php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33770 https:// or ftps:// do not work when --with-curlwrappers is used
Submitted: 2005-07-19 14:35 UTC Modified: 2006-08-30 17:49 UTC
Votes:5
Avg. Score:4.4 ± 0.8
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:2 (50.0%)
From: subscription at nazarenko dot net Assigned: iliaa
Status: Closed Package: cURL related
PHP Version: 5CVS-2006-06-26 (snap) OS: Linux OpenSUSE 10.1
Private report: No CVE-ID:
 [2005-07-19 14:35 UTC] subscription at nazarenko dot net
Description:
------------
I have 64bit SuSE 9.3 and try to use file() function to read a webpage via http/https.

The http protocol is ok, however https returns empty result without any errors/notices (E_ALL is on).

I have compiled in OpenSSL support (OpenSSL is v0.9.7e).

I have another machine with 32bit Linux on it in the same network, I have compiled PHP with similar settings and https works fine on it.

Reproduce code:
---------------
Using the following configure:

./configure --with-snmp --enable-cli --with-curl \
-disable-dom --prefix=/usr --disable-cgi \
--disable-spl --disable-xml --without-pear \
--disable-ipv6 --enable-shmop --enable-pcntl \
--without-iconv --disable-ctype --disable-libxml \
--enable-sysvsem --enable-sysvshm --enable-sockets \
--without-sqlite --disable-session --enable-sigchild \
--disable-simplexml --disable-tokenizer \
--with-curlwrappers --enable-memory-limit \
--enable-discard-path --program-suffix=-net \
--enable-ucd-snmp-hack --with-config-file-path=/etc \
--with-mysqli=/usr/bin/mysql_config


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-07-19 21:23 UTC] sniper@php.net
subscription at nazarenko dot net:
"Tried the latest snapshot as advised. Same effect as before, the problem persists.

Test script:
<?php var_dump(file("https://host2/")); ?>

Both "host1" and "host2" are on the same subnet. "

(do NOT add any huge outputs of anything unless asked for!)
 [2005-07-19 21:32 UTC] sniper@php.net
Works fine for me under FC4 x86_64smp. 
Try with this configure line:

./configure --disable-all --disable-cgi --with-openssl

And use sapi/cli/php to run your script.

 [2005-07-20 00:48 UTC] subscription at nazarenko dot net
Thank you for a speedy response.
Indeed, with the minimal configure, it started working again.
After 1 hour of mixing and matching the modules I found the culprit.

It is: curl-7.13.0 libraries compiled in with the following parameters:

--with-curl --with-curlwrappers

Actually, without "--with-curlwrappers" it works fine. Tested both for 5.0.4 and 5CVS
 [2005-08-02 07:57 UTC] sniper@php.net
I can't reproduce this, with having both of those configure options enabled the same time. Please try latest CVS snapshot.
 [2005-08-02 19:33 UTC] subscription at nazarenko dot net
Tried php5-200508021630 CVS snapshot.

https works:
./configure --disable-all --disable-cgi --with-openssl --with-curl

https does not work:
./configure --disable-all --disable-cgi --with-openssl --with-curl --with-curlwrappers

My machine is x64 Linux (SuSE 9.3)
OpenSSL libraries: openssl-devel-0.9.7e-3
CURL libraries: curl-devel-7.13.0-5
 [2005-08-06 03:00 UTC] sniper@php.net
I'm using these libs:

openssl 0.9.7f
curl 7.13.1

So try upgrade those. (you do have the 64bit versions of those installed?)


 [2005-08-06 20:06 UTC] wez@php.net
Make sure you have allow_url_fopen turned on in your php.ini file and that you can see https listed on your phpinfo() output.
 [2005-11-09 23:59 UTC] subscription at nazarenko dot net
If you mean 'you do have the 64bit versions of those
installed?' question, the answer is: Yes, I do. Here is the output of rpm commands:

rpm -q --provides openssl-0.9.7g-2.2
ssl
libcrypto.so.0.9.7()(64bit)
libssl.so.0.9.7()(64bit)
openssl = 0.9.7g-2.2

rpm -q --provides curl-7.14.0-2.2
curl_ssl
libcurl.so.3()(64bit)
curl = 7.14.0-2.2

Also, my 'allow_url_fopen' is On (otherwise no test case would work)

I have to stress this fact: absolutely nothing has been changed between the two tests, no php.ini settings, no libraries installed, no system variables, etc. except the "--with-curlwrappers" directive. In once case https works in the other one it does not.
 [2005-11-10 00:15 UTC] subscription at nazarenko dot net
Here is the result after compiling with --with-curlwrappers:

/install/php5-200511091730/sapi/cli/php -i | grep Registered

Registered PHP Streams => php, file, ftp, gopher, telnet, dict, ldap, http, https, ftps

Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv3, sslv2, tls

Registered Stream Filters => string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*

/install/php5-200511091730/sapi/cli/php -i | grep fopen

allow_url_fopen => On => On
 [2006-01-13 18:32 UTC] subscription at nazarenko dot net
Tried the 200601131530 snapshot.
OpenSSL libs: 0.9.7g
Curl libs: 7.14.0

Same result.
HTTPS works only when --with-curlwrappers is not used.
 [2006-04-10 12:00 UTC] sniper@php.net
See also bug #36882

 [2006-08-24 15:28 UTC] tony2001@php.net
Disabling CURLOPT_SSL_VERIFYPEER & CURLOPT_SSL_VERIFYHOST with the patch below fixes it.
I believe installing a CA certificate would fix it too.

