\n"; $header .= "\n"; $header .= "\n"; if(isset($_GET['cookietest'])) { print $header; print "\n"; if(isset($_COOKIE['cookietest'])) print "Successfully set a test cookie\n"; else print "Failed to set a test cookie\n"; print "\n"; exit; } if(isset($_GET['includeconftest'])) { if(! is_readable('.ht-inc/conf.php')) { print "unreadable"; exit; } if(include('.ht-inc/conf.php')) print 'worked'; exit; } if(isset($_GET['includesecretstest'])) { if(! is_readable('.ht-inc/secrets.php')) { print "unreadable"; exit; } if(include('.ht-inc/secrets.php')) print 'worked'; exit; } $header .= "\n"; function exHandler($errno, $errmsg) { print "Error: $errmsg
"; } set_error_handler('exHandler'); function pass($msg) { print "

$msg

\n"; } function fail($msg) { print "

$msg

\n"; } function title($msg) { print "$msg ...
\n"; } $myurl = "http://"; if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") $myurl = "https://"; $myurl .= $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; $includesecrets = 1; $includeconf = 1; if(! ip2long(getHostbyname($_SERVER['HTTP_HOST']))) { print $header; # php version print "PHP version: " . phpversion() . "

\n"; title("Trying to resolve my hostname ({$_SERVER['HTTP_HOST']})"); print "

\n"; fail("unable to resolve my hostname; ensure {$_SERVER['HTTP_HOST']} is in DNS or create an entry for it in /etc/hosts"); print "

\n"; $includesecrets = 0; $includeconf = 0; } # test including secrets.php $allowurlopen = ini_get('allow_url_fopen'); if($includesecrets) { $data = ''; if($fp = fopen("$myurl?includesecretstest=1", 'r')) { $data = fread($fp, 100); fclose($fp); } if($allowurlopen && (empty($data) || $data == 'unreadable')) { print $header; # php version print "PHP version: " . phpversion() . "

\n"; title("Including .ht-inc/secrets.php"); print "

\n"; if($data == 'unreadable') fail("unable to read .ht-inc/secrets.php - check the permissions of the file"); else fail("unable to include .ht-inc/secrets.php - this is probably due to a syntax error in .ht-inc/secrets.php"); fail("skipping tests for contents of .ht-inc/secrets.php"); print "

\n"; $includesecrets = 0; $includeconf = 0; } } else { title("Including .ht-inc/secrets.php"); print "

\n"; fail("cannot include .ht-inc/secrets.php when hostname resolution fails"); print "

\n"; } # conf.php test if($includeconf) { $data = ''; if($fp = fopen("$myurl?includeconftest=1", 'r')) { $data = fread($fp, 100); fclose($fp); } $allowurlopen = ini_get('allow_url_fopen'); if($allowurlopen && (empty($data) || $data == 'unreadable')) { print $header; # php version print "PHP version: " . phpversion() . "

\n"; title("Including .ht-inc/conf.php"); print "

\n"; if($data == 'unreadable') fail("unable to read .ht-inc/conf.php - check the permissions of the file"); else fail("unable to include .ht-inc/conf.php - this is probably due to a syntax error in .ht-inc/conf.php"); fail("skipping tests for contents of .ht-inc/conf.php"); print "

\n"; $includeconf = 0; } } else { title("Including .ht-inc/conf.php"); print "

\n"; fail("cannot include .ht-inc/conf.php when including of .ht-inc/secrets.php fails"); print "

\n"; } # conf.php tests if($includeconf && include('.ht-inc/conf.php')) { $host = $_SERVER['HTTP_HOST']; if(! defined('COOKIEDOMAIN')) { print $header; # php version print "PHP version: " . phpversion() . "

\n"; title("Including .ht-inc/conf.php"); print "

\n"; pass("successfully included .ht-inc/conf.php"); print "

\n"; title("Checking COOKIEDOMAIN setting in .ht-inc/conf.php"); print "

\n"; fail("COOKIEDOMAIN is not defined in .ht-inc/conf.php"); print "

\n"; } else { $len = strlen(COOKIEDOMAIN); if($len && substr_compare($host, COOKIEDOMAIN, 0 - $len, $len, true) != 0) { print $header; # php version print "PHP version: " . phpversion() . "

\n"; title("Including .ht-inc/conf.php"); print "

\n"; pass("successfully included .ht-inc/conf.php"); print "

\n"; title("Checking COOKIEDOMAIN setting in .ht-inc/conf.php"); print "

\n"; fail("COOKIEDOMAIN (" . COOKIEDOMAIN . ") does not match all of or ending of the hostname of this server ($host). This will prevent cookies from being set."); print "

\n"; } else { $expire = time() + 10; setcookie("cookietest", 1, $expire, '/', COOKIEDOMAIN); print $header; # php version print "PHP version: " . phpversion() . "

\n"; title("Including .ht-inc/conf.php"); print "

\n"; pass("successfully included .ht-inc/conf.php"); print "

\n"; title("Checking COOKIEDOMAIN setting in .ht-inc/conf.php"); print "

