PHPC-1533: Handle OCSP URI options

Author: alcaeus

php_phongo.c

@@ -1446,8 +1446,29 @@ static bool php_phongo_uri_finalize_tls(mongoc_uri_t* uri) /* {{{ */
 
 	if (bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSINSECURE) &&
 		(bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSALLOWINVALIDCERTIFICATES) ||
-		 bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSALLOWINVALIDHOSTNAMES))) {
-		phongo_throw_exception(PHONGO_ERROR_INVALID_ARGUMENT, "Failed to parse URI options: %s may not be combined with %s or %s.", MONGOC_URI_TLSINSECURE, MONGOC_URI_TLSALLOWINVALIDCERTIFICATES, MONGOC_URI_TLSALLOWINVALIDHOSTNAMES);
+		 bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSALLOWINVALIDHOSTNAMES) ||
+		 bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSDISABLEOCSPENDPOINTCHECK) ||
+		 bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSDISABLECERTIFICATEREVOCATIONCHECK))) {
+		phongo_throw_exception(
+			PHONGO_ERROR_INVALID_ARGUMENT,
+			"Failed to parse URI options: %s may not be combined with %s, %s, %s, or %s.",
+			MONGOC_URI_TLSINSECURE,
+			MONGOC_URI_TLSALLOWINVALIDCERTIFICATES,
+			MONGOC_URI_TLSALLOWINVALIDHOSTNAMES,
+			MONGOC_URI_TLSDISABLEOCSPENDPOINTCHECK,
+			MONGOC_URI_TLSDISABLECERTIFICATEREVOCATIONCHECK);
+		return false;
+	}
+
+	if (bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSALLOWINVALIDCERTIFICATES) &&
+		(bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSDISABLEOCSPENDPOINTCHECK) ||
+		 bson_iter_init_find_case(&iter, options, MONGOC_URI_TLSDISABLECERTIFICATEREVOCATIONCHECK))) {
+		phongo_throw_exception(
+			PHONGO_ERROR_INVALID_ARGUMENT,
+			"Failed to parse URI options: %s may not be combined with %s or %s.",
+			MONGOC_URI_TLSALLOWINVALIDCERTIFICATES,
+			MONGOC_URI_TLSDISABLEOCSPENDPOINTCHECK,
+			MONGOC_URI_TLSDISABLECERTIFICATEREVOCATIONCHECK);
 		return false;
 	}
 

tests/manager/manager-ctor-tls-error-001.phpt

@@ -28,9 +28,9 @@ echo throws(function() {
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
 Failed to parse MongoDB URI: 'mongodb://localhost:27017/?tlsInsecure=true&tlsAllowInvalidHostnames=true'. tlsinsecure may not be specified with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
-Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates or tlsallowinvalidhostnames.
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
-Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates or tlsallowinvalidhostnames.
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
-Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates or tlsallowinvalidhostnames.
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 ===DONE===

tests/manager/manager-ctor-tls-error-002.phpt

@@ -28,9 +28,9 @@ echo throws(function() {
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
 Failed to parse MongoDB URI: 'mongodb://localhost:27017/?tlsInsecure=true&tlsAllowInvalidCertificates=true'. tlsinsecure may not be specified with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
-Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates or tlsallowinvalidhostnames.
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
-Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates or tlsallowinvalidhostnames.
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 OK: Got MongoDB\Driver\Exception\InvalidArgumentException
-Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates or tlsallowinvalidhostnames.
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
 ===DONE===

tests/manager/manager-ctor-tls-error-003.phpt

@@ -0,0 +1,36 @@
+--TEST--
+MongoDB\Driver\Manager::__construct(): tlsInsecure cannot be combined with tlsDisableOCSPEndpointCheck
+--FILE--
+<?php
+
+require_once __DIR__ . '/../utils/tools.php';
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsInsecure=true&tlsDisableOCSPEndpointCheck=true');
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/', ['tlsInsecure' => true, 'tlsDisableOCSPEndpointCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsInsecure=true', ['tlsDisableOCSPEndpointCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsDisableOCSPEndpointCheck=true', ['tlsInsecure' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+?>
+===DONE===
+<?php exit(0); ?>
+--EXPECT--
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse MongoDB URI: 'mongodb://localhost:27017/?tlsInsecure=true&tlsDisableOCSPEndpointCheck=true'. tlsinsecure may not be specified with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+===DONE===

