Edit report at http://bugs.php.net/bug.php?id=41631&edit=1
ID: 41631 Comment by: mgallelli at gmail dot com Reported by: david at acz dot org Summary: default_socket_timeout does not work with SSL Status: Assigned Type: Bug Package: OpenSSL related Operating System: * PHP Version: 5.2, 5.3 Assigned To: pajoye Block user comment: N Private report: N New Comment: Hi, i've tested on 5.2.17 and 5.3.2 with the same result. As described i've used this script: time php -n -r 'ini_set("default_socket_timeout", 1); fopen("https://mydomain.it/sleep.php", "r");' but it doesn't wait 1 sec but 15 as into sleep.php page. Previous Comments: ------------------------------------------------------------------------ [2011-03-28 23:51:34] arkadi dot shishlov at gmail dot com A simple solution is to use HAProxy to proxy SSL partner services. Works for me. defaults mode tcp contimeout 5000 clitimeout 30000 srvtimeout 30000 listen service.gjensidigebaltic.lv 127.0.0.1:10001 dispatch 193.111.247.167:443 listen services.seesam.lv 127.0.0.1:10007 dispatch 217.28.49.7:443 ------------------------------------------------------------------------ [2011-01-04 00:53:51] guyphp at yahoo dot com This bug has caused us a lot of headaches due to hung connections from partners stacking and eventually taking down entire webservers. During high traffic periods, it doesn't take long for these to reach critical mass. Is there any ETA on when this bug will find its way into stable builds? Like many, our managed hosting provider doesn't support patches - we need a stable build with the fix integrated. We are seeing this problem on 5.2.13, RHEL 5.5. ------------------------------------------------------------------------ [2010-11-19 15:43:21] chrisw at networkm dot co dot uk Cannot reproduce this on Windows Server 2003 R2 Enterprise/PHP 5.2.9-2 fopen() returns after $default_socket_timeout seconds if the server does not respond. ------------------------------------------------------------------------ [2010-06-13 15:12:55] fel...@php.net Pierre, doesn't the attached patch fix this issue? ------------------------------------------------------------------------ [2010-03-15 10:33:47] jason at kapoks dot co dot uk Had this issue over the weekend with 5.2.10. Essentially this means our entire service is vulnerable to Denial of Service. Linux localhost.localdomain 2.6.18-164.el5 #1 SMP Thu Sep 3 03:33:56 EDT 2009 i686 i686 i386 GNU/Linux CentOS release 5.3 (Final) PHP 5.2.10 (cli) (built: Jun 21 2009 11:10:43) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies with Zend Extension Manager v1.2.2, Copyright (c) 2003-2007, by Zend Technologies with Zend Optimizer v3.3.3, Copyright (c) 1998-2007, by Zend Technologies ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=41631 -- Edit this bug report at http://bugs.php.net/bug.php?id=41631&edit=1