\n"; $test = COOKIEDOMAIN; if(empty($test)) pass("COOKIEDOMAIN is set to empty string (this is valid and will result in the domain of cookies being set to $host)"); else pass("COOKIEDOMAIN (" . COOKIEDOMAIN . ") appears to be set correctly"); print "
\n"; print "

\n"; } } # check for BASEURL starting with https title("Checking that BASEURL in conf.php is set to use https"); print "

\n"; if(! defined('BASEURL')) fail("BASEURL is not defined in .ht-inc/conf.php"); else { if(substr_compare(BASEURL, 'https:', 0, 6, true) == 0) pass("BASEURL correctly set to use https"); else fail("BASEURL is not set to use https. https is required."); } print "

\n"; # check for SCRIPT being set title("Checking that SCRIPT is set appropriately"); print "

\n"; if(! defined('SCRIPT')) fail("SCRIPT is not defined in .ht-inc/conf.php"); else { if(substr_compare(SCRIPT, '/', 0, 1, true) == 0 && substr_compare(SCRIPT, '.php', -4, 4, true) == 0) pass("SCRIPT appears to be set correctly"); else fail("SCRIPT does not appear to be set correctly"); } print "

\n"; # check for existance of maintenance directory title("Checking that .ht-inc/maintenance directory exists"); print "

\n"; $file = preg_replace('|/testsetup.php|', '', $_SERVER['SCRIPT_FILENAME']); $file .= "/.ht-inc/maintenance"; if(! is_dir($file)) fail("/.ht-inc/maintenance directory does not exist. Please create it."); else { pass("/.ht-inc/maintenance directory exists"); print "

\n"; # check that we can write files to maintenance directory title("Checking that .ht-inc/maintenance directory is writable"); print "

\n"; if(! is_writable("$file")) fail("Maintenance directory is not writable"); else { if(! $fh = @fopen("$file/testfile", 'w')) fail("Failed to open file in maintenance directory"); else { if(! fwrite($fh, 'test') || ! fclose($fh)) fail("Failed to write to file in maintenance directory"); else { # check that we can remove files from maintenance directory if(! unlink("$file/testfile")) fail("Failed to remove file from maintenance directory"); else pass("Maintenance directory is writable"); } } } } print "

\n"; } # required extentions title("Testing for required php extensions"); if(version_compare(phpversion(), "5.2", "<")) $requiredexts = array('gd', 'mcrypt', 'mysql', 'openssl', 'sysvsem', 'xml', 'xmlrpc', 'session', 'pcre', 'sockets', 'ldap'); else $requiredexts = array('gd', 'mcrypt', 'mysql', 'openssl', 'sysvsem', 'xml', 'xmlrpc', 'session', 'pcre', 'sockets', 'json', 'ldap'); $exts = get_loaded_extensions(); $diff = array_diff($requiredexts, $exts); print "

\n"; if(count($diff)) { $missing = implode(', ', $diff); fail("Missing these extensiosn: $missing. Depending on the extension, some or all of VCL will not work."); } else pass("All required modules are installed"); if(! in_array('ldap', $exts)) { print "
• NOTE: The ldap extension is only required if using LDAP authentication
\n"; } print "

\n"; # secrets.php file and mysql connection if($includesecrets && include('.ht-inc/secrets.php')) { title("Checking values in .ht-inc/secrets.php"); print "

\n"; $trymysqlconnect = 1; $allok = 1; if(empty($vclhost)) { fail("\$vclhost in .ht-inc/secrets.php is not set"); $trymysqlconnect = 0; $allok = 0; } if(empty($vcldb)) { fail("\$vcldb in .ht-inc/secrets.php is not set"); $trymysqlconnect = 0; $allok = 0; } if(empty($vclusername)) { fail("\$vclusername in .ht-inc/secrets.php is not set"); $trymysqlconnect = 0; $allok = 0; } if(empty($vclpassword)) { fail("\$vclpassword in .ht-inc/secrets.php is not set"); $trymysqlconnect = 0; $allok = 0; } if(empty($mcryptkey)) { fail("\$mcryptkey in .ht-inc/secrets.php is not set"); $allok = 0; } if(empty($mcryptiv)) { fail("\$mcryptiv in .ht-inc/secrets.php is not set"); $allok = 0; } elseif(strlen($mcryptiv) != 8) { fail("\$mcryptiv in .ht-inc/secrets.php needs to be 8 characters"); $allok = 0; } if(empty($pemkey)) { fail("\$pemkey in .ht-inc/secrets.php is not set"); $allok = 0; } if($allok) pass("all required values in .ht-inc/secrets.php appear to be set"); print "

\n"; if($trymysqlconnect && in_array('mysql', $exts) && in_array('sockets', $exts)) { title("Testing mysql connection"); print "

