Edit report at http://bugs.php.net/bug.php?id=52106&edit=1
ID: 52106 User updated by: sc0ttbeardsley at gmail dot com Reported by: sc0ttbeardsley at gmail dot com Summary: fopen fails on some SSL urls Status: Open Type: Bug -Package: HTTP related +Package: OpenSSL related Operating System: Ubuntu Lucid/Maverick PHP Version: 5.3.2 New Comment: This might not be an fopen() problem. The following code won't work either: <?php $fp = fsockopen("ssl://cas.ucdavis.edu", 443, $errno, $errstr, 30); if (!$fp) { echo "$errstr ($errno)<br />\n"; } else { $out = "GET /cas/login HTTP/1.1\r\n"; $out .= "Host: cas.ucdavis.edu\r\n"; $out .= "Connection: Close\r\n\r\n"; fwrite($fp, $out); while (!feof($fp)) { echo fgets($fp, 128); } fclose($fp); } ?> $ php bug2.php The following is printed: PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:140773F2:SSL routines:func(119):reason(1010) in bug2.php on line 2 PHP Warning: fsockopen(): Failed to enable crypto in bug2.php on line 2 PHP Warning: fsockopen(): unable to connect to ssl://cas.ucdavis.edu:443 (Unknown error) in bug2.php on line 2 (0)<br /> $ Previous Comments: ------------------------------------------------------------------------ [2010-06-17 00:10:18] sc0ttbeardsley at gmail dot com Description: ------------ This bug is being filed as requested on the Ubuntu bug tracker see[1]. I'm having problems running the script below using the version of php5 that comes with Lucid (Clint Byrum reproduced it in Maverick and the php5 svn). For some reason this is only happening on one of our servers. Whenever I try to run fopen() against it I get a "SSL operation failed with code 1. OpenSSL Error messages: error:140773F2:SSL routines:func(119):reason(1010)" message. I attached a tcpdump of a similar transaction (instead of yale it was google) here[2]. As you can see from the dump, Google is working but my server is not. I get an SSL alert packet (packet #29) back with SSL code 10 (unexpected message). I can't seem to reproduce it on other HTTPS servers (yet). What is funny is that I get an ACK right before that. It seems like maybe the server is sending an ACK, client starts talking, server isn't ready and sends an out-of-order message. I'm not sure if it is my https server that is barfing or it is fopen() that is sending the wrong packets. This script works fine on karmic (PHP 5.2.10-2ubuntu6.4), Scott ------------ [1] https://bugs.launchpad.net/ubuntu/+source/php5/+bug/592442 [2] http://launchpadlibrarian.net/50098267/out.dump Test script: --------------- <?php $ctx = stream_context_create(array('ssl'=>array('verify_peer'=>true, 'capath'=>'/etc/ssl/certs'))); $uris = array( "https://cas.ucdavis.edu/login", "https://www.google.com/",); $uris = array ( "https://cas.ucdavis.edu/cas/login","https://secure.its.yale.edu/cas/login", ); foreach ($uris as &$uri) { print "checking $uri\n"; fopen("$uri",'r',false,$ctx); } ?> Expected result: ---------------- checking https://cas.ucdavis.edu/cas/login checking https://secure.its.yale.edu/cas/login Actual result: -------------- checking https://cas.ucdavis.edu/cas/login PHP Warning: fopen(): SSL operation failed with code 1. OpenSSL Error messages: error:140773F2:SSL routines:func(119):reason(1010) in /root/bug.php on line 10 PHP Warning: fopen(): Failed to enable crypto in /root/bug.php on line 10 PHP Warning: fopen(https://cas.ucdavis.edu/cas/login): failed to open stream: operation failed in /root/bug.php on line 10 checking https://secure.its.yale.edu/cas/login ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=52106&edit=1