|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80001 SSL connection error is not reported via mysqli::$connect_error
Submitted: 2020-08-20 06:01 UTC Modified: -
From: morozov at tut dot by Assigned:
Status: Open Package: MySQLi related
PHP Version: 7.4.9 OS: Linux
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2020-08-20 06:01 UTC] morozov at tut dot by
According to the documentation, mysqli::$connect_error returns the last error message string from the last call to mysqli_connect(). NULL is returned if no error occurred.

However, if the underlying connection error is related to SSL, mysqli::$connect_error remains NULL which is incorrect.

The reproduction script tries to connect to a MySQL server running in a container and relies on the fact that the CN in the autogenerated server certificate doesn't match its hostname.

The same problem is reproducible with literally any SSL error.

Test script:

$conn = mysqli_init();

$conn->ssl_set('client-key.pem', 'client-cert.pem', 'ca.pem', '', '');

if (!$conn->real_connect('', 'root', '', 'mysql')) {

Expected result:
$conn->connect_error contains a string with an error message.

Actual result:
Warning: mysqli::real_connect(): Peer certificate CN=`MySQL_Server_8.0.18_Auto_Generated_Server_Certificate' did not match expected CN=`' in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): Cannot connect to MySQL by using SSL in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): [2002]  (trying to connect via (null)) in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): (HY000/2002):  in /home/morozov/mysqi-tls.php on line 7


Add a Patch

Pull Requests

Add a Pull Request

PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Fri May 07 05:01:42 2021 UTC