PHP :: Bug #65679 :: stream_socket_client() does not set $errstr
php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #65679 stream_socket_client() does not set $errstr
Submitted: 2013-09-16 10:48 UTC Modified: -
Votes:4
Avg. Score:3.5 ± 1.1
Reproduced:2 of 3 (66.7%)
Same Version:0 (0.0%)
Same OS:2 (100.0%)
From: butesa at freenet dot de Assigned:
Status: Open Package: Network related
PHP Version: 5.5.3 OS: Ubuntu 12.04 x64
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: butesa at freenet dot de
New email:
PHP Version: OS:

 

 [2013-09-16 10:48 UTC] butesa at freenet dot de
Description:
------------
stream_socket_client() leaves $errno and $errstr empty, when the certificate check for ssl fails.
The manual says "If the value returned in errno is 0 and the function returned FALSE, it is an indication that the error occurred before the connect() call."
But connect() must have been successful to perform a certificate check.

Also, stream_socket_client() throws 3 warnings, but only the first one gives you a hint what went wrong. $php_errormsg gives only the last warning. So the only way to fetch a useful error string is using a custom error handler.

Test script:
---------------
<?php
	ini_set('php_track_errors','1');
	$address = 'ssl://j-matschke.de:443';
	$errno = 0;
	$errstr = '';
	$opt = array(
		'ssl' => array(
			'verify_peer' => true,
			'cafile' => '/etc/ssl/certs/ca-certificates.crt',
			'CN_match' => 'j-matschke.de',
			),
		);
	$context = stream_context_create($opt);
	$conn = stream_socket_client($address, $errno, $errstr, 5, STREAM_CLIENT_CONNECT, $context);
	var_dump($conn);
	var_dump($errno);
	var_dump($errstr);
	var_dump($php_errormsg);
?>

Expected result:
----------------
Only one warning should be thrown. This warning should also be used as $errstr.

Actual result:
--------------
Warning: stream_socket_client(): Peer certificate CN=`*.kasserver.com' did not match expected CN=`j-matschke.de' in /mnt/Daten/home/Code/PHP/Web/servercheck3/buggy/ssl.php on line 14

Warning: stream_socket_client(): Failed to enable crypto in /mnt/Daten/home/Code/PHP/Web/servercheck3/buggy/ssl.php on line 14

Warning: stream_socket_client(): unable to connect to ssl://j-matschke.de:443 (Unknown error) in /mnt/Daten/home/Code/PHP/Web/servercheck3/buggy/ssl.php on line 14
bool(false)
int(0)
string(0) ""
string(84) "stream_socket_client(): unable to connect to ssl://j-matschke.de:443 (Unknown error)"


Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Tue Aug 14 08:01:25 2018 UTC