#23220 [Com]: IIS does not cleanly close SSL connections (SSL: fatal protocol error)

[papercrane at reversefold dot com]

 ID:   23220
 Comment by:   papercrane at reversefold dot com
 Reported By:  storozhilov at mail dot ru
 Status:   Closed
 Bug Type: OpenSSL related
 Operating System: *
 PHP Version:  4CVS
 New Comment:

For those interested, I have submitted a bug report for
PEAR::Net_Socket and added a comment to a bug report for HTTP_Request.

I would include bug #'s and links, but the bug system seems to have
just gone down...


Previous Comments:


[2004-10-05 14:21:34] [EMAIL PROTECTED]

jon at latchkey dot com:
ask the authors of those packages to read this report and fix their
code.  It is not a PHP bug.



[2004-10-05 09:19:03] jon at latchkey dot com

I'm seeing this in 5.0.2 using HTTP_Client-1.0.0 and
HTTP_Request-1.2.3, Net_Socket-1.0.2.

require_once 'HTTP/Client.php';

$url = 'https://wipcore.t-mobile.com/login';
$data = array(
txtMSISDN='myphonenumber',
txtPassword='mypassword',
tmobile='true',
chkRemember='chkRemember',
hdnAOL='');

$client = new HTTP_Client();
$response = $client-post($url, $data);
$response = $client-currentResponse();
print_r($response);
?

Warning: fread() [function.fread]: SSL: fatal protocol error in
/usr/local/lib/php/Net/Socket.php on line 262
Array ( [code] = 200 [headers] = Array ( [Date] = Tue, 05 Oct 2004
06:58:40 GMT [date] = Tue, 05 Oct 2004 06:58:40 GMT [X-Powered-By] =
ASP.NET [x-powered-by] = ASP.NET [cache-control] = private [pragma]
= no-cache [x-rim-content-location] =
/appdata/rim/idlescreen/carrier/brand [X-ContentSig] =
iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE [x-contentsig] =
iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE [Connection] =
close [connection] = close [Content-Type] = text/html [content-type]
= text/html [Cache-control] = private [Content-Encoding] = gzip
[content-encoding] = gzip [Transfer-Encoding] = chunked
[transfer-encoding] = chunked [Expires] = Wed, 01 Jan 1997 12:00:00
GMT [expires] = Wed, 01 Jan 1997 12:00:00 GMT [Vary] =
Accept-Encoding [vary] = Accept-Encoding ) [body] =



[2004-08-24 20:54:36] robert at osuosl dot org

I've noticed we've all dismissed this as a Microsoft IIS error, but
we've been receiving the same warning using Apache 1.3.31 and PHP 5.0.0
and PHP 5.0.1, configured with the following options:
./configure --with-mysql=shared,/usr --prefix=/usr
--with-apxs=/usr/bin/apxs-ssl --disable-rpath --with-layout=GNU
--with-pear=/usr/share/php --enable-ftp --with-gettext --enable-sockets
--with-zlib --with-kerberos=/usr --with-openssl
--with-exec-dir=/usr/lib/php5/libexec --with-dom=shared,/usr --with-xsl
--with-gettext

Have any apache users had this error and corrected it?



[2004-05-23 13:04:06] [EMAIL PROTECTED]

Stupid bug system...
The will be in the next snapshot from http://snaps.php.net.




[2004-05-23 13:02:46] [EMAIL PROTECTED]

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation
better.

This has just been fixed in CVS.

Note that due to the nature of the problem (eg: IIS being at fault),
there is no way for PHP to determine the difference between a
legitimate problem and a bogus IIS unless you are using the built-in
HTTP wrapper: we inspect the headers to determine if we should show the
warning or not.

So, if you are manually opening an SSL stream, you still need to
suppress the warning yourself based on the presence of Server:
Microsoft-IIS in the headers that you read.





