php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #54511 Failure in socket open to some SSL server
Submitted: 2011-04-12 09:51 UTC Modified: -
Votes:17
Avg. Score:4.1 ± 1.1
Reproduced:13 of 15 (86.7%)
Same Version:2 (15.4%)
Same OS:3 (23.1%)
From: dbpalan at hotmail dot com Assigned:
Status: Open Package: OpenSSL related
PHP Version: 5.3.6 OS: Debian Squeeze
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: dbpalan at hotmail dot com
New email:
PHP Version: OS:

 

 [2011-04-12 09:51 UTC] dbpalan at hotmail dot com
Description:
------------
fsockopen() connect to a server always failed.  After some tests it is confirmed due to a bug in a SSL function call which only occur in new version:

5.2.6  - passed
5.2.17 - passed
5.3.0  - passed
5.3.1  - passed
5.3.2  - failed
5.3.3  - failed
5.3.6  - failed

The bug was introduced from svn revision #291493 "merge from trunk: openssl sni support" from the function call to SSL_set_tlsext_host_name(sslsock->ssl_handle, sslsock->sni).

If I remark this function, everything works fine.

I have no further idea what is this function do, and what side effect without this function.  Please advice and hope a fix would be available.  Thank you.


Test script:
---------------
<?
$fp = fsockopen("ssl://smtpb.scig.gov.hk", 465, $errno, $errstr, 30);
if (!$fp) {
    echo "fail: $errstr ($errno)\n";
} else {
    echo "success";
}
?>


Expected result:
----------------
$fp is a non-zero handle, the screen will show "success"

Actual result:
--------------
$fp is EMPTY, the screen will show:

Warning: fsockopen() [function.fsockopen]: SSL operation failed with code 1. OpenSSL Error messages: error:14094417:SSL routines:func(148):reason(1047) in /www/test.php on line 2

Warning: fsockopen() [function.fsockopen]: Failed to enable crypto in /www/test.php on line 2

Warning: fsockopen() [function.fsockopen]: unable to connect to ssl://smtpb.scig.gov.hk:465 (Unknown error) in /www/test.php on line 2

fail: 0

Patches

php5_5.3.4-fsockopen.patch (last revision 2013-06-17 08:36 UTC by dbpalan at hotmail dot com)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-04-12 10:04 UTC] dbpalan at hotmail dot com
1. The function call is located in ext/openssl/xp_ssl.c

2. A workaround is replace the line fsockopen() with:

    $context = stream_context_create(array(
        'ssl' => array('SNI_server_name' => 'smtpb.scig.gov.hk'),
    ));
    $fp = stream_socket_client("tcp://smtpb.scig.gov.hk:465", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context);
 [2012-07-12 07:22 UTC] alexwichti at googlemail dot com
Bug still exists in 5.4.3.
Workaround by dbpalan works though, thanks!
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Wed Dec 12 08:01:25 2018 UTC