ID: 45808
Comment by: nasam at mailvault dot com
Reported By: six at aegis-corp dot org
Status: Open
Bug Type: Streams related
Operating System: Linux 2.6
PHP Version: 5.3.0alpha1
New Comment:
Bug is in ext/openssl/xp_ssl.c
Function handle_ssl_error: (line 107)
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
/* re-negotiation, or perhaps the SSL layer needs more
* packets: retry in next iteration */
errno = EAGAIN;
retry = is_init ? 1 : sslsock->s.is_blocked; //BUG
break;
it sets retry to 1 in php_openssl_enable_crypto no matter if socket is
blocking or not.
Previous Comments:
------------------------------------------------------------------------
[2008-09-25 10:06:09] six at aegis-corp dot org
the bug is still present in php5.3-200809232030
------------------------------------------------------------------------
[2008-09-24 01:20:29] six at aegis-corp dot org
the bug is still present in php5.3-200809232030
------------------------------------------------------------------------
[2008-09-23 01:00:00] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2008-09-15 07:22:44] [EMAIL PROTECTED]
Please try using this CVS snapshot:
http://snaps.php.net/php5.3-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.3-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.3-win32-installer-latest.msi
------------------------------------------------------------------------
[2008-08-13 17:41:01] six at aegis-corp dot org
Description:
------------
The documentation says about stream_socket_enable_crypto :
Returns TRUE on success, FALSE if negotiation has failed or 0 if there
isn't enough data and you should try again (only for non-blocking
sockets).
In practice, if you feed a non blocking server socket to it, it will
block and consume lots of CPU until the SSL/TLS handshake is done or the
client connection is dropped.
Reproduce code:
---------------
<?php
$s = stream_socket_server("tcp://127.0.0.1:8888");
$c = stream_socket_accept($s);
stream_set_blocking($c, false);
$ret = stream_socket_enable_crypto($c, true,
STREAM_CRYPTO_METHOD_TLS_SERVER);
var_dump($ret);
?>
then just "telnet localhost 8888" from another term
Expected result:
----------------
script should print "int(0)" and exit
Actual result:
--------------
script blocks at the stream_socket_enable_crypto() call and is stuck in
a CPU consuming loop until the client connection is either handshaked or
dropped.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=45808&edit=1
