php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #5865 fopen with ssl support
Submitted: 2000-07-31 01:26 UTC Modified: 2002-03-16 11:10 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: jianmang at stachanov dot com Assigned: wez (profile)
Status: Closed Package: Feature/Change Request
PHP Version: 4.0.1pl2 OS: ANY
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: jianmang at stachanov dot com
New email:
PHP Version: OS:

 

 [2000-07-31 01:26 UTC] jianmang at stachanov dot com
I would love to see fopen can "talk" to a SSL enabled server. This feature is crucial for server-to-server secure communication/automation. Currently I use curl to acheive this. Curl is a ~1 MB beast, obviously this creates considerable startup costs.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-07-31 01:44 UTC] sterling@php.net
You can use PHP's built-in CURL support in the latest CVS.
 [2000-07-31 08:18 UTC] hholzgra@php.net
reopened as the report clearly stated that curl 
was not the desired option ...
 [2001-08-12 15:29 UTC] sebastian@php.net
User Response:

While working on #5865, you could also add generic SSL socket support to fsockopen,
something like
fsockopen("ssl://example.com", ...)

don't forget to add support for client certificates/keys, including passing the password
to unlock 'em (ok, this would probably require a completely new function).

for connecting to a single server, one solution is running a stunnel daemon:
stunnel -c -d 127.0.0.1:1000 -r example.com:123 -p /certs/blah.pem
and then fsockopen()ing to that port;
however, this is both a security problem (anyone on the machine can connect to that port)
and useless, if one wishes to connect to a host that is not known in advance.

another option would be to allow php to talk to exec'd processes (hopefully stunnel works
this way; it doesn't when piped), but this requires an extra process per request which is
a resource hog. and, well, this is all in openssl already, so ...

 [2001-08-12 15:40 UTC] wez@php.net
It's in the pipeline.
Assigning to myself.
--Wez.
 [2002-03-16 11:10 UTC] wez@php.net
Implemented in PHP 4.3.0.
Sorry it took so long :-)
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved.
Last updated: Sat Jan 04 22:01:28 2025 UTC