Edit report at http://bugs.php.net/bug.php?id=41631&edit=1
ID: 41631 Comment by: arkadi dot shishlov at gmail dot com Reported by: david at acz dot org Summary: default_socket_timeout does not work with SSL Status: Assigned Type: Bug Package: OpenSSL related Operating System: * PHP Version: 5.2, 5.3 Assigned To: pajoye Block user comment: N Private report: N New Comment: A simple solution is to use HAProxy to proxy SSL partner services. Works for me. defaults mode tcp contimeout 5000 clitimeout 30000 srvtimeout 30000 listen service.gjensidigebaltic.lv 127.0.0.1:10001 dispatch 193.111.247.167:443 listen services.seesam.lv 127.0.0.1:10007 dispatch 217.28.49.7:443 Previous Comments: ------------------------------------------------------------------------ [2011-01-04 00:53:51] guyphp at yahoo dot com This bug has caused us a lot of headaches due to hung connections from partners stacking and eventually taking down entire webservers. During high traffic periods, it doesn't take long for these to reach critical mass. Is there any ETA on when this bug will find its way into stable builds? Like many, our managed hosting provider doesn't support patches - we need a stable build with the fix integrated. We are seeing this problem on 5.2.13, RHEL 5.5. ------------------------------------------------------------------------ [2010-11-19 15:43:21] chrisw at networkm dot co dot uk Cannot reproduce this on Windows Server 2003 R2 Enterprise/PHP 5.2.9-2 fopen() returns after $default_socket_timeout seconds if the server does not respond. ------------------------------------------------------------------------ [2010-06-13 15:12:55] fel...@php.net Pierre, doesn't the attached patch fix this issue? ------------------------------------------------------------------------ [2010-03-15 10:33:47] jason at kapoks dot co dot uk Had this issue over the weekend with 5.2.10. Essentially this means our entire service is vulnerable to Denial of Service. Linux localhost.localdomain 2.6.18-164.el5 #1 SMP Thu Sep 3 03:33:56 EDT 2009 i686 i686 i386 GNU/Linux CentOS release 5.3 (Final) PHP 5.2.10 (cli) (built: Jun 21 2009 11:10:43) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies with Zend Extension Manager v1.2.2, Copyright (c) 2003-2007, by Zend Technologies with Zend Optimizer v3.3.3, Copyright (c) 1998-2007, by Zend Technologies ------------------------------------------------------------------------ [2010-01-18 19:16:42] wdierkes at 5dollarwhitebox dot org This is also reproducible on 5.2.12 as described. As mentioned previously, this has the potentially to have major effects (Denial of Servide) etc due to processes hanging and never timing out. # cat /etc/redhat-release Red Hat Enterprise Linux Server release 5.4 (Tikanga) # php -v PHP 5.2.12 (cli) (built: Dec 17 2009 12:23:35) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies # uname -a Linux linux 2.6.18-164.el5 #1 SMP Tue Aug 18 15:51:48 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=41631 -- Edit this bug report at http://bugs.php.net/bug.php?id=41631&edit=1