|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #69319 stream_context_set_default() options not set as default in streaming functions
Submitted: 2015-03-28 12:52 UTC Modified: 2022-10-05 17:30 UTC
Avg. Score:4.3 ± 0.5
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:2 (66.7%)
From: php at 281180 dot de Assigned:
Status: Open Package: OpenSSL related
PHP Version: 5.6.7 OS: Linux Debian Wheezy 7.8
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: php at 281180 dot de
New email:
PHP Version: OS:


 [2015-03-28 12:52 UTC] php at 281180 dot de
As of PHP 5.6 all encrypted client streams now enable peer verification by default. 

The problem is that e. g. some certs are self-signed and streams will not work without adjusting some parts. 

The easiest way in some cases would be enabling the ssl option 'allow_self_signed' via stream_context_set_default()

But unfortunately options set via stream_context_set_default() are not honored by e. g. stream_socket_client()

Other packages seem to have the same problem:
- #54440 (here an XML issue)
- #68344 (here a MySQL issue)

Test script:
// set default stream options
$default_options = [
	'ssl' => [
		'allow_self_signed' => true,

// set special stream options
$options = [
	'ssl' => [
		'verify_peer_name' => false,

// open stream considering default options
$stream = stream_socket_client($host.':'.$port, $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, stream_context_create($options));

Expected result:
Stream to work and honor both $default_options and $options

Actual result:
$default_options are ignored and the following warning is triggered:

stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in XXX on line XX


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2022-10-05 17:30 UTC]
-Package: Streams related +Package: OpenSSL related
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Jul 23 02:01:29 2024 UTC