_errno = curl_errno($ch); | |
| if ($info['http_code'] !== $url['expected_http']) { | |
| $error++; | |
| print sprintf("Error: Found HTTP code '%s' doesn't match the expected http code of '%s'", $info['http_code'], $url['expected_http']) . PHP_EOL; | |
| } | |
| else { | |
| $cool++; | |
| print sprintf("Cool: Found HTTP code '%s' matches the expected http code of '%s'", $info['http_code'], $url['expected_http']) . PHP_EOL; | |
| } | |
| if ($curl_error !== $url['expected_curl_error']) { | |
| $error++; | |
| print sprintf("Error: Found CURL error '%s' doesn't match the expected CURL error of '%s'", $curl_error, $url['expected_curl_error']) . PHP_EOL; | |
| } | |
| else { | |
| $cool++; | |
| print sprintf("Cool: Found CURL error '%s' matches the expected CURL error of '%s'", $curl_error, $url['expected_curl_error']) . PHP_EOL; | |
| } | |
| if ($curl_errno !== $url['expected_curl_errno']) { | |
| $error++; | |
| print sprintf("Error: Found CURL error '%s' doesn't match the expected CURL error of '%s'", $curl_errno, $url['expected_curl_errno']) . PHP_EOL; | |
| } | |
| else { | |
| $cool++; | |
| print sprintf("Cool: Found CURL error '%s' matches the expected CURL error of '%s'", $curl_errno, $url['expected_curl_errno']) . PHP_EOL; | |
| } | |
| // All done with that. | |
| curl_close($ch); | |
| } | |
| print "There were $cool cool cases and $error error cases."; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment