PHP :: Bug #55236 :: Can't open a connection via TLS

Bug #55236

Can't open a connection via TLS

Submitted:

2011-07-19 04:49 UTC

Modified:

2021-06-28 13:10 UTC

Votes:	22
Avg. Score:	4.6 ± 0.7
Reproduced:	18 of 18 (100.0%)
Same Version:	10 (55.6%)
Same OS:	9 (50.0%)

From:

mark_lanthaler at gmx dot net

Assigned:

cmb (profile)

Status:

Not a bug

Package:

OpenSSL related

PHP Version:

5.3.6

OS:

Ubuntu

Private report:

CVE-ID:

None

View Developer Edit

[2011-07-19 04:49 UTC] mark_lanthaler at gmx dot net

Description:
------------
When opening a socket to smtp.live.com with TLS via 

$fp = fsockopen("tls://smtp.live.com", 587, $errno, $errstr, 3);


It's neither a problem to establish a SSL connection via PHP or to connect to smtp.live.com via openssl at the command line:

openssl s_client -starttls smtp -connect smtp.live.com:587


Test script:
---------------
$fp = fsockopen("tls://smtp.live.com", 587, $errno, $errstr, 3);
if (!$fp) {
    echo "$errstr ($errno)";
}

Expected result:
----------------
A connection being established.

Actual result:
--------------
PHP Warning:  fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:1408F10B:SSL routines:func(143):reason(267) in /var/www/test.php on line 4
PHP Warning:  fsockopen(): Failed to enable crypto in /var/www/test.php on line 4
PHP Warning:  fsockopen(): unable to connect to tls://smtp.live.com:587 (Unknown error) in /var/www/test.php on line 4


Reason 267 is according to ssl.h "SSL_R_WRONG_VERSION_NUMBER". Thus I suspect that's the same issue as in bug #29296.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-11-16 00:08 UTC] felipe@php.net

-Summary: Ubuntu 11.04 +Summary: Can't open a connection via TLS

[2014-02-20 22:15 UTC] rdlowrey@php.net

-Status: Open +Status: Verified

[2016-03-03 16:15 UTC] ar dot dev at ange7 dot com

I have the same problem with PHP 5.6.17+dfsg-0+deb8u1 on debian jessie 

can't open fsockopen('tls://domain.tld', 587);

-- my script --

<?php

$fp = fsockopen("tls://devnco.fr", 587);
var_dump($fp);

?>

-- actual result --
PHP Warning:  fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number in Command line code on line 1
PHP Warning:  fsockopen(): Failed to enable crypto in Command line code on line 1
PHP Warning:  fsockopen(): unable to connect to tls://devnco.fr:587 (Unknown error) in Command line code on line 1
bool(false)

it's very important for me :/

[2018-09-05 14:09 UTC] alan at inspirometer dot com

Has this been looked at? I am running 7.1 and still experiencing this.

[2021-06-28 13:10 UTC] cmb@php.net

-Status: Verified +Status: Not a bug -Assigned To: +Assigned To: cmb

[2021-06-28 13:10 UTC] cmb@php.net

> openssl s_client -starttls smtp -connect smtp.live.com:587

If you try

    openssl s_client -connect smtp.live.com:587

instead, you basically get the same error message:

    3580:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:ssl\record\ssl3_record.c:332:

That is because the server requires STARTTLS, i.e. you start with
an unencrypted TCP connection, and only later the SSL handshake is
supposed to happen.  The exact details of this negotiation depend
on the protocol (that is why openssl's -starttls option requires
to pass it).  Thus, with low level sockets, the behavior is
actually expected (i.e. you'd need to implement STARTTLS support
yourself).

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 11:01:29 2024 UTC