Bug #54511 [Com]: Failure in socket open to some SSL server

[alexwichti at googlemail dot com]

Edit report at https://bugs.php.net/bug.php?id=54511&edit=1

 ID:                 54511
 Comment by:         alexwichti at googlemail dot com
 Reported by:        dbpalan at hotmail dot com
 Summary:            Failure in socket open to some SSL server
 Status:             Open
 Type:               Bug
 Package:            OpenSSL related
 Operating System:   Debian Squeeze
 PHP Version:        5.3.6
 Block user comment: N
 Private report:     N

 New Comment:

Bug still exists in 5.4.3.
Workaround by dbpalan works though, thanks!


Previous Comments:
------------------------------------------------------------------------
[2011-04-12 10:04:01] dbpalan at hotmail dot com

1. The function call is located in ext/openssl/xp_ssl.c

2. A workaround is replace the line fsockopen() with:

    $context = stream_context_create(array(
        'ssl' => array('SNI_server_name' => 'smtpb.scig.gov.hk'),
    ));
    $fp = stream_socket_client("tcp://smtpb.scig.gov.hk:465", $errno, $errstr, 
30, STREAM_CLIENT_CONNECT, $context);

------------------------------------------------------------------------
[2011-04-12 09:51:12] dbpalan at hotmail dot com

Description:
------------
fsockopen() connect to a server always failed.  After some tests it is 
confirmed due to a bug in a SSL function call which only occur in new version:

5.2.6  - passed
5.2.17 - passed
5.3.0  - passed
5.3.1  - passed
5.3.2  - failed
5.3.3  - failed
5.3.6  - failed

The bug was introduced from svn revision #291493 "merge from trunk: openssl sni 
support" from the function call to 
SSL_set_tlsext_host_name(sslsock->ssl_handle, sslsock->sni).

If I remark this function, everything works fine.

I have no further idea what is this function do, and what side effect without 
this function.  Please advice and hope a fix would be available.  Thank you.


Test script:
---------------
<?
$fp = fsockopen("ssl://smtpb.scig.gov.hk", 465, $errno, $errstr, 30);
if (!$fp) {
    echo "fail: $errstr ($errno)\n";
} else {
    echo "success";
}
?>


Expected result:
----------------
$fp is a non-zero handle, the screen will show "success"

Actual result:
--------------
$fp is EMPTY, the screen will show:

Warning: fsockopen() [function.fsockopen]: SSL operation failed with code 1. 
OpenSSL Error messages: error:14094417:SSL routines:func(148):reason(1047) in 
/www/test.php on line 2

Warning: fsockopen() [function.fsockopen]: Failed to enable crypto in 
/www/test.php on line 2

Warning: fsockopen() [function.fsockopen]: unable to connect to 
ssl://smtpb.scig.gov.hk:465 (Unknown error) in /www/test.php on line 2

fail: 0


------------------------------------------------------------------------



-- 
Edit this bug report at https://bugs.php.net/bug.php?id=54511&edit=1