PHP :: Bug #69319 :: stream_context_set_default() options not set as default in streaming functions

Bug #69319

stream_context_set_default() options not set as default in streaming functions

Submitted:

2015-03-28 12:52 UTC

Modified:

2022-10-05 17:30 UTC

Votes:	3
Avg. Score:	4.3 ± 0.5
Reproduced:	3 of 3 (100.0%)
Same Version:	2 (66.7%)
Same OS:	2 (66.7%)

From:

php at 281180 dot de

Assigned:

Status:

Open

Package:

OpenSSL related

PHP Version:

5.6.7

OS:

Linux Debian Wheezy 7.8

Private report:

CVE-ID:

None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	php at 281180 dot de
New email:
PHP Version:		OS:

New Comment:

[2015-03-28 12:52 UTC] php at 281180 dot de

Description:
------------
As of PHP 5.6 all encrypted client streams now enable peer verification by default. 

The problem is that e. g. some certs are self-signed and streams will not work without adjusting some parts. 

The easiest way in some cases would be enabling the ssl option 'allow_self_signed' via stream_context_set_default()

But unfortunately options set via stream_context_set_default() are not honored by e. g. stream_socket_client()

Other packages seem to have the same problem:
- #54440 (here an XML issue)
- #68344 (here a MySQL issue)

Test script:
---------------
// set default stream options
$default_options = [
	'ssl' => [
		'allow_self_signed' => true,
	],
];
stream_context_set_default($default_options);

// set special stream options
$options = [
	'ssl' => [
		'verify_peer_name' => false,
	],
];

// open stream considering default options
$stream = stream_socket_client($host.':'.$port, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, stream_context_create($options));


Expected result:
----------------
Stream to work and honor both $default_options and $options

Actual result:
--------------
$default_options are ignored and the following warning is triggered:

stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in XXX on line XX

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2022-10-05 17:30 UTC] bukka@php.net

-Package: Streams related +Package: OpenSSL related

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 14:01:32 2024 UTC