|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #46127 [PATCH] php_openssl_tcp_sockop_accept forgets to set context on accepted stream
Submitted: 2008-09-19 15:50 UTC Modified: 2008-11-16 23:23 UTC
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: mark at hell dot ne dot jp Assigned: pajoye
Status: Closed Package: OpenSSL related
PHP Version: 5.3CVS-2008-11-11 OS: *
Private report: No CVE-ID:
 [2008-09-19 15:50 UTC] mark at hell dot ne dot jp
A SSL socket created with stream_socket_server() isn't able to accept any connection. It returns an SSL_R_NO_SHARED_CIPHER error, as if the context wasn't passed from the listener socket to the created socket in stream_socket_accept()

This is causing me some problems as I'm writing an application which needs SSL sockets.

Reproduce code:

Expected result:
Running on 5.2.6-pl6-gentoo
Linux 2.6.25-gentoo-r1-tux #1 SMP Sat Apr 19 21:17:22 CEST 2008 x86_64

Actual result:
Running on 5.3.0alpha2

Warning: stream_socket_accept(): SSL_R_NO_SHARED_CIPHER: no suitable shared cipher could be used.  This could be because the server is missing an SSL certificate (local_cert context option) in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 14

Warning: stream_socket_accept(): Failed to enable crypto in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 14

Warning: stream_socket_accept(): accept failed: Success in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 14

Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:14077410:SSL routines:func(119):reason(1040) in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 38

Warning: fsockopen(): Failed to enable crypto in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 38

Warning: fsockopen(): unable to connect to ssl:// (Unknown error) in /home/magicaltux/projects/snip/ssl_test/ssl_test.php on line 38


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2008-09-21 09:05 UTC] mark at hell dot ne dot jp
This bug is fixed by the following patch. I found this out while reading the code and comparing the OpenSSL and non-OpenSSL versions of the connection accept process.

This one-line-patch shouldn't require that much testing, and fixes this problem.

NB: Even if the reference to the context wasn't done, the context's refcount was increased, causing a minor memoryleak if on a ssl server stream, at least one connection was attempted (and failed).

 [2008-11-16 23:23 UTC]
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
Thank you for the report, and for helping us make PHP better.

Fixed in 5.3, head, test added.
PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Tue Oct 13 08:01:52 2015 UTC