ID: 23220
Comment by: jr-php2 at quo dot to
Reported By: storozhilov at mail dot ru
Status: Closed
Bug Type: OpenSSL related
Operating System: *
PHP Version: 4CVS
New Comment:
This seems to have been dismissed as an IIS bug, but I'm seeing the
error when connecting to an *Apache* server. Please try this code on
PHP 4.3.9:
$f = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr,
30);
if (!$f) die('fsockopen failed');
fputs($f, "GET / HTTP/1.0\r\n\r\n");
while (($s = fgets($f, 4096)) !== false) {
echo $s;
}
About 50% of the time, it emits:
Warning: fgets(): SSL: fatal protocol error in
/data/web/main/ssl-test.php on line 6
despite the server being:
Server: Apache/1.3.27 (Unix) mod_ssl/2.8.12 OpenSSL/0.9.7a PHP/4.3.2
Previous Comments:
------------------------------------------------------------------------
[2004-10-05 14:21:34] [EMAIL PROTECTED]
jon at latchkey dot com:
ask the authors of those packages to read this report and fix their
code. It is not a PHP bug.
------------------------------------------------------------------------
[2004-10-05 09:19:03] jon at latchkey dot com
I'm seeing this in 5.0.2 using HTTP_Client-1.0.0 and
HTTP_Request-1.2.3, Net_Socket-1.0.2.
require_once 'HTTP/Client.php';
$url = 'https://wipcore.t-mobile.com/login';
$data = array(
txtMSISDN=>'myphonenumber',
txtPassword=>'mypassword',
tmobile=>'true',
chkRemember=>'chkRemember',
hdnAOL=>'');
$client = new HTTP_Client();
$response = $client->post($url, $data);
$response = $client->currentResponse();
print_r($response);
?>
Warning: fread() [function.fread]: SSL: fatal protocol error in
/usr/local/lib/php/Net/Socket.php on line 262
Array ( [code] => 200 [headers] => Array ( [Date] => Tue, 05 Oct 2004
06:58:40 GMT [date] => Tue, 05 Oct 2004 06:58:40 GMT [X-Powered-By] =>
ASP.NET [x-powered-by] => ASP.NET [cache-control] => private [pragma]
=> no-cache [x-rim-content-location] =>
"/appdata/rim/idlescreen/carrier/brand" [X-ContentSig] =>
"iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE" [x-contentsig] =>
"iQA/AwUAjc1EX/glq1oAoLnzxyr1/ldOXKnENFEa88tQ+IIE" [Connection] =>
close [connection] => close [Content-Type] => text/html [content-type]
=> text/html [Cache-control] => private [Content-Encoding] => gzip
[content-encoding] => gzip [Transfer-Encoding] => chunked
[transfer-encoding] => chunked [Expires] => Wed, 01 Jan 1997 12:00:00
GMT [expires] => Wed, 01 Jan 1997 12:00:00 GMT [Vary] =>
Accept-Encoding [vary] => Accept-Encoding ) [body] =>
------------------------------------------------------------------------
[2004-08-24 20:54:36] robert at osuosl dot org
I've noticed we've all dismissed this as a Microsoft IIS error, but
we've been receiving the same warning using Apache 1.3.31 and PHP 5.0.0
and PHP 5.0.1, configured with the following options:
./configure --with-mysql=shared,/usr --prefix=/usr
--with-apxs=/usr/bin/apxs-ssl --disable-rpath --with-layout=GNU
--with-pear=/usr/share/php --enable-ftp --with-gettext --enable-sockets
--with-zlib --with-kerberos=/usr --with-openssl
--with-exec-dir=/usr/lib/php5/libexec --with-dom=shared,/usr --with-xsl
--with-gettext
Have any apache users had this error and corrected it?
------------------------------------------------------------------------
[2004-05-23 13:04:06] [EMAIL PROTECTED]
Stupid bug system...
The will be in the next snapshot from http://snaps.php.net.
------------------------------------------------------------------------
[2004-05-23 13:02:46] [EMAIL PROTECTED]
This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.
Thank you for the report, and for helping us make our documentation
better.
This has just been fixed in CVS.
Note that due to the nature of the problem (eg: IIS being at fault),
there is no way for PHP to determine the difference between a
legitimate problem and a bogus IIS unless you are using the built-in
HTTP wrapper: we inspect the headers to determine if we should show the
warning or not.
So, if you are manually opening an SSL stream, you still need to
suppress the warning yourself based on the presence of "Server:
Microsoft-IIS" in the headers that you read.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/23220
--
Edit this bug report at http://bugs.php.net/?id=23220&edit=1
