Edit report at http://bugs.php.net/bug.php?id=52106&edit=1
ID: 52106
Comment by: personseb at yahoo dot fr
Reported by: sc0ttbeardsley at gmail dot com
Summary: fopen fails on some SSL urls
Status: Open
Type: Bug
Package: OpenSSL related
Operating System: Ubuntu Lucid/Maverick
PHP Version: 5.3.2
Block user comment: N
New Comment:
maybe a hint to troubleshoot the problem if I use the following it works
:
$t_context = array(
'ciphers' => 'ALL:!AES:!3DES:!RC4:@STRENGTH', // OK:LOW
);
$context = stream_context_create(
array(
'ssl' => $t_context,
));
file_get_contents('https://myserver:443', false, $context);
without the above context it breaks :
file_get_contents('https://myserver:443', false, $context);
Previous Comments:
------------------------------------------------------------------------
[2010-09-15 12:12:36] personseb at yahoo dot fr
same problem here...
Warning: fsockopen() [function.fsockopen]: SSL operation failed with
code 1.
OpenSSL Error messages: error:14077438:SSL
routines:SSL23_GET_SERVER_HELLO:tlsv1
alert internal error in /www/test_servicesWS_sp.php on line 16
Warning: fsockopen() [function.fsockopen]: Failed to enable crypto in
/www/test_servicesWS_sp.php on line 16
Warning: fsockopen() [function.fsockopen]: unable to connect to
ssl://192.168.0.1:443 (Unknown error) in /www/test_servicesWS_sp.php on
line 16
(0)
PHP 5.3.2
OpenSSL 1.0.0
OS CentOS
------------------------------------------------------------------------
[2010-08-23 12:50:16] k dot nagurski at ulster dot ac dot uk
We're having the same problem with connecting to a box running our
student records
system.
We've tested this using Zend Server 5.0.2 using RHEL, with PHP version
is 5.3.2.
We've also been able to reproduce this on Zend Server CE 5.0.2 using
MacOSX, also
PHP version 5.3.2.
As far as we can see, this popped up with 5.3.2 as we cannot reproduce
the problem
with a version of Zend Server CE running PHP 5.3.1.
------------------------------------------------------------------------
[2010-06-17 19:45:19] sc0ttbeardsley at gmail dot com
substitute Lucid in my last comment with PHP v5.3.2 and Karmic with PHP
v5.2.10
------------------------------------------------------------------------
[2010-06-17 19:43:43] sc0ttbeardsley at gmail dot com
An update... I've discovered that the cas.ucdavis.edu machine does not
correctly
deal with fragmented IP packets. I thought this might be the problem but
then I went looking for those types of packets and found none (I'll
still try to
get that fixed though).
Then I discovered that on the "client hello" packet (first packet after
the
connection is established) on a Lucid machine shows up in wireshark as
the TLSv1
protocol and on a Karmic machine it shows up as a SSLv2 protocol.
I wonder why this changed? Did the defaults for openssl change or
something?
------------------------------------------------------------------------
[2010-06-17 00:35:32] sc0ttbeardsley at gmail dot com
This might not be an fopen() problem. The following code won't work
either:
<?php
$fp = fsockopen("ssl://cas.ucdavis.edu", 443, $errno, $errstr, 30);
if (!$fp) {
echo "$errstr ($errno)<br />\n";
} else {
$out = "GET /cas/login HTTP/1.1\r\n";
$out .= "Host: cas.ucdavis.edu\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
while (!feof($fp)) {
echo fgets($fp, 128);
}
fclose($fp);
}
?>
$ php bug2.php
The following is printed:
PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL
Error
messages:
error:140773F2:SSL routines:func(119):reason(1010) in bug2.php on line
2
PHP Warning: fsockopen(): Failed to enable crypto in bug2.php on line
2
PHP Warning: fsockopen(): unable to connect to
ssl://cas.ucdavis.edu:443
(Unknown error) in bug2.php on line 2
(0)<br />
$
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=52106
--
Edit this bug report at http://bugs.php.net/bug.php?id=52106&edit=1