Index: ext/curl/streams.c
===================================================================
RCS file: /repository/php-src/ext/curl/streams.c,v
retrieving revision 1.14.2.2.2.5
diff -u -p -d -r1.14.2.2.2.5 streams.c
--- ext/curl/streams.c  10 Aug 2006 15:02:41 -0000      1.14.2.2.2.5
+++ ext/curl/streams.c  24 Aug 2006 15:26:40 -0000
@@ -291,6 +291,8 @@ php_stream *php_curl_stream_opener(php_s

        curl_easy_setopt(curlstream->curl, CURLOPT_ERRORBUFFER, curlstream->errstr);
        curl_easy_setopt(curlstream->curl, CURLOPT_VERBOSE, 0);
+       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 0);
+       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 0);

        /* enable progress notification */
        curl_easy_setopt(curlstream->curl, CURLOPT_PROGRESSFUNCTION, on_progress_avail);
 [2006-08-30 17:49 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 [2011-06-02 22:47 UTC] galaxy4public+php at gmail dot com
The bug is still here.  I've reproduced it with PHP 5.2.17 which was built with 
the following options:

System => Linux he251.vps.webenabled.net 2.6.18-238.5.1.el5.028stab085.2.owl2 #1 
SMP Sat Mar 12 19:50:32 MSK 2011 i686
Build Date => Apr 25 2011 08:06:28
Configure Command =>  './configure'  '--host=i686-openwall-linux-gnu'
'--build=i686-openwall-linux-gnu'
'--target=i686-openwall-linux'
'--program-prefix='
'--prefix=/opt/php/5.2.17-owlx0'
'--exec-prefix=/opt/php/5.2.17-owlx0'
'--bindir=/opt/php/5.2.17-owlx0/bin'
'--sbindir=/opt/php/5.2.17-owlx0/sbin'
'--sysconfdir=/opt/php/5.2.17-owlx0/etc'
'--datadir=/opt/php/5.2.17-owlx0/share'
'--includedir=/opt/php/5.2.17-owlx0/include'
'--libdir=/opt/php/5.2.17-owlx0/lib'
'--libexecdir=/opt/php/5.2.17-owlx0/libexec'
'--localstatedir=/opt/php/5.2.17-owlx0/var'
'--sharedstatedir=/opt/php/5.2.17-owlx0/com'
'--mandir=/opt/php/5.2.17-owlx0/man'
'--infodir=/opt/php/5.2.17-owlx0/info'
'--with-layout=GNU'
'--with-config-file-path=/opt/php/5.2.17-owlx0/etc'
'--with-config-file-scan-dir=/opt/php/5.2.17-owlx0/etc/php.d'
'--disable-rpath'
'--with-libdir=lib'
'--disable-debug'
'--enable-shared'
'--enable-static'
'--disable-all'
'--enable-short-tags'
'--enable-cgi'
'--disable-force-cgi-redirect'
'--enable-fastcgi'
'--enable-cli'
'--with-pear=/opt/php/pear'
'--enable-discard-path'
'--enable-magic-quotes'
'--enable-calendar=shared'
'--enable-ctype=shared'
'--enable-date'
'--enable-dba=shared'
'--with-gdbm'
'--with-db4'
'--with-cdb'
'--with-inifile'
'--with-flatfile'
'--enable-dbase=shared'
'--enable-dom=shared'
'--enable-exif=shared'
'--enable-filter=shared'
'--enable-ftp=shared'
'--enable-hash=shared'
'--enable-json=shared'
'--enable-mbstring=shared'
'--enable-mbregex'
'--enable-pcntl=shared'
'--enable-pdo=shared'
'--with-pdo-mysql=shared,/opt/mysql/current'
'--with-pdo-pgsql=shared,/opt/postgresql/current'
'--with-pdo-sqlite=shared,/opt/sqlite/current'
'--with-pgsql=shared,/opt/postgresql/current'
'--enable-posix=shared'
'--enable-session=shared'
'--enable-shmop=shared'
'--enable-soap=shared'
'--enable-sockets=shared'
'--enable-spl'
'--enable-simplexml'
'--enable-suhosin=shared'
'--enable-sysvmsg=shared'
'--enable-sysvsem=shared'
'--enable-sysvshm=shared'
'--enable-tokenizer=shared'
'--enable-wddx=shared'
'--enable-xml=shared,/opt/libxml2/current'
'--enable-xmlreader=shared'
'--enable-xmlwriter=shared'
'--enable-libxml=yes,shared'
'--with-libxml-dir=/opt/libxml2/current'
'--enable-memory-limit'
'--enable-zend-multibyte'
'--with-xsl=shared,/opt/libxslt/current'
'--with-openssl=shared'
'--with-zlib=shared'
'--enable-zip=shared'
'--with-bz2=shared'
'--with-curl=shared,/opt/curl/current'
'--with-curlwrappers'
'--with-gd=shared'
'--with-jpeg-dir=/opt/libjpeg/current'
'--with-png-dir=/opt/libpng/current'
'--enable-gd-native-ttf'
'--enable-gd-jis-conv'
'--with-freetype-dir=/opt/libfreetype/current'
'--with-gettext=shared'
'--with-mssql=shared,/opt/freetds/current'
'--with-mysql=shared,/opt/mysql/current'
'--with-mysqli=shared,/opt/mysql/current/bin/mysql_config'
'--with-iconv=shared'
'--with-imap=shared,/opt/libc-client/current'
'--with-imap-ssl'
'--with-mcrypt=shared,/opt/libmcrypt/current'
'--with-mhash=shared,/opt/libmhash/current'
'--with-mime-magic=shared,/opt/httpd/config/magic'
'--with-ncurses=shared'
'--with-readline=shared'
'--with-pcre-regex'
'--disable-ipv6'


if the curl.so extension is not loaded get_file_contents() works with https, 
if curl.so is loaded the function returns an empty string.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 24 02:02:10 2014 UTC