php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #46127 [PATCH] php_openssl_tcp_sockop_accept forgets to set context on accepted stream
Submitted: 2008-09-19 15:50 UTC Modified: 2008-11-16 23:23 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: mark at hell dot ne dot jp Assigned: pajoye
Status: Closed Package: OpenSSL related
PHP Version: 5.3CVS-2008-11-11 OS: *
Private report: No CVE-ID:
 [2008-09-19 15:50 UTC] mark at hell dot ne dot jp
Description:
------------
A SSL socket created with stream_socket_server() isn't able to accept any connection. It returns an SSL_R_NO_SHARED_CIPHER error, as if the context wasn't passed from the listener socket to the created socket in stream_socket_accept()

This is causing me some problems as I'm writing an application which needs SSL sockets.

Reproduce code:
---------------
http://ookoo.org/svn/snip/ssl_test/ssl_test.php

Expected result:
----------------
Running on 5.2.6-pl6-gentoo
Linux Memol.ooKoo.org 2.6.25-gentoo-r1-tux #1 SMP Sat Apr 19 21:17:22 CEST 2008 x86_64

Actual result:
--------------
Running on 5.3.0alpha2

Warning: stream_socket_accept(): SSL_R_NO_SHARED_CIPHER: no suitable shared cipher could be used.  This could be because the server is missing an SSL certificate (local_cert context option) in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 14

Warning: stream_socket_accept(): Failed to enable crypto in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 14

Warning: stream_socket_accept(): accept failed: Success in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 14

Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:14077410:SSL routines:func(119):reason(1040) in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 38

Warning: fsockopen(): Failed to enable crypto in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 38

Warning: fsockopen(): unable to connect to ssl://127.0.0.1:21673 (Unknown error) in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 38

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-09-21 09:05 UTC] mark at hell dot ne dot jp
This bug is fixed by the following patch. I found this out while reading the code and comparing the OpenSSL and non-OpenSSL versions of the connection accept process.

This one-line-patch shouldn't require that much testing, and fixes this problem.

NB: Even if the reference to the context wasn't done, the context's refcount was increased, causing a minor memoryleak if on a ssl server stream, at least one connection was attempted (and failed).

Fix:

http://ookoo.org/svn/snip/ssl_test/ssl_fix_5.3.0alpha2.diff
 [2008-11-16 23:23 UTC] pajoye@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Fixed in 5.3, head, test added.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Wed Apr 16 10:02:09 2014 UTC