php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #42387 Streams layer has no error notification facility
Submitted: 2007-08-22 18:34 UTC Modified: 2011-04-08 21:38 UTC
Votes:2
Avg. Score:4.0 ± 1.0
Reproduced:1 of 2 (50.0%)
Same Version:0 (0.0%)
Same OS:1 (100.0%)
From: chad at herballure dot com Assigned:
Status: Open Package: Streams related
PHP Version: 5.2.4RC2 OS: Linux
Private report: No CVE-ID: None
 [2007-08-22 18:34 UTC] chad at herballure dot com
Description:
------------
The streams API doesn't appear to actually call the error callback. This is definitely true if the connection fails, or if the expected hostname doesn't match the SSL certificate. In the latter case, there is no reliable way of detecting the error.

The reproduce code is a cut-down version of a test script being run through the CLI, while I figure out the streams API. I get the same behavior from 5.2.3 and 5.2.4RC2.

Reproduce code:
---------------
<?php

$HOST_NAME = 'secureservicesonline.com';
$CA_DIR = '/etc/ssl/certs'; // change this if needed

function stream_err() {
  $args = func_get_args();
  echo("[stream_err, args=");
  print_r($args); // which are undocumented, btw
  echo("]\n");
}

$ctx = stream_context_create(array('ssl'=>array('verify_peer' => true, 'CN_match' => "$HOST_NAME.invalid", 'capath'=>$CA_DIR)));
$ret = stream_context_set_params($ctx, array('notification'=>'stream_err'));

var_dump($ret);

$errno = $errstr = null;
$fp = stream_socket_client("ssl://$HOST_NAME:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $ctx);

var_dump($errno);
var_dump($errstr);

if( $fp !== false ) {
  fclose($fp);
}

?>

Expected result:
----------------
[stream_err, args=Array ( ...... )]

Actual result:
--------------
PHP Warning:  stream_socket_client(): Peer certificate CN=`secureservicesonline.com' did not match expected CN=`secureservicesonline.com.invalid' in /.../https_client.php on line 52

Warning: stream_socket_client(): Peer certificate CN=`secureservicesonline.com' did not match expected CN=`secureservicesonline.com.invalid' in /.../https_client.php on line 52


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-08-23 10:27 UTC] jani@php.net
It's not an error callback, it's notification callback.
Try this and you'll see what it actually does:

<?php

function stream_err()
{
  $args = func_get_args();
  var_dump($args);
}

$ctx = stream_context_create(array('http'=>array('method'=>"GET",'header'=>"Accept-language: en\r\nCookie: foo=bar\r\n")));
$ret = stream_context_set_params($ctx, array('notification'=>'stream_err'));
$fp = fopen('http://www.example.com', 'r', false, $ctx);

?>

The streams documentation really needs some loving care.. :)
 [2007-09-18 12:58 UTC] chad at herballure dot com
In that case, there needs to be a way to get errors from the streams layer in userspace. I need to _handle errors_, and the documentation is irrelevant if the capability is lacking.

(The only alternative I see is using an error_handler to parse the warning string, which is easily broken by locale or strings changes. I quit using streams and switched to cURL as a workaround, although I'd really prefer streams.)

Updating summary/category to reflect the problem I'd like to see fixed.
 [2011-04-08 21:38 UTC] jani@php.net
-Package: Feature/Change Request +Package: Streams related
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Nov 23 10:01:28 2024 UTC