|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #30765 ssl over fopen vs fsockopen
Submitted: 2004-11-11 23:34 UTC Modified: 2004-11-13 05:46 UTC
From: kurt at milliganshome dot net Assigned:
Status: Not a bug Package: Network related
PHP Version: 4.3.9 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: kurt at milliganshome dot net
New email:
PHP Version: OS:


 [2004-11-11 23:34 UTC] kurt at milliganshome dot net
Hi All

Running php v4.3.9 on RH Linux 7.3 & 9.0 with openssl 0.9.7d.

I have noticed similar problems to Bug#23220, but have found that using fopen works while using fsockopen does not.

// works ok!
$fd = fopen('','r');
    echo fgets($fd,1024);

// generates SSL: fatal protocol error
$fd = fsockopen('ssl://',443);
fwrite($fd,"GET / HTTP/1.1\r\nHost:\r\nConnection: Close\r\n\r\n");
    echo fgets($fd,1024);

This would be OK if I didn't need to POST, but I do...anyone else notice this? Is there some difference in the way that fgets operates depending on whether it was opened via fopen or fsockopen?

I see the posting in bug#23220:

"Note that due to the nature of the problem (eg: IIS being at fault),there is no way for PHP to determine the difference between a legitimate problem and a bogus IIS unless you are using the built-in HTTP wrapper: we inspect the headers to determine if we should show the warning or not.

So, if you are manually opening an SSL stream, you still need to suppress the warning yourself based on the presence of "Server: Microsoft-IIS" in the headers that you read. "

But I don't get any headers back; the script fails on the first fgets call. If I'm missing something, please let me know.



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2004-11-12 01:40 UTC] kurt at milliganshome dot net
I'm no longer certain this is a bug...seems to be working now. It was very odd, tho. Sorry for any onconvenience.
 [2004-11-13 05:46 UTC]
Not a Bug == Bogus

And fwiw, That's not a completely valid HTTP/1.1 request.  You should probably stick to HTTP/1.0 unless you plan to implement a full 1.1 client.

PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Fri Aug 19 17:05:44 2022 UTC