Edit report at http://bugs.php.net/bug.php?id=41631&edit=1
ID: 41631
Comment by: arkadi dot shishlov at gmail dot com
Reported by: david at acz dot org
Summary: default_socket_timeout does not work with SSL
Status: Assigned
Type: Bug
Package: OpenSSL related
Operating System: *
PHP Version: 5.2, 5.3
Assigned To: pajoye
Block user comment: N
Private report: N
New Comment:
A simple solution is to use HAProxy to proxy SSL partner services. Works
for me.
defaults
mode tcp
contimeout 5000
clitimeout 30000
srvtimeout 30000
listen service.gjensidigebaltic.lv 127.0.0.1:10001
dispatch 193.111.247.167:443
listen services.seesam.lv 127.0.0.1:10007
dispatch 217.28.49.7:443
Previous Comments:
------------------------------------------------------------------------
[2011-01-04 00:53:51] guyphp at yahoo dot com
This bug has caused us a lot of headaches due to hung connections from
partners
stacking and eventually taking down entire webservers. During high
traffic
periods, it doesn't take long for these to reach critical mass. Is
there any ETA
on when this bug will find its way into stable builds? Like many, our
managed
hosting provider doesn't support patches - we need a stable build with
the fix
integrated.
We are seeing this problem on 5.2.13, RHEL 5.5.
------------------------------------------------------------------------
[2010-11-19 15:43:21] chrisw at networkm dot co dot uk
Cannot reproduce this on Windows Server 2003 R2 Enterprise/PHP 5.2.9-2
fopen() returns after $default_socket_timeout seconds if the server does
not respond.
------------------------------------------------------------------------
[2010-06-13 15:12:55] fel...@php.net
Pierre, doesn't the attached patch fix this issue?
------------------------------------------------------------------------
[2010-03-15 10:33:47] jason at kapoks dot co dot uk
Had this issue over the weekend with 5.2.10.
Essentially this means our entire service is vulnerable to Denial of
Service.
Linux localhost.localdomain 2.6.18-164.el5 #1 SMP Thu Sep 3 03:33:56 EDT
2009 i686 i686 i386 GNU/Linux
CentOS release 5.3 (Final)
PHP 5.2.10 (cli) (built: Jun 21 2009 11:10:43)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
with Zend Extension Manager v1.2.2, Copyright (c) 2003-2007, by Zend
Technologies
with Zend Optimizer v3.3.3, Copyright (c) 1998-2007, by Zend
Technologies
------------------------------------------------------------------------
[2010-01-18 19:16:42] wdierkes at 5dollarwhitebox dot org
This is also reproducible on 5.2.12 as described. As mentioned
previously, this has the potentially to have major effects (Denial of
Servide) etc due to processes hanging and never timing out.
# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.4 (Tikanga)
# php -v
PHP 5.2.12 (cli) (built: Dec 17 2009 12:23:35)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
# uname -a
Linux linux 2.6.18-164.el5 #1 SMP Tue Aug 18 15:51:48 EDT 2009 x86_64
x86_64 x86_64 GNU/Linux
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=41631
--
Edit this bug report at http://bugs.php.net/bug.php?id=41631&edit=1