The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/23220

-- 
Edit this bug report at http://bugs.php.net/?id=23220edit=1

#23220 [Com]: IIS does not cleanly close SSL connections (SSL: fatal protocol error)

[jr-php2 at quo dot to]

 ID:   23220
 Comment by:   jr-php2 at quo dot to
 Reported By:  storozhilov at mail dot ru
 Status:   Closed
 Bug Type: OpenSSL related
 Operating System: *
 PHP Version:  4CVS
 New Comment:

This seems to have been dismissed as an IIS bug, but I'm seeing the
error when connecting to an *Apache* server. Please try this code on
PHP 4.3.9:

$f = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr,
30);
if (!$f) die('fsockopen failed');
fputs($f, GET / HTTP/1.0\r\n\r\n);
while (($s = fgets($f, 4096)) !== false) {
echo $s;
}

About 50% of the time, it emits:

Warning: fgets(): SSL: fatal protocol error in
/data/web/main/ssl-test.php on line 6

despite the server being:

Server: Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7a PHP/4.3.2


Previous Comments:


[2004-10-05 14:21:34] [EMAIL PROTECTED]

jon at latchkey dot com:
ask the authors of those packages to read this report and fix their
code.  It is not a PHP bug.



[2004-10-05 09:19:03] jon at latchkey dot com

I'm seeing this in 5.0.2 using HTTP_Client-1.0.0 and
HTTP_Request-1.2.3, Net_Socket-1.0.2.

require_once 'HTTP/Client.php';

$url = 'https://wipcore.t-mobile.com/login';
$data = array(
txtMSISDN='myphonenumber',
txtPassword='mypassword',
tmobile='true',
chkRemember='chkRemember',
hdnAOL='');

$client = new HTTP_Client();
$response = $client-post($url, $data);
$response = $client-currentResponse();
print_r($response);
?

Warning: fread() [function.fread]: SSL: fatal protocol error in
/usr/local/lib/php/Net/Socket.php on line 262
Array ( [code] = 200 [headers] = Array ( [Date] = Tue, 05 Oct 2004
06:58:40 GMT [date] = Tue, 05 Oct 2004 06:58:40 GMT [X-Powered-By] =
ASP.NET [x-powered-by] = ASP.NET [cache-control] = private [pragma]
= no-cache [x-rim-content-location] =
/appdata/rim/idlescreen/carrier/brand [X-ContentSig] =
iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE [x-contentsig] =
iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE [Connection] =
close [connection] = close [Content-Type] = text/html [content-type]
= text/html [Cache-control] = private [Content-Encoding] = gzip
[content-encoding] = gzip [Transfer-Encoding] = chunked
[transfer-encoding] = chunked [Expires] = Wed, 01 Jan 1997 12:00:00
GMT [expires] = Wed, 01 Jan 1997 12:00:00 GMT [Vary] =
Accept-Encoding [vary] = Accept-Encoding ) [body] =



[2004-08-24 20:54:36] robert at osuosl dot org

I've noticed we've all dismissed this as a Microsoft IIS error, but
we've been receiving the same warning using Apache 1.3.31 and PHP 5.0.0
and PHP 5.0.1, configured with the following options:
./configure --with-mysql=shared,/usr --prefix=/usr
--with-apxs=/usr/bin/apxs-ssl --disable-rpath --with-layout=GNU
--with-pear=/usr/share/php --enable-ftp --with-gettext --enable-sockets
--with-zlib --with-kerberos=/usr --with-openssl
--with-exec-dir=/usr/lib/php5/libexec --with-dom=shared,/usr --with-xsl
--with-gettext

Have any apache users had this error and corrected it?



[2004-05-23 13:04:06] [EMAIL PROTECTED]

Stupid bug system...
The will be in the next snapshot from http://snaps.php.net.




[2004-05-23 13:02:46] [EMAIL PROTECTED]

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation
better.

This has just been fixed in CVS.

Note that due to the nature of the problem (eg: IIS being at fault),
there is no way for PHP to determine the difference between a
legitimate problem and a bogus IIS unless you are using the built-in
HTTP wrapper: we inspect the headers to determine if we should show the
warning or not.

So, if you are manually opening an SSL stream, you still need to
suppress the warning yourself based on the presence of Server:
Microsoft-IIS in the headers that you read.





