|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #41236 regression with SSL connections since fix for #39571
Submitted: 2007-04-30 07:20 UTC Modified: 2007-05-27 17:05 UTC
Avg. Score:5.0 ± 0.0
Reproduced:2 of 2 (100.0%)
Same Version:2 (100.0%)
Same OS:1 (50.0%)
From: judas dot iscariote at gmail dot com Assigned: iliaa (profile)
Status: Closed Package: Streams related
PHP Version: 5CVS-2007-04-30 (CVS) OS: linux 32/64bit, Win32
Private report: No CVE-ID: None
 [2007-04-30 07:20 UTC] judas dot iscariote at gmail dot com
Since PHP 5.2.1, our application that has jabber stopped working.all previuos PHP version works fine, this regression is caused by the fix for bug  #39571,reverting xp_ssl.c to the version shipped with 5.2.0 solves the problem.

Reproduce code:
./configure --with-openssl 



$j = fsockopen('ssl://', 5223,  $errorno, $errorstr, 10);

socket_set_blocking($j, 0);
socket_set_timeout($j, 5);

fwrite($j,"<?xml version='1.0' encoding='UTF-8' ?>");
fwrite($j, "<stream:stream to='' xmlns='jabber:client' xmlns:stream='' version='1.0'>");

$data = '';
// Wait for a response until timeout is reached
$start = time();
$data = '';
$timeout = 10;
$wait = false;

do {
    $read = trim(fread($j, 4096));
    $data .= $read;

// ok.. this check aint part of the original code
// that breaks,but check if we timed out of reached eof..anyway..
$foo = stream_get_meta_data($j);
if(feof($j) || $foo['timed_out'] || $foo['eof']) break;

// yeah, we know aint nice, but works in **any** other PHP version.
} while (time() <= $start + $timeout && ($wait || $data == '' || $read != '' || (substr(rtrim($data), -1) != '>')));




Expected result:
response from the server var_dump'ed as in (all) previous versions

Actual result:
Fatal error: Maximum execution time of **30** seconds xdebug session reveals that the script hang, in a **single** fread() call

an strace shows something hangs permanently with EAGAIN signal.. (probably the loop in xp_ssl.c from line 398 to 410), note that checking if has reached EOF or if the stream times out does not help either.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2007-05-09 23:15 UTC]
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit as this bug system is not the
appropriate forum for asking support questions.  Due to the volume
of reports we can not explain in detail here why your report is not
a bug.  The support channels will be able to provide an explanation
for you.

Thank you for your interest in PHP.

The thing is that the original SSL code was working in an identical 

Adding var_dump() shows that the return value of the 
stream_get_meta_data() or feof() did not change.
 [2007-05-10 01:08 UTC] judas dot iscariote at gmail dot com
Ilia sorry, but I dont see why this bug is bogus..

1. there is no way to determine if the stream has gone away, nor it if is has timeout (socket starts with a 10sec timeout and then I set socket_set_timeout($j, 5).. but it loops forever..

2. and if is bogus.. why this code works in every single other PHP version ? it broke only in 5.2.1 !!

did you actually read and try the code above ? :?
 [2007-05-27 17:05 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sat Mar 23 12:01:27 2019 UTC