From: Operating system: Ubuntu Lucid/Maverick PHP version: 5.3.2 Package: HTTP related Bug Type: Bug Bug description:fopen fails on some SSL urls
Description: ------------ This bug is being filed as requested on the Ubuntu bug tracker see[1]. I'm having problems running the script below using the version of php5 that comes with Lucid (Clint Byrum reproduced it in Maverick and the php5 svn). For some reason this is only happening on one of our servers. Whenever I try to run fopen() against it I get a "SSL operation failed with code 1. OpenSSL Error messages: error:140773F2:SSL routines:func(119):reason(1010)" message. I attached a tcpdump of a similar transaction (instead of yale it was google) here[2]. As you can see from the dump, Google is working but my server is not. I get an SSL alert packet (packet #29) back with SSL code 10 (unexpected message). I can't seem to reproduce it on other HTTPS servers (yet). What is funny is that I get an ACK right before that. It seems like maybe the server is sending an ACK, client starts talking, server isn't ready and sends an out-of-order message. I'm not sure if it is my https server that is barfing or it is fopen() that is sending the wrong packets. This script works fine on karmic (PHP 5.2.10-2ubuntu6.4), Scott ------------ [1] https://bugs.launchpad.net/ubuntu/+source/php5/+bug/592442 [2] http://launchpadlibrarian.net/50098267/out.dump Test script: --------------- <?php $ctx = stream_context_create(array('ssl'=>array('verify_peer'=>true, 'capath'=>'/etc/ssl/certs'))); $uris = array( "https://cas.ucdavis.edu/login", "https://www.google.com/",); $uris = array ( "https://cas.ucdavis.edu/cas/login","https://secure.its.yale.edu/cas/login", ); foreach ($uris as &$uri) { print "checking $uri\n"; fopen("$uri",'r',false,$ctx); } ?> Expected result: ---------------- checking https://cas.ucdavis.edu/cas/login checking https://secure.its.yale.edu/cas/login Actual result: -------------- checking https://cas.ucdavis.edu/cas/login PHP Warning: fopen(): SSL operation failed with code 1. OpenSSL Error messages: error:140773F2:SSL routines:func(119):reason(1010) in /root/bug.php on line 10 PHP Warning: fopen(): Failed to enable crypto in /root/bug.php on line 10 PHP Warning: fopen(https://cas.ucdavis.edu/cas/login): failed to open stream: operation failed in /root/bug.php on line 10 checking https://secure.its.yale.edu/cas/login -- Edit bug report at http://bugs.php.net/bug.php?id=52106&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=52106&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=52106&r=trysnapshot53 Try a snapshot (trunk): http://bugs.php.net/fix.php?id=52106&r=trysnapshottrunk Fixed in SVN: http://bugs.php.net/fix.php?id=52106&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=52106&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=52106&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=52106&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=52106&r=needscript Try newer version: http://bugs.php.net/fix.php?id=52106&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=52106&r=support Expected behavior: http://bugs.php.net/fix.php?id=52106&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=52106&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=52106&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=52106&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=52106&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=52106&r=dst IIS Stability: http://bugs.php.net/fix.php?id=52106&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=52106&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=52106&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=52106&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=52106&r=mysqlcfg