Edit report at http://bugs.php.net/bug.php?id=41631&edit=1
ID: 41631
Comment by: mgallelli at gmail dot com
Reported by: david at acz dot org
Summary: default_socket_timeout does not work with SSL
Status: Assigned
Type: Bug
Package: OpenSSL related
Operating System: *
PHP Version: 5.2, 5.3
Assigned To: pajoye
Block user comment: N
Private report: N
New Comment:
Hi,
i've tested on 5.2.17 and 5.3.2 with the same result.
As described i've used this script:
time php -n -r 'ini_set("default_socket_timeout", 1);
fopen("https://mydomain.it/sleep.php";, "r");'
but it doesn't wait 1 sec but 15 as into sleep.php page.
Previous Comments:
------------------------------------------------------------------------
[2011-03-28 23:51:34] arkadi dot shishlov at gmail dot com
A simple solution is to use HAProxy to proxy SSL partner services. Works
for me.
defaults
mode tcp
contimeout 5000
clitimeout 30000
srvtimeout 30000
listen service.gjensidigebaltic.lv 127.0.0.1:10001
dispatch 193.111.247.167:443
listen services.seesam.lv 127.0.0.1:10007
dispatch 217.28.49.7:443
------------------------------------------------------------------------
[2011-01-04 00:53:51] guyphp at yahoo dot com
This bug has caused us a lot of headaches due to hung connections from
partners
stacking and eventually taking down entire webservers. During high
traffic
periods, it doesn't take long for these to reach critical mass. Is
there any ETA
on when this bug will find its way into stable builds? Like many, our
managed
hosting provider doesn't support patches - we need a stable build with
the fix
integrated.
We are seeing this problem on 5.2.13, RHEL 5.5.
------------------------------------------------------------------------
[2010-11-19 15:43:21] chrisw at networkm dot co dot uk
Cannot reproduce this on Windows Server 2003 R2 Enterprise/PHP 5.2.9-2
fopen() returns after $default_socket_timeout seconds if the server does
not respond.
------------------------------------------------------------------------
[2010-06-13 15:12:55] [email protected]
Pierre, doesn't the attached patch fix this issue?
------------------------------------------------------------------------
[2010-03-15 10:33:47] jason at kapoks dot co dot uk
Had this issue over the weekend with 5.2.10.
Essentially this means our entire service is vulnerable to Denial of
Service.
Linux localhost.localdomain 2.6.18-164.el5 #1 SMP Thu Sep 3 03:33:56 EDT
2009 i686 i686 i386 GNU/Linux
CentOS release 5.3 (Final)
PHP 5.2.10 (cli) (built: Jun 21 2009 11:10:43)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
with Zend Extension Manager v1.2.2, Copyright (c) 2003-2007, by Zend
Technologies
with Zend Optimizer v3.3.3, Copyright (c) 1998-2007, by Zend
Technologies
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/bug.php?id=41631
--
Edit this bug report at http://bugs.php.net/bug.php?id=41631&edit=1
