php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #77440 ldap_bind using ldaps or ldap_start_tls()=exception in libcrypto-1_1-x64.dll
Submitted: 2019-01-10 21:28 UTC Modified: 2019-01-20 13:21 UTC
Votes:6
Avg. Score:4.8 ± 0.4
Reproduced:5 of 5 (100.0%)
Same Version:4 (80.0%)
Same OS:2 (40.0%)
From: tsimmons at gmail dot com Assigned: ab (profile)
Status: Closed Package: OpenSSL related
PHP Version: 7.2.14 OS: Windows 2008 R2, 64-bit
Private report: No CVE-ID: None
 [2019-01-10 21:28 UTC] tsimmons at gmail dot com
Description:
------------
When trying to either ldap_bind() to a server that was connected using ldap_connect("ldaps://ldapserver:636") syntax, or by using the ldap_start_tls() function, you get an unhandled exception in libcrypto-1_1-x64.dll. Code works fine in PHP 7.2.13. This error occurs with the downloaded PHP 7.2.14 NTS, x64.

Test script:
---------------
	$server = "ldaps://ldapserver:636";
	putenv('LDAPTLS_REQCERT=allow');
	$con = ldap_connect($server);
	if(!$con) {
		ldap_get_option($con, LDAP_OPT_DIAGNOSTIC_MESSAGE, $err);
		return(false);
	}
	ldap_set_option($con, LDAP_OPT_PROTOCOL_VERSION, 3);
	ldap_set_option($con, LDAP_OPT_REFERRALS, 0);
	$ldaprdn = "ldapuser@domain.local";
	$ldapbind = ldap_bind($con, $ldaprdn, $oldPassword); // THIS LINE CRASHES WITH: Unhandled exception at 0x000007FEE4153708 (libcrypto-1_1-x64.dll) in php.exe: 0xC0000005: Access violation reading location 0xFFFFFFFFFFFFFFFF.


Expected result:
----------------
Should bind without error.

Actual result:
--------------
Unhandled exception at 0x000007FEE4153708 (libcrypto-1_1-x64.dll) in php.exe: 0xC0000005: Access violation reading location 0xFFFFFFFFFFFFFFFF.

Exception thrown at 0x000007FEE4153708 (libcrypto-1_1-x64.dll) in php.exe: 0xC0000005: Access violation reading location 0xFFFFFFFFFFFFFFFF.

The program '[4264] php.exe' has exited with code 0 (0x0).


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2019-01-10 23:25 UTC] jbrady at sbccd dot org
Was just going to post this. I'm having this issue as well. Exact same setup.
 [2019-01-11 13:40 UTC] ab@php.net
-Status: Open +Status: Feedback
 [2019-01-11 13:40 UTC] ab@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php for *NIX and
http://bugs.php.net/bugs-generating-backtrace-win32.php for Win32

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


 [2019-01-11 14:06 UTC] tsimmons at gmail dot com
-Status: Feedback +Status: Open
 [2019-01-11 14:06 UTC] tsimmons at gmail dot com
If you revert just the two files:

    libcrypto-1_1-x64.dll
    libssl-1_1-x64.dll

to version 1.1.0i (distributed with PHP 7.2.13) or 1.1.0j (available from http://wiki.overbyte.eu/wiki/index.php/ICS_Download#Download_OpenSSL_Binaries_.28required_for_SSL-enabled_components.29) it works fine. I tried downloading other 1.1.1? binaries from https://bintray.com/vszakats/generic/openssl and http://wiki.overbyte.eu/wiki/index.php/ICS_Download#Download_OpenSSL_Binaries_.28required_for_SSL-enabled_components.29 but those didn't work either. Not sure if this is a PHP or OpenSSL issue.
 [2019-01-11 14:20 UTC] tsimmons at gmail dot com
Here is the backtrace running from command line:

