|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33770 https:// or ftps:// do not work when --with-curlwrappers is used
Submitted: 2005-07-19 14:35 UTC Modified: 2006-08-30 17:49 UTC
Avg. Score:4.4 ± 0.8
Reproduced:4 of 4 (100.0%)
Same Version:1 (25.0%)
Same OS:2 (50.0%)
From: subscription at nazarenko dot net Assigned: iliaa
Status: Closed Package: cURL related
PHP Version: 5CVS-2006-06-26 (snap) OS: Linux OpenSUSE 10.1
Private report: No CVE-ID:
 [2005-07-19 14:35 UTC] subscription at nazarenko dot net
I have 64bit SuSE 9.3 and try to use file() function to read a webpage via http/https.

The http protocol is ok, however https returns empty result without any errors/notices (E_ALL is on).

I have compiled in OpenSSL support (OpenSSL is v0.9.7e).

I have another machine with 32bit Linux on it in the same network, I have compiled PHP with similar settings and https works fine on it.

Reproduce code:
Using the following configure:

./configure --with-snmp --enable-cli --with-curl \
-disable-dom --prefix=/usr --disable-cgi \
--disable-spl --disable-xml --without-pear \
--disable-ipv6 --enable-shmop --enable-pcntl \
--without-iconv --disable-ctype --disable-libxml \
--enable-sysvsem --enable-sysvshm --enable-sockets \
--without-sqlite --disable-session --enable-sigchild \
--disable-simplexml --disable-tokenizer \
--with-curlwrappers --enable-memory-limit \
--enable-discard-path --program-suffix=-net \
--enable-ucd-snmp-hack --with-config-file-path=/etc \


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-07-19 21:23 UTC]
subscription at nazarenko dot net:
"Tried the latest snapshot as advised. Same effect as before, the problem persists.

Test script:
<?php var_dump(file("https://host2/")); ?>

Both "host1" and "host2" are on the same subnet. "

(do NOT add any huge outputs of anything unless asked for!)
 [2005-07-19 21:32 UTC]
Works fine for me under FC4 x86_64smp. 
Try with this configure line:

./configure --disable-all --disable-cgi --with-openssl

And use sapi/cli/php to run your script.

 [2005-07-20 00:48 UTC] subscription at nazarenko dot net
Thank you for a speedy response.
Indeed, with the minimal configure, it started working again.
After 1 hour of mixing and matching the modules I found the culprit.

It is: curl-7.13.0 libraries compiled in with the following parameters:

--with-curl --with-curlwrappers

Actually, without "--with-curlwrappers" it works fine. Tested both for 5.0.4 and 5CVS
 [2005-08-02 07:57 UTC]
I can't reproduce this, with having both of those configure options enabled the same time. Please try latest CVS snapshot.
 [2005-08-02 19:33 UTC] subscription at nazarenko dot net
Tried php5-200508021630 CVS snapshot.

https works:
./configure --disable-all --disable-cgi --with-openssl --with-curl

https does not work:
./configure --disable-all --disable-cgi --with-openssl --with-curl --with-curlwrappers

My machine is x64 Linux (SuSE 9.3)
OpenSSL libraries: openssl-devel-0.9.7e-3
CURL libraries: curl-devel-7.13.0-5
 [2005-08-06 03:00 UTC]
I'm using these libs:

openssl 0.9.7f
curl 7.13.1

So try upgrade those. (you do have the 64bit versions of those installed?)

 [2005-08-06 20:06 UTC]
Make sure you have allow_url_fopen turned on in your php.ini file and that you can see https listed on your phpinfo() output.
 [2005-11-09 23:59 UTC] subscription at nazarenko dot net
If you mean 'you do have the 64bit versions of those
installed?' question, the answer is: Yes, I do. Here is the output of rpm commands:

rpm -q --provides openssl-0.9.7g-2.2
openssl = 0.9.7g-2.2

rpm -q --provides curl-7.14.0-2.2
curl = 7.14.0-2.2

Also, my 'allow_url_fopen' is On (otherwise no test case would work)

I have to stress this fact: absolutely nothing has been changed between the two tests, no php.ini settings, no libraries installed, no system variables, etc. except the "--with-curlwrappers" directive. In once case https works in the other one it does not.
 [2005-11-10 00:15 UTC] subscription at nazarenko dot net
Here is the result after compiling with --with-curlwrappers:

/install/php5-200511091730/sapi/cli/php -i | grep Registered

Registered PHP Streams => php, file, ftp, gopher, telnet, dict, ldap, http, https, ftps

Registered Stream Socket Transports => tcp, udp, unix, udg, ssl, sslv3, sslv2, tls

Registered Stream Filters => string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*

/install/php5-200511091730/sapi/cli/php -i | grep fopen

allow_url_fopen => On => On
 [2006-01-13 18:32 UTC] subscription at nazarenko dot net
Tried the 200601131530 snapshot.
OpenSSL libs: 0.9.7g
Curl libs: 7.14.0

Same result.
HTTPS works only when --with-curlwrappers is not used.
 [2006-04-10 12:00 UTC]
See also bug #36882

 [2006-08-24 15:28 UTC]
Disabling CURLOPT_SSL_VERIFYPEER & CURLOPT_SSL_VERIFYHOST with the patch below fixes it.
I believe installing a CA certificate would fix it too.

Index: ext/curl/streams.c
RCS file: /repository/php-src/ext/curl/streams.c,v
retrieving revision
diff -u -p -d -r1. streams.c
--- ext/curl/streams.c  10 Aug 2006 15:02:41 -0000
+++ ext/curl/streams.c  24 Aug 2006 15:26:40 -0000
@@ -291,6 +291,8 @@ php_stream *php_curl_stream_opener(php_s

        curl_easy_setopt(curlstream->curl, CURLOPT_ERRORBUFFER, curlstream->errstr);
        curl_easy_setopt(curlstream->curl, CURLOPT_VERBOSE, 0);
+       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYPEER, 0);
+       curl_easy_setopt(curlstream->curl, CURLOPT_SSL_VERIFYHOST, 0);

        /* enable progress notification */
        curl_easy_setopt(curlstream->curl, CURLOPT_PROGRESSFUNCTION, on_progress_avail);
 [2006-08-30 17:49 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

 [2011-06-02 22:47 UTC] galaxy4public+php at gmail dot com
The bug is still here.  I've reproduced it with PHP 5.2.17 which was built with 
the following options:

System => Linux 2.6.18-238.5.1.el5.028stab085.2.owl2 #1 
SMP Sat Mar 12 19:50:32 MSK 2011 i686
Build Date => Apr 25 2011 08:06:28
Configure Command =>  './configure'  '--host=i686-openwall-linux-gnu'

if the extension is not loaded get_file_contents() works with https, 
if is loaded the function returns an empty string.
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Sun Oct 04 23:01:29 2015 UTC