tests/manager/manager-ctor-tls-error-004.phpt

@@ -0,0 +1,36 @@
+--TEST--
+MongoDB\Driver\Manager::__construct(): tlsInsecure cannot be combined with tlsDisableCertificateRevocationCheck
+--FILE--
+<?php
+
+require_once __DIR__ . '/../utils/tools.php';
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsInsecure=true&tlsDisableCertificateRevocationCheck=true');
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/', ['tlsInsecure' => true, 'tlsDisableCertificateRevocationCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsInsecure=true', ['tlsDisableCertificateRevocationCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsDisableCertificateRevocationCheck=true', ['tlsInsecure' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+?>
+===DONE===
+<?php exit(0); ?>
+--EXPECT--
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse MongoDB URI: 'mongodb://localhost:27017/?tlsInsecure=true&tlsDisableCertificateRevocationCheck=true'. tlsinsecure may not be specified with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsinsecure may not be combined with tlsallowinvalidcertificates, tlsallowinvalidhostnames, tlsdisableocspendpointcheck, or tlsdisablecertificaterevocationcheck.
+===DONE===

tests/manager/manager-ctor-tls-error-005.phpt

@@ -0,0 +1,36 @@
+--TEST--
+MongoDB\Driver\Manager::__construct(): tlsAllowInvalidCertificates cannot be combined with tlsDisableOCSPEndpointCheck
+--FILE--
+<?php
+
+require_once __DIR__ . '/../utils/tools.php';
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsAllowInvalidCertificates=true&tlsDisableOCSPEndpointCheck=true');
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/', ['tlsAllowInvalidCertificates' => true, 'tlsDisableOCSPEndpointCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsAllowInvalidCertificates=true', ['tlsDisableOCSPEndpointCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsDisableOCSPEndpointCheck=true', ['tlsAllowInvalidCertificates' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+?>
+===DONE===
+<?php exit(0); ?>
+--EXPECT--
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse MongoDB URI: 'mongodb://localhost:27017/?tlsAllowInvalidCertificates=true&tlsDisableOCSPEndpointCheck=true'. tlsallowinvalidcertificates may not be specified with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsallowinvalidcertificates may not be combined with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsallowinvalidcertificates may not be combined with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsallowinvalidcertificates may not be combined with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+===DONE===

tests/manager/manager-ctor-tls-error-006.phpt

@@ -0,0 +1,36 @@
+--TEST--
+MongoDB\Driver\Manager::__construct(): tlsAllowInvalidCertificates cannot be combined with tlsDisableCertificateRevocationCheck
+--FILE--
+<?php
+
+require_once __DIR__ . '/../utils/tools.php';
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsAllowInvalidCertificates=true&tlsDisableCertificateRevocationCheck=true');
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/', ['tlsAllowInvalidCertificates' => true, 'tlsDisableCertificateRevocationCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsAllowInvalidCertificates=true', ['tlsDisableCertificateRevocationCheck' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+echo throws(function() {
+    new MongoDB\Driver\Manager('mongodb://localhost:27017/?tlsDisableCertificateRevocationCheck=true', ['tlsAllowInvalidCertificates' => true]);
+}, "MongoDB\Driver\Exception\InvalidArgumentException"), "\n";
+
+?>
+===DONE===
+<?php exit(0); ?>
+--EXPECT--
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse MongoDB URI: 'mongodb://localhost:27017/?tlsAllowInvalidCertificates=true&tlsDisableCertificateRevocationCheck=true'. tlsallowinvalidcertificates may not be specified with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsallowinvalidcertificates may not be combined with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsallowinvalidcertificates may not be combined with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+OK: Got MongoDB\Driver\Exception\InvalidArgumentException
+Failed to parse URI options: tlsallowinvalidcertificates may not be combined with tlsdisableocspendpointcheck or tlsdisablecertificaterevocationcheck.
+===DONE===