|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #50489 SoapClient + HTTPs + Proxy = SSL errors
Submitted: 2009-12-16 10:21 UTC Modified: 2012-11-29 12:12 UTC
Avg. Score:4.9 ± 0.3
Reproduced:25 of 25 (100.0%)
Same Version:12 (48.0%)
Same OS:24 (96.0%)
From: serbanghita at gmail dot com Assigned: dmitry (profile)
Status: Closed Package: Streams related
PHP Version: 5.2.11 OS: Linux, Windows
Private report: No CVE-ID: None
 [2009-12-16 10:21 UTC] serbanghita at gmail dot com
Apache 2.x
PHP 5.2.11

'./configure' '--prefix=/usr/lib/php5' '--host=i686-pc-linux-gnu' '--mandir=/usr/lib/php5/man' '--infodir=/usr/lib/php5/info' '--sysconfdir=/etc' '--cache-file=./config.cache' '--with-pcre-regex=/usr' '--disable-cli' '--with-apxs2=/usr/sbin/apxs2' '--with-config-file-path=/etc/php/apache2-php5' '--with-config-file-scan-dir=/etc/php/apache2-php5/ext-active' '--without-pear' '--disable-bcmath' '--with-bz2' '--disable-calendar' '--with-curl' '--without-curlwrappers' '--disable-dbase' '--enable-exif' '--without-fbsql' '--without-fdftk' '--disable-filter' '--enable-ftp' '--with-gettext' '--without-gmp' '--disable-ipv6' '--without-kerberos' '--enable-mbstring' '--with-mcrypt' '--with-mhash' '--without-msql' '--without-mssql' '--with-ncurses' '--with-openssl' '--with-openssl-dir=/usr' '--enable-pcntl' '--without-pgsql' '--without-pspell' '--without-recode' '--disable-shmop' '--without-snmp' '--enable-soap' '--enable-sockets' '--without-sybase' '--without-sybase-ct' '--disable-sysvmsg' '--disable-sysvsem' '--disable-sysvshm' '--without-tidy' '--disable-wddx' '--disable-xmlreader' '--disable-xmlwriter' '--with-xmlrpc' '--without-xsl' '--enable-zip' '--with-zlib' '--disable-debug' '--enable-dba' '--without-cdb' '--with-db4' '--disable-flatfile' '--with-gdbm' '--disable-inifile' '--without-qdbm' '--with-freetype-dir=/usr' '--with-t1lib=/usr' '--disable-gd-jis-conv' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--without-xpm-dir' '--with-gd' '--with-imap' '--with-imap-ssl' '--with-ldap' '--without-ldap-sasl' '--with-mysql=/usr' '--with-mysql-sock=/var/run/mysqld/mysqld.sock' '--with-mysqli=/usr/bin/mysql_config' '--without-pdo-dblib' '--with-pdo-mysql=/usr' '--without-pdo-odbc' '--without-pdo-pgsql' '--without-pdo-sqlite' '--with-readline' '--without-libedit' '--without-mm' '--without-sqlite'

Reproduce code:
$SoapClient = new SoapClient(
					'location' 			=> $soap_url_,
					'cache_wsdl' 		=> WSDL_CACHE_NONE,
					'user_agent'		=> __FUNCTION__,
					'trace'				=> 1,
					'exceptions' 		=> 1,
					'allow_self_signed' => 1,
					'proxy_host' 		=> $proxy_host,
					'proxy_login'    	=> $proxy_user,
					'proxy_password' 	=> $proxy_pass,
					'proxy_port' 		=> (int)$proxy_port

Expected result:
I expect everything to go smooth and fetch the WSDL file contents. I tested the proxy manually on the https wsdl resource and it works.

Actual result:
Warning: SoapClient::SoapClient() [soapclient.soapclient]: SSL operation failed with code 1. OpenSSL Error messages: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol in /var/www/vhosts/site/connect-soap.php on line 138

Warning: SoapClient::SoapClient( [soapclient.soapclient]: failed to open stream: Cannot connect to HTTPS server through proxy in /var/www/vhosts/site/connect-soap.php on line 138

Warning: SoapClient::SoapClient() [soapclient.soapclient]: I/O warning : failed to load external entity "" in /var/www/vhosts/site/connect-soap.php on line 138


php-5.3.3_fopen_https_proxy_auth_fix (last revision 2010-11-22 10:45 UTC by bruno dot premont at restena dot lu)

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2010-04-25 17:56 UTC] hello at gmail dot com
The proxy's creditentials set through SoapClient options are ignored when the underlying target is HTTPS, and then the proxy reply with a 407 error code.
 [2010-08-13 11:01 UTC] bruno dot premont at restena dot lu
It looks like php_stream_url_wrap_http_ex() from ext/standard/http_fopen_wrapper.c
should pick the proxy-authentication header and send it with CONNECT method for
proxy authentication to work with SOAP WSDL fetching (and at same time probably fixing quite a few other bugs)
 [2010-11-22 11:51 UTC] bruno dot premont at restena dot lu
This bug also applies to php-5.3.3 for which my patch
php-5.3.3_fopen_https_proxy_auth_fix does the trick.
 [2010-12-20 12:06 UTC]
-Package: Tidy +Package: Streams related
 [2012-02-14 15:13 UTC]
-Status: Open +Status: Assigned -Assigned To: +Assigned To: dmitry
 [2012-02-14 16:03 UTC] serbanghita at gmail dot com
Are we going to see this fix live in both 5.2.x and 5.3.x?

 [2012-02-14 16:03 UTC] serbanghita at gmail dot com
-: +: serbanghita at gmail dot com
 [2012-11-29 12:12 UTC]
-Status: Assigned +Status: Closed
 [2012-11-29 12:12 UTC]
The bug must be fixed in php-5.3.6 and above.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Jul 22 23:01:29 2024 UTC