\n"; if($fp = fsockopen($vclhost, 3306, $errno, $errstr, 5)) { $link = mysql_connect($vclhost, $vclusername, $vclpassword); if(! $link) fail("Could not connect to mysql on $vclhost"); else { pass("Successfully connected to mysql on $vclhost"); if(mysql_select_db($vcldb, $link)) pass("Successfully selected database ($vcldb) on $vclhost"); else fail("Could not select database ($vcldb) on $vclhost"); } } else fail("Could not connect to port 3306 on $vclhost"); print "

\n"; } } # test mcrypt title("Testing mcrypt"); print "

\n"; if(in_array('mcrypt', $exts)) { if($includesecrets && ! empty($mcryptkey) && ! empty($mcryptiv) && strlen($mcryptiv) == 8) { $teststring = 'testing'; if($cryptdata = mcrypt_encrypt(MCRYPT_BLOWFISH, $mcryptkey, $teststring, MCRYPT_MODE_CBC, $mcryptiv)) { pass("Successfully encrypted test string"); $decrypted = mcrypt_decrypt(MCRYPT_BLOWFISH, $mcryptkey, $cryptdata, MCRYPT_MODE_CBC, $mcryptiv); if(trim($decrypted) == $teststring) pass("Successfully decrypted test string"); else fail("Failed to decrypt test string"); } else { fail("Failed to encrypt data with mcrypt"); } } elseif($includesecrets && strlen($mcryptiv) != 8) fail("Cannot test encryption when \$mcryptiv is not exactly 8 characters"); else fail("Cannot test encryption without \$mcryptkey and \$mcryptiv from .ht-inc/secrets.php"); } else fail("mcrypt extension missing"); print "

\n"; # encryption keys $privkeyok = 0; $pubkeyok = 0; if(in_array('openssl', $exts)) { title("checking openssl encryption keys"); print "

\n"; if($includesecrets && ! empty($pemkey)) { if(is_readable(".ht-inc/keys.pem")) { $fp = fopen(".ht-inc/keys.pem", "r"); $key = fread($fp, 8192); fclose($fp); $keys["private"] = openssl_pkey_get_private($key, $pemkey); if(! $keys['private']) fail("Could not create private key from private key file (.ht-inc/keys.pem). Try running .ht-inc/genkeys.sh again."); else { pass("successfully created private key from private key file"); $privkeyok = 1; } } else fail("Could not read private key file (.ht-inc/keys.pem). Check permissions on the file."); } else fail("Cannot test private key file without \$pemkey from .ht-inc/secrets.php"); if(is_readable(".ht-inc/pubkey.pem")) { $fp = fopen(".ht-inc/pubkey.pem", "r"); $key = fread($fp, 8192); fclose($fp); $keys["public"] = openssl_pkey_get_public($key); if(! $keys['public']) fail("Could not create public key from public key file (.ht-inc/pubkey.pem). Try running .ht-inc/genkeys.sh again."); else { pass("successfully created public key from public key file"); $pubkeyok = 1; } } else fail("Could not read public key file (.ht-inc/pubkey.pem). Check permissions on the file."); print "

\n"; title("Testing openssl encryption"); print "

\n"; if(! $privkeyok) fail("cannot test encryption without a valid private key"); else { if(openssl_private_encrypt('test string', $cryptdata, $keys["private"])) { pass("successfully encrypted test string"); if(! $pubkeyok) fail("cannot test decryption without a valid public key"); else { if(openssl_public_decrypt($cryptdata, $tmp, $keys['public'])) { if($tmp == 'test string') pass("successfully decrypted test string"); else fail("failed to decrypt test string"); } else fail("failed to decrypt test string"); } } else fail("failed to encrypt test data"); } print "

\n"; } # check dojo directories title("Testing for existance of dojo directory"); print "

\n"; if(is_dir('./dojo')) { pass("dojo directory exists"); if(is_readable('./dojo')) pass("dojo directory is readable"); else fail("dojo directory is not readable. Check permissions on this directory"); } else fail("dojo directory does not exist. Download and install Dojo Toolkit 1.5.0"); print "

\n"; # check for jpgraph directory title("Testing for existance of jpgraph directory"); print "

\n"; if(is_dir('.ht-inc/jpgraph')) { pass(".ht-inc/jpgraph directory exists"); if(is_readable('.ht-inc/jpgraph')) pass(".ht-inc/jpgraphdirectory is readable"); else fail(".ht-inc/jpgraphdirectory is not readable. Check permissions on this directory"); } else fail(".ht-inc/jpgraph directory does not exist. This will only prevent statistic graphs from being generated. To correct, download and install the 3.x series of jpgraph."); print "

\n"; # php display errors title("Checking value of PHP display_errors"); $a = ini_get('display_errors'); print "

\n"; if($a == 'Off' || $a == 'off' || $a == '') print "
• display_errors: disabled
\n"; elseif($a == 'On' || $a == 'on' || $a == 1) print "
• display_errors: enabled
\n"; else fail("failed to determine value of display_errors"); ?>
• NOTE: Displaying errors in a production system is a security risk; however,
  while getting VCL up and running, having them displayed makes debugging
  a little easier. Edit your php.ini file to modify this setting.

\n"; ?>