php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #76604 Incomplete/Partial error messages for encrypted connection failures
Submitted: 2018-07-10 12:37 UTC Modified: -
Votes:3
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:1 (33.3%)
Same OS:1 (33.3%)
From: johannes dot meyer at netways dot de Assigned:
Status: Open Package: PDO MySQL
PHP Version: 7.1.19 OS: CentOS Linux release 7.4.1708 (C
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: johannes dot meyer at netways dot de
New email:
PHP Version: OS:

 

 [2018-07-10 12:37 UTC] johannes dot meyer at netways dot de
Description:
------------
Trying to connect to a MariaDB instance using a SSL encrypted connection may fail. If it does, an PDOException's getMessage() method returns only an incomplete string. The returned error message defies any usefulness because the actual reason is not part of it.

It's possible to workaround this since the exception object in question got a previous exception which holds the missing part. Though, actually expected is that method getMessage() already returns a proper message.

Test script:
---------------
try {
        $pdo = new PDO(
                'mysql:host=localhost.localdomain;dbname=foo',
                'foo',
                'bar',
                array(
                        PDO::MYSQL_ATTR_SSL_KEY    => '/home/vagrant/newcerts/server-key.pem',
                        PDO::MYSQL_ATTR_SSL_CERT   => '/home/vagrant/newcerts/server-cert.pem',
                        PDO::MYSQL_ATTR_SSL_CA     => '/home/vagrant/newcerts/ca.pem',
                        PDO::MYSQL_ATTR_SSL_CIPHER => 'DHE-RSA-AES256-GCM-SHA384'
                )
        );
} catch (PDOException $e) {
        echo '# Actual:' . PHP_EOL;
        echo $e->getMessage() . PHP_EOL;
        echo '# Expected:' . PHP_EOL;
        echo $e->getMessage() . $e->getPrevious()->getMessage() . PHP_EOL;
}

Expected result:
----------------
# Actual:
SQLSTATE[HY000] [2002] PDO::__construct(): SSL operation failed with code 1. OpenSSL Error messages:
error:140830B5:SSL routines:ssl3_client_hello:no ciphers available
# Expected:
SQLSTATE[HY000] [2002] PDO::__construct(): SSL operation failed with code 1. OpenSSL Error messages:
error:140830B5:SSL routines:ssl3_client_hello:no ciphers available

Actual result:
--------------
# Actual:
SQLSTATE[HY000] [2002] 
# Expected:
SQLSTATE[HY000] [2002] PDO::__construct(): SSL operation failed with code 1. OpenSSL Error messages:
error:140830B5:SSL routines:ssl3_client_hello:no ciphers available

Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sat Oct 19 02:01:27 2019 UTC