>libcrypto-1_1-x64.dll!000007fee18a3708() Unknown
libssl-1_1-x64.dll!000007fee8e7a422() Unknown
php_ldap.dll!tlso_sb_setup(sockbuf_io_desc * sbiod, void * arg) Line 873 C
[External Code] 
php_ldap.dll!tlso_sb_remove(sockbuf_io_desc * sbiod) Line 885 C
php_ldap.dll!ber_sockbuf_remove_io(sockbuf * sb, sockbuf_io * sbio, int layer) Line 229 C
php_ldap.dll!ldap_int_tls_connect(ldap * ld, ldap_conn * conn) Line 392 C
php_ldap.dll!ldap_int_tls_start(ldap * ld, ldap_conn * conn, ldap_url_desc * srv) Line 932 C
php_ldap.dll!ldap_int_open_connection(ldap * ld, ldap_conn * conn, ldap_url_desc * srv, int async) Line 450 C
php_ldap.dll!ldap_new_connection(ldap * ld, ldap_url_desc * * srvlist, int use_ldsb, int connect, ldapreqinfo * bind, int m_req, int m_res) Line 488 C
php_ldap.dll!ldap_open_defconn(ldap * ld) Line 41 C
php_ldap.dll!ldap_send_initial_request(ldap * ld, unsigned __int64 msgtype, const char * dn, berelement * ber, int msgid) Line 130 C
php_ldap.dll!ldap_sasl_bind(ldap * ld, const char * dn, const char * mechanism, berval * cred, ldapcontrol * * sctrls, ldapcontrol * * cctrls, int * msgidp) Line 164 C
php_ldap.dll!ldap_sasl_bind_s(ldap * ld, const char * dn, const char * mechanism, berval * cred, ldapcontrol * * sctrls, ldapcontrol * * cctrls, berval * * servercredp) Line 200 C
php_ldap.dll!zif_ldap_bind(_zend_execute_data * execute_data, _zval_struct * return_value) Line 631 C
php7.dll!ZEND_DO_ICALL_SPEC_RETVAL_USED_HANDLER(_zend_execute_data * execute_data) Line 627 C
php7.dll!execute_ex(_zend_execute_data * ex) Line 59739 C
php7.dll!zend_execute(_zend_op_array * op_array, _zval_struct * return_value) Line 63777 C
php7.dll!zend_execute_scripts(int type, _zval_struct * retval, int file_count, ...) Line 1503 C
php7.dll!php_execute_script(_zend_file_handle * primary_file) Line 2587 C
php.exe!do_cli(int argc, char * * argv) Line 1012 C
php.exe!main(int argc, char * * argv) Line 1403 C
[External Code]
 [2019-01-11 15:00 UTC] tsimmons at gmail dot com
Perhaps it's related to this OpenLDAP bug? http://www.openldap.org/lists/openldap-bugs/201810/msg00000.html ... seems similar.
 [2019-01-11 17:57 UTC] jbrady at sbccd dot org
I can confirm that using the two DLLs from 7.2.13 does resolve the issue. Also, here is a stack trace using VS2017 on Windows 10:

