php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #61285 SSL connections do not timeout
Submitted: 2012-03-05 12:08 UTC Modified: 2015-03-04 15:58 UTC
Votes:7
Avg. Score:4.9 ± 0.3
Reproduced:7 of 7 (100.0%)
Same Version:2 (28.6%)
Same OS:2 (28.6%)
From: tony2001@php.net Assigned: rdlowrey (profile)
Status: Closed Package: OpenSSL related
PHP Version: 5.4SVN-2012-03-05 (SVN) OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: tony2001@php.net
New email:
PHP Version: OS:

 

 [2012-03-05 12:08 UTC] tony2001@php.net 
Description:
------------
SSL connections never timeout because poll() isn't even used in ext/openssl.


Test script:
---------------
server.php:
<?php sleep(20); ?>

client.php:
<?php ini_set('default_socket_timeout',1); var_dump(file_get_contents("https://localhost/server.php")); ?>




Expected result:
----------------
# time php client.php

Warning: file_get_contents(https://localhost/server.php): failed to open stream: HTTP request failed!  in /tmp/client.php on line 1
bool(false)

real    0m2.024s
user    0m0.012s
sys     0m0.003s


Actual result:
--------------
# time php client.php
string(0) ""

real    0m20.063s
user    0m0.012s
sys     0m0.005s

Patches

ssl_timeout.diff (last revision 2012-03-05 12:08 UTC by tony2001@php.net)

Pull Requests

Pull requests:

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2012-03-05 12:08 UTC] tony2001@php.net 
The following patch has been added/updated:

Patch Name: ssl_timeout.diff
Revision:   1330949320
URL:        https://bugs.php.net/patch-display.php?bug=61285&patch=ssl_timeout.diff&revision=1330949320
 [2012-03-05 12:37 UTC] pajoye@php.net 
I am not sure anymore that this patch is correct as it looks as it will 
reintroduce the issue introduced by a previous attempt to fix that, which was 
reverted here:

http://svn.php.net/viewvc?view=revision&revision=315310
 [2013-01-20 18:38 UTC] bbroerman at bbroerman dot net 
I have a proposed fix on my Github repo: https://github.com/bbroerman30/php-src

I have tested timeouts of various amounts with blocking sockets, but haven't tried to check other side-effects as of yet. 

How it works is within the read/write methods themselves, if the socket is blocking and has a timeout set, it will change the socket (temporarily) to non-blocking, and check the response from the attempted read/write with SSL_get_error and then wait/retry based on the response from SSL_get_error and using php_pollfd_for.

When I get a chance (probably next week or so) I'll try to test the below bug, and test with non-blocking streams.

Please feel free to test as you need, and let me know if you find any bugs.
 [2013-01-21 09:16 UTC] tony2001@php.net 
Uhm.. for some reason Github shows a lot of whitespace changes there.
Could you try to rewrite the patch to avoid them?
 [2013-01-21 09:20 UTC] pajoye@php.net 
Could you create a pull request as well? Much easier to track and comment :)
 [2013-01-21 09:21 UTC] rasmus@php.net 
Tony, you can just add ?w=1 to the Github URL and it will show you the diff 
without the whitespace changes.
 [2013-01-23 02:40 UTC] bbroerman at bbroerman dot net 
I sent the pull request a couple days ago.
 [2013-01-23 03:05 UTC] bbroerman at bbroerman dot net 
When I get a chance, I'll back out the changes, and re-do them with the same whitespace as the original... May be a couple weeks.
 [2013-08-24 14:59 UTC] boen dot robot at gmail dot com 
At the risk of being annoying, I'd like to repeat what I said in GitHub, in case it was missed...

bbroerman's changes have been done already. So, could this be merged now please?

(This issue also affects me, obviously...)
 [2014-12-31 04:09 UTC] bbroerman at bbroerman dot net 
I am making another run at the fix, this time updated for the current trunk release of PHP (my previous was for 5.5.18)

I am trying to test, but I am running into issues with make test that I am not sure are related or not. When I know for sure I'll add another comment.

If they are related, I may need guidance on what these tests are, and how timeouts on read/write may affect them.
 [2014-12-31 04:44 UTC] bbroerman at bbroerman dot net 
The comparison to the baseline (php/php-src) yielded less errors on my fork than on the origin. The php/php-src had the same errors that mine did, and more.

I will do functionality testing tomorrow, and if it works well, I will create a pull request
 [2015-03-04 15:58 UTC] rdlowrey@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: rdlowrey
 [2015-03-04 15:58 UTC] rdlowrey@php.net 
This has been addressed in upstream 5.5/5.6/master branches. Thanks to bbroerman for the associated patches.

http://git.php.net/?p=php-src.git;a=commitdiff;h=fd4641696cc67fedf494717b5e4d452019f04d6f
http://git.php.net/?p=php-src.git;a=commitdiff;h=1482ed2d5660c3875add40706a18fe29e2b3ff70
http://git.php.net/?p=php-src.git;a=commitdiff;h=dddbe0fc338a0f01ba336e84755694fb9bfbeb53
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Mon Nov 25 03:01:31 2024 UTC