|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #54511 Failure in socket open to some SSL server
Submitted: 2011-04-12 09:51 UTC Modified: 2021-06-25 16:41 UTC
Avg. Score:4.1 ± 1.1
Reproduced:15 of 17 (88.2%)
Same Version:2 (13.3%)
Same OS:3 (20.0%)
From: dbpalan at hotmail dot com Assigned: cmb (profile)
Status: Not a bug Package: OpenSSL related
PHP Version: 5.3.6 OS: Debian Squeeze
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: dbpalan at hotmail dot com
New email:
PHP Version: OS:


 [2011-04-12 09:51 UTC] dbpalan at hotmail dot com
fsockopen() connect to a server always failed.  After some tests it is confirmed due to a bug in a SSL function call which only occur in new version:

5.2.6  - passed
5.2.17 - passed
5.3.0  - passed
5.3.1  - passed
5.3.2  - failed
5.3.3  - failed
5.3.6  - failed

The bug was introduced from svn revision #291493 "merge from trunk: openssl sni support" from the function call to SSL_set_tlsext_host_name(sslsock->ssl_handle, sslsock->sni).

If I remark this function, everything works fine.

I have no further idea what is this function do, and what side effect without this function.  Please advice and hope a fix would be available.  Thank you.

Test script:
$fp = fsockopen("ssl://", 465, $errno, $errstr, 30);
if (!$fp) {
    echo "fail: $errstr ($errno)\n";
} else {
    echo "success";

Expected result:
$fp is a non-zero handle, the screen will show "success"

Actual result:
$fp is EMPTY, the screen will show:

Warning: fsockopen() [function.fsockopen]: SSL operation failed with code 1. OpenSSL Error messages: error:14094417:SSL routines:func(148):reason(1047) in /www/test.php on line 2

Warning: fsockopen() [function.fsockopen]: Failed to enable crypto in /www/test.php on line 2

Warning: fsockopen() [function.fsockopen]: unable to connect to ssl:// (Unknown error) in /www/test.php on line 2

fail: 0


?''?"" (last revision 2021-04-14 02:14 UTC by sample at email dot tst)
php5_5.3.4-fsockopen.patch (last revision 2013-06-17 08:36 UTC by dbpalan at hotmail dot com)

Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2011-04-12 10:04 UTC] dbpalan at hotmail dot com
1. The function call is located in ext/openssl/xp_ssl.c

2. A workaround is replace the line fsockopen() with:

    $context = stream_context_create(array(
        'ssl' => array('SNI_server_name' => ''),
    $fp = stream_socket_client("tcp://", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context);
 [2012-07-12 07:22 UTC] alexwichti at googlemail dot com
Bug still exists in 5.4.3.
Workaround by dbpalan works though, thanks!
 [2021-06-25 16:41 UTC]
-Status: Open +Status: Not a bug -Assigned To: +Assigned To: cmb
 [2021-06-25 16:41 UTC]
What you're calling workaround is actually the solution.
Obviously, that server (which appears to be no longer available)
required SNI[1].  To enable that as of PHP 7.0.0:

    $context = stream_context_create([
        'ssl' => [
            'SNI_enabled' => true,
            'peer_name' => ''

[1] <>
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Mon Jul 04 22:05:44 2022 UTC