php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80001 SSL connection error is not reported via mysqli::$connect_error
Submitted: 2020-08-20 06:01 UTC Modified: 2021-06-02 15:22 UTC
From: morozov at tut dot by Assigned:
Status: Open Package: MySQLi related
PHP Version: 7.4.9 OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
MUST BE VALID
Solve the problem:
19 - 3 = ?
Subscribe to this entry?

 
 [2020-08-20 06:01 UTC] morozov at tut dot by
Description:
------------
According to the documentation, mysqli::$connect_error returns the last error message string from the last call to mysqli_connect(). NULL is returned if no error occurred.


However, if the underlying connection error is related to SSL, mysqli::$connect_error remains NULL which is incorrect.

The reproduction script tries to connect to a MySQL server running in a https://hub.docker.com/_/mysql container and relies on the fact that the CN in the autogenerated server certificate doesn't match its hostname.

The same problem is reproducible with literally any SSL error.

Test script:
---------------
<?php

$conn = mysqli_init();

$conn->ssl_set('client-key.pem', 'client-cert.pem', 'ca.pem', '', '');

if (!$conn->real_connect('127.0.0.1', 'root', '', 'mysql')) {
    var_dump($conn->connect_error);
    exit(1);
}


Expected result:
----------------
$conn->connect_error contains a string with an error message.

Actual result:
--------------
Warning: mysqli::real_connect(): Peer certificate CN=`MySQL_Server_8.0.18_Auto_Generated_Server_Certificate' did not match expected CN=`127.0.0.1' in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): Cannot connect to MySQL by using SSL in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): [2002]  (trying to connect via (null)) in /home/morozov/mysqi-tls.php on line 7

Warning: mysqli::real_connect(): (HY000/2002):  in /home/morozov/mysqi-tls.php on line 7
NULL

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-06-02 10:51 UTC] cmb@php.net
-Status: Open +Status: Feedback -Assigned To: +Assigned To: cmb
 [2021-06-02 10:51 UTC] cmb@php.net
Would that error be reported by openssl_error_string()?
 [2021-06-02 15:06 UTC] morozov at tut dot by
-Status: Feedback +Status: Assigned
 [2021-06-02 15:06 UTC] morozov at tut dot by
No, it returns false.
 [2021-06-02 15:22 UTC] cmb@php.net
-Status: Assigned +Status: Open -Assigned To: cmb +Assigned To:
 [2021-06-02 15:22 UTC] cmb@php.net
Thanks for the swift reply!  That would be a bug.
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Mon Sep 20 09:03:36 2021 UTC