The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/23220

-- 
Edit this bug report at http://bugs.php.net/?id=23220edit=1

#23220 [Com]: IIS does not cleanly close SSL connections (SSL: fatal protocol error)

[jon at latchkey dot com]

 ID:   23220
 Comment by:   jon at latchkey dot com
 Reported By:  storozhilov at mail dot ru
 Status:   Closed
 Bug Type: OpenSSL related
 Operating System: *
 PHP Version:  4CVS
 New Comment:

I'm seeing this in 5.0.2 using HTTP_Client-1.0.0 and
HTTP_Request-1.2.3, Net_Socket-1.0.2.

require_once 'HTTP/Client.php';

$url = 'https://wipcore.t-mobile.com/login';
$data = array(
txtMSISDN='myphonenumber',
txtPassword='mypassword',
tmobile='true',
chkRemember='chkRemember',
hdnAOL='');

$client = new HTTP_Client();
$response = $client-post($url, $data);
$response = $client-currentResponse();
print_r($response);
?

Warning: fread() [function.fread]: SSL: fatal protocol error in
/usr/local/lib/php/Net/Socket.php on line 262
Array ( [code] = 200 [headers] = Array ( [Date] = Tue, 05 Oct 2004
06:58:40 GMT [date] = Tue, 05 Oct 2004 06:58:40 GMT [X-Powered-By] =
ASP.NET [x-powered-by] = ASP.NET [cache-control] = private [pragma]
= no-cache [x-rim-content-location] =
/appdata/rim/idlescreen/carrier/brand [X-ContentSig] =
iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE [x-contentsig] =
iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE [Connection] =
close [connection] = close [Content-Type] = text/html [content-type]
= text/html [Cache-control] = private [Content-Encoding] = gzip
[content-encoding] = gzip [Transfer-Encoding] = chunked
[transfer-encoding] = chunked [Expires] = Wed, 01 Jan 1997 12:00:00
GMT [expires] = Wed, 01 Jan 1997 12:00:00 GMT [Vary] =
Accept-Encoding [vary] = Accept-Encoding ) [body] =


Previous Comments:


[2004-08-24 20:54:36] robert at osuosl dot org

I've noticed we've all dismissed this as a Microsoft IIS error, but
we've been receiving the same warning using Apache 1.3.31 and PHP 5.0.0
and PHP 5.0.1, configured with the following options:
./configure --with-mysql=shared,/usr --prefix=/usr
--with-apxs=/usr/bin/apxs-ssl --disable-rpath --with-layout=GNU
--with-pear=/usr/share/php --enable-ftp --with-gettext --enable-sockets
--with-zlib --with-kerberos=/usr --with-openssl
--with-exec-dir=/usr/lib/php5/libexec --with-dom=shared,/usr --with-xsl
--with-gettext

Have any apache users had this error and corrected it?



[2004-05-23 13:04:06] [EMAIL PROTECTED]

Stupid bug system...
The will be in the next snapshot from http://snaps.php.net.




[2004-05-23 13:02:46] [EMAIL PROTECTED]

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation
better.

This has just been fixed in CVS.

Note that due to the nature of the problem (eg: IIS being at fault),
there is no way for PHP to determine the difference between a
legitimate problem and a bogus IIS unless you are using the built-in
HTTP wrapper: we inspect the headers to determine if we should show the
warning or not.

So, if you are manually opening an SSL stream, you still need to
suppress the warning yourself based on the presence of Server:
Microsoft-IIS in the headers that you read.





[2004-05-03 17:56:01] grizu1 at gmx dot info

Hi,
this bug still exists on php4-STABLE-200405031430. ;-(

System:
- Linux (RedHat 8) 2.4.20-28.8 #1 Thu Dec 18 12:53:39 EST 2003 i686
i686 i386 GNU/Linux
- php4-STABLE-200405031430
- OpenSSL 0.9.6b

Configure command:
'./configure' '--with-apxs2=/usr/local/apache2/bin/apxs' '--with-mysql'
'--with-openssl' '--with-sapdb=/opt/sapdb/interfaces/odbc/'

php-script:
?php
$url = https://foo.bar;;
file_get_contents($url);
?

Output:
Warning: file_get_contents(): SSL: fatal protocol error in
/www/www.default.de/html/https2.php on line 3


Any help for me?

