PHP :: Bug #69319 :: stream_context_set_default() options not set as default in streaming functions

Bug #69319

stream_context_set_default() options not set as default in streaming functions

Submitted:

2015-03-28 12:52 UTC

Modified:

2022-10-05 17:30 UTC

Votes:	3
Avg. Score:	4.3 ± 0.5
Reproduced:	3 of 3 (100.0%)
Same Version:	2 (66.7%)
Same OS:	2 (66.7%)

From:

php at 281180 dot de

Assigned:

Status:

Open

Package:

OpenSSL related

PHP Version:

5.6.7

OS:

Linux Debian Wheezy 7.8

Private report:

CVE-ID:

None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	php at 281180 dot de
New email:
PHP Version:		OS:

New/Additional Comment:

[2015-03-28 12:52 UTC] php at 281180 dot de

Description:
------------
As of PHP 5.6 all encrypted client streams now enable peer verification by default. 

The problem is that e. g. some certs are self-signed and streams will not work without adjusting some parts. 

The easiest way in some cases would be enabling the ssl option 'allow_self_signed' via stream_context_set_default()

But unfortunately options set via stream_context_set_default() are not honored by e. g. stream_socket_client()

Other packages seem to have the same problem:
- #54440 (here an XML issue)
- #68344 (here a MySQL issue)

Test script:
---------------
// set default stream options
$default_options = [
	'ssl' => [
		'allow_self_signed' => true,
	],
];
stream_context_set_default($default_options);

// set special stream options
$options = [
	'ssl' => [
		'verify_peer_name' => false,
	],
];

// open stream considering default options
$stream = stream_socket_client($host.':'.$port, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, stream_context_create($options));


Expected result:
----------------
Stream to work and honor both $default_options and $options

Actual result:
--------------
$default_options are ignored and the following warning is triggered:

stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in XXX on line XX

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2022-10-05 17:30 UTC] bukka@php.net

-Package: Streams related +Package: OpenSSL related

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2023 The PHP Group All rights reserved.	Last updated: Fri Jan 27 01:05:53 2023 UTC