php-general Digest 7 Mar 2012 08:58:19 -0000 Issue 7715
Topics (messages 316923 through 316931):
no traffic
316923 by: Lawrence Decker
316924 by: Charles
316925 by: Mike Mackintosh
316926 by: Frank Arensmeier
316927 by: Lawrence Decker
316928 by: Lawrence Decker
316929 by: Charles
316930 by: Lawrence Decker
cURL and SSL
316931 by: Sasan Rose
Administrivia:
To subscribe to the digest, e-mail:
php-general-digest-subscr...@lists.php.net
To unsubscribe from the digest, e-mail:
php-general-digest-unsubscr...@lists.php.net
To post to the list, e-mail:
php-gene...@lists.php.net
----------------------------------------------------------------------
--- Begin Message ---
I've been playing with PHP for about 6 years and I have no idea why this is
happening... I've been writing a script to auth to AD. When I run the
script on my dev box, nothing. I have wireshark running in the background
on the dev box, I can see the script's traffic go out and hit the DNS
server but no other traffic. Command line, no problem talking to other
hosts with whatever port I'm trying to hit. On my box, all the scripts
work fine. LDAP is enabled, but I can't hit ANY port other than DNS and if
I use the IP in the script, I see no traffic. Both are FC16-64 patched as
of last week. I matched line-by-line in the phpinfo() on my box and the dev
box - no difference. Used this script to try any port open on other hosts
but no traffic shows up in wireshark!! Any ideas????
Lawrence
<?php
function ping($host,$post=25,$timeout=6)
{
$fsock = fsockopen($host, $port, $errno, $errstr, $timeout);
if ( ! $fsock )
{
return FALSE;
}
else
{
return TRUE;
}
}
/* check if the host is up $host can also be an ip address */
$host = 'mail.bac.com';
$up = ping($host);
/* optionally display either a red or green image to signify the server
status */
echo '<img src="'.($up ? 'on' : 'off').'.jpg" alt="'.($up ? 'up' :
'down').'" />';
?>
or this one
<?php
//using ldap bind anonymously
// connect to ldap server
$ldapconn = ldap_connect("10.13.3.10")
or die("Could not connect to LDAP server.");
if ($ldapconn) {
// binding anonymously
$ldapbind = ldap_bind($ldapconn);
if ($ldapbind) {
echo "LDAP bind anonymous successful...";
} else {
echo "LDAP bind anonymous failed...";
}
}
?>
phpinfo()
LDAP Support enabled RCS Version $Id: ldap.c 321634 2012-01-01 13:15:04Z
felipe $ Total Links 0/unlimited API Version 3001 Vendor Name OpenLDAP Vendor
Version 20426 SASL Support Enabled
--- End Message ---
--- Begin Message ---
On Tue, Mar 6, 2012 at 8:55 PM, Lawrence Decker <lld0...@gmail.com> wrote:
> I've been playing with PHP for about 6 years and I have no idea why this is
> happening... I've been writing a script to auth to AD. When I run the
> script on my dev box, nothing. I have wireshark running in the background
> on the dev box, I can see the script's traffic go out and hit the DNS
> server but no other traffic. Command line, no problem talking to other
> hosts with whatever port I'm trying to hit. On my box, all the scripts
> work fine. LDAP is enabled, but I can't hit ANY port other than DNS and if
> I use the IP in the script, I see no traffic. Both are FC16-64 patched as
> of last week. I matched line-by-line in the phpinfo() on my box and the dev
> box - no difference. Used this script to try any port open on other hosts
> but no traffic shows up in wireshark!! Any ideas????
Have you checked that it's not a firewall problem? e.g. by running
# telnet server-ip ldap
--- End Message ---
--- Begin Message ---
On Mar 6, 2012, at 8:55, Lawrence Decker <lld0...@gmail.com> wrote:
> I've been playing with PHP for about 6 years and I have no idea why this is
> happening... I've been writing a script to auth to AD. When I run the
> script on my dev box, nothing. I have wireshark running in the background
> on the dev box, I can see the script's traffic go out and hit the DNS
> server but no other traffic. Command line, no problem talking to other
> hosts with whatever port I'm trying to hit. On my box, all the scripts
> work fine. LDAP is enabled, but I can't hit ANY port other than DNS and if
> I use the IP in the script, I see no traffic. Both are FC16-64 patched as
> of last week. I matched line-by-line in the phpinfo() on my box and the dev
> box - no difference. Used this script to try any port open on other hosts
> but no traffic shows up in wireshark!! Any ideas????
>
>
> Lawrence
>
>
>
> <?php
> function ping($host,$post=25,$timeout=6)
>
> {
> $fsock = fsockopen($host, $port, $errno, $errstr, $timeout);
> if ( ! $fsock )
> {
> return FALSE;
> }
> else
> {
> return TRUE;
> }
> }
>
> /* check if the host is up $host can also be an ip address */
> $host = 'mail.bac.com';
> $up = ping($host);
>
> /* optionally display either a red or green image to signify the server
> status */
> echo '<img src="'.($up ? 'on' : 'off').'.jpg" alt="'.($up ? 'up' :
> 'down').'" />';
>
> ?>
>
>
> or this one
>
>
>
> <?php
>
> //using ldap bind anonymously
>
> // connect to ldap server
> $ldapconn = ldap_connect("10.13.3.10")
> or die("Could not connect to LDAP server.");
>
> if ($ldapconn) {
>
> // binding anonymously
> $ldapbind = ldap_bind($ldapconn);
>
> if ($ldapbind) {
> echo "LDAP bind anonymous successful...";
> } else {
> echo "LDAP bind anonymous failed...";
> }
>
> }
>
> ?>
>
>
>
> phpinfo()
>
> LDAP Support enabled RCS Version $Id: ldap.c 321634 2012-01-01 13:15:04Z
> felipe $ Total Links 0/unlimited API Version 3001 Vendor Name OpenLDAP Vendor
> Version 20426 SASL Support Enabled
How many interfaces are on your box? From the cli can you telnet 10.13.3.10 389
Also do a netstat -na | grep 389
What returns, any open outgoing sockets?
Mike Mackintosh
ZCE PHP5.3
www.highonphp.com
--- End Message ---
--- Begin Message ---
6 mar 2012 kl. 15.29 skrev Mike Mackintosh:
> On Mar 6, 2012, at 8:55, Lawrence Decker <lld0...@gmail.com> wrote:
>
>> I've been playing with PHP for about 6 years and I have no idea why this is
>> happening... I've been writing a script to auth to AD. When I run the
>> script on my dev box, nothing. I have wireshark running in the background
>> on the dev box, I can see the script's traffic go out and hit the DNS
>> server but no other traffic. Command line, no problem talking to other
>> hosts with whatever port I'm trying to hit. On my box, all the scripts
>> work fine. LDAP is enabled, but I can't hit ANY port other than DNS and if
>> I use the IP in the script, I see no traffic. Both are FC16-64 patched as
>> of last week. I matched line-by-line in the phpinfo() on my box and the dev
>> box - no difference. Used this script to try any port open on other hosts
>> but no traffic shows up in wireshark!! Any ideas????
>>
>>
>> Lawrence
>