Greetings
grizu



[2004-04-30 15:03:05] obercik at poczta dot onet dot pl

PHP Version 5.0.0RC2

Configure Command   './configure' '--with-openssl' ...

if ( $fp = fopen(https://, r) ) {
while ( $row = fgets($fp, 1024) ) {
print($row);
}
fclose($fp);
}

Warning: fgets() [function.fgets]: SSL: fatal protocol error in
xxx.php on line xx

however it GETS the data...



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/23220

-- 
Edit this bug report at http://bugs.php.net/?id=23220edit=1

#23220 [Com]: IIS does not cleanly close SSL connections (SSL: fatal protocol error)

[robert at osuosl dot org]

 ID:   23220
 Comment by:   robert at osuosl dot org
 Reported By:  storozhilov at mail dot ru
 Status:   Closed
 Bug Type: OpenSSL related
 Operating System: *
 PHP Version:  4CVS
 New Comment:

I've noticed we've all dismissed this as a Microsoft IIS error, but
we've been receiving the same warning using Apache 1.3.31 and PHP 5.0.0
and PHP 5.0.1, configured with the following options:
./configure --with-mysql=shared,/usr --prefix=/usr
--with-apxs=/usr/bin/apxs-ssl --disable-rpath --with-layout=GNU
--with-pear=/usr/share/php --enable-ftp --with-gettext --enable-sockets
--with-zlib --with-kerberos=/usr --with-openssl
--with-exec-dir=/usr/lib/php5/libexec --with-dom=shared,/usr --with-xsl
--with-gettext

Have any apache users had this error and corrected it?


Previous Comments:


[2004-05-23 13:04:06] [EMAIL PROTECTED]

Stupid bug system...
The will be in the next snapshot from http://snaps.php.net.




[2004-05-23 13:02:46] [EMAIL PROTECTED]

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation
better.

This has just been fixed in CVS.

Note that due to the nature of the problem (eg: IIS being at fault),
there is no way for PHP to determine the difference between a
legitimate problem and a bogus IIS unless you are using the built-in
HTTP wrapper: we inspect the headers to determine if we should show the
warning or not.

So, if you are manually opening an SSL stream, you still need to
suppress the warning yourself based on the presence of Server:
Microsoft-IIS in the headers that you read.





[2004-05-03 17:56:01] grizu1 at gmx dot info

Hi,
this bug still exists on php4-STABLE-200405031430. ;-(

System:
- Linux (RedHat 8) 2.4.20-28.8 #1 Thu Dec 18 12:53:39 EST 2003 i686
i686 i386 GNU/Linux
- php4-STABLE-200405031430
- OpenSSL 0.9.6b

Configure command:
'./configure' '--with-apxs2=/usr/local/apache2/bin/apxs' '--with-mysql'
'--with-openssl' '--with-sapdb=/opt/sapdb/interfaces/odbc/'

php-script:
?php
$url = https://foo.bar;;
file_get_contents($url);
?

Output:
Warning: file_get_contents(): SSL: fatal protocol error in
/www/www.default.de/html/https2.php on line 3


Any help for me?

Greetings
grizu



[2004-04-30 15:03:05] obercik at poczta dot onet dot pl

PHP Version 5.0.0RC2

Configure Command   './configure' '--with-openssl' ...

if ( $fp = fopen(https://, r) ) {
while ( $row = fgets($fp, 1024) ) {
print($row);
}
fclose($fp);
}

Warning: fgets() [function.fgets]: SSL: fatal protocol error in
xxx.php on line xx

however it GETS the data...



[2004-04-30 06:24:55] mike dot davsi at temple dot edu

I'm seeing this against an apache server.  What version is this fixed
in? 

file_get_contents(https://.;);

PHP 4.3.2 (cgi), Copyright (c) 1997-2003 The PHP Group
Zend Engine v1.3.0, Copyright (c) 1998-2003 Zend Technologies

I have fixed it for now with error_reporting but would like to get a
true fix.



The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/23220

-- 
Edit this bug report at http://bugs.php.net/?id=23220edit=1