libcrypto-1_1-x64.dll!00007ffd2aa73708()
libssl-1_1-x64.dll!00007ffd3a43a422()
php_ldap.dll!tlso_sb_setup(sockbuf_io_desc * sbiod, void * arg) Line 873
	at e:\repo\winlibs_openldap\libraries\libldap\tls_o.c(873)
libcrypto-1_1-x64.dll!00007ffd2aa72e36()
libssl-1_1-x64.dll!00007ffd3a437880()
php_ldap.dll!tlso_sb_remove(sockbuf_io_desc * sbiod) Line 885
	at e:\repo\winlibs_openldap\libraries\libldap\tls_o.c(885)
php_ldap.dll!ber_sockbuf_remove_io(sockbuf * sb, sockbuf_io * sbio, int layer) Line 229
	at e:\repo\winlibs_openldap\libraries\liblber\sockbuf.c(229)
php_ldap.dll!ldap_int_tls_connect(ldap * ld, ldap_conn * conn) Line 392
	at e:\repo\winlibs_openldap\libraries\libldap\tls2.c(392)
php_ldap.dll!ldap_int_tls_start(ldap * ld, ldap_conn * conn, ldap_url_desc * srv) Line 932
	at e:\repo\winlibs_openldap\libraries\libldap\tls2.c(932)
php_ldap.dll!ldap_int_open_connection(ldap * ld, ldap_conn * conn, ldap_url_desc * srv, int async) Line 450
	at e:\repo\winlibs_openldap\libraries\libldap\open.c(450)
php_ldap.dll!ldap_new_connection(ldap * ld, ldap_url_desc * * srvlist, int use_ldsb, int connect, ldapreqinfo * bind, int m_req, int m_res) Line 488
	at e:\repo\winlibs_openldap\libraries\libldap\request.c(488)
php_ldap.dll!ldap_open_defconn(ldap * ld) Line 41
	at e:\repo\winlibs_openldap\libraries\libldap\open.c(41)
php_ldap.dll!ldap_send_initial_request(ldap * ld, unsigned __int64 msgtype, const char * dn, berelement * ber, int msgid) Line 130
	at e:\repo\winlibs_openldap\libraries\libldap\request.c(130)
php_ldap.dll!ldap_sasl_bind(ldap * ld, const char * dn, const char * mechanism, berval * cred, ldapcontrol * * sctrls, ldapcontrol * * cctrls, int * msgidp) Line 164
	at e:\repo\winlibs_openldap\libraries\libldap\sasl.c(164)
php_ldap.dll!ldap_sasl_bind_s(ldap * ld, const char * dn, const char * mechanism, berval * cred, ldapcontrol * * sctrls, ldapcontrol * * cctrls, berval * * servercredp) Line 200
	at e:\repo\winlibs_openldap\libraries\libldap\sasl.c(200)
php_ldap.dll!zif_ldap_bind(_zend_execute_data * execute_data, _zval_struct * return_value) Line 631
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\ext\ldap\ldap.c(631)
php_xdebug.dll!00007ffd7a8b5b18()
php7.dll!ZEND_DO_FCALL_SPEC_RETVAL_USED_HANDLER(_zend_execute_data * execute_data) Line 1046
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\zend\zend_vm_execute.h(1046)
php7.dll!execute_ex(_zend_execute_data * ex) Line 59739
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\zend\zend_vm_execute.h(59739)
php_xdebug.dll!00007ffd7a8b57c8()
php7.dll!zend_execute(_zend_op_array * op_array, _zval_struct * return_value) Line 63777
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\zend\zend_vm_execute.h(63777)
php7.dll!zend_execute_scripts(int type, _zval_struct * retval, int file_count, ...) Line 1503
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\zend\zend.c(1503)
php7.dll!php_execute_script(_zend_file_handle * primary_file) Line 2592
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\main\main.c(2592)
php.exe!do_cli(int argc, char * * argv) Line 1012
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\sapi\cli\php_cli.c(1012)
php.exe!main(int argc, char * * argv) Line 1403
	at c:\php-snap-build\php72\vc15\x64\php-7.2.14\sapi\cli\php_cli.c(1403)
[Inline Frame] php.exe!invoke_main() Line 78
	at f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl(78)
php.exe!__scrt_common_main_seh() Line 288
	at f:\dd\vctools\crt\vcstartup\src\startup\exe_common.inl(288)
kernel32.dll!BaseThreadInitThunk()
ntdll.dll!RtlUserThreadStart()
 [2019-01-12 19:45 UTC] tsimmons at gmail dot com
I would go with the 1.1.0j release from http://wiki.overbyte.eu/wiki/index.php/ICS_Download#Download_OpenSSL_Binaries_.28required_for_SSL-enabled_components.29 since there have been security updates to OpenSSL since the 1.1.0i released with PHP 7.2.13.
 [2019-01-13 00:37 UTC] ab@php.net
-Status: Open +Status: Feedback
 [2019-01-13 00:37 UTC] ab@php.net
Thanks for the further infos. Could you check the latest snapshots, 7.2 and up, please? This seems to be indeed an OpenLDAP issue with OpenSSL 1.1.1.

Thanks.
 [2019-01-14 22:00 UTC] cphill at email dot arizona dot edu
Reproduced original problem on Windows Server 2016 Standard version 1607 build 14393.2724. 

Tried PHP snapshot 7.2.15-dev (Jan 14 2019 13:40:01) MSVC15 (Visual C++ 2017) x64 running on same OS (see above) and the problem does not occur.
 [2019-01-15 18:48 UTC] mknobloch at midstate dot edu
I can confirm the issue with 7.2.14.  It appears to be resolved in the January 14th snapshot of 7.2 (NTS x64) on Windows Server 2016.
 [2019-01-20 04:22 UTC] php-bugs at lists dot php dot net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.
 [2019-01-20 13:21 UTC] ab@php.net
-Status: No Feedback +Status: Closed -Assigned To: +Assigned To: ab
 [2019-01-20 13:21 UTC] ab@php.net
As there's no more feedback, but some positive feedback is present, consider this issue fixed. This fix will be present in the upcoming RC, please check.

Thanks everyone for reporting and checks!
 [2019-01-24 17:47 UTC] kevin at icscomp dot com
I seem to be experiencing the same type of issue as this using 7.3.1.  However, using Windows 2012 and IIS.  Hopefully, this will be fixed for 7.3.2 ?
 [2019-01-24 17:47 UTC] kevin at icscomp dot com
I seem to be experiencing the same type of issue as this using 7.3.1.  However, using Windows 2012 and IIS.  Hopefully, this will be fixed for 7.3.2 ?
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 12 17:01:31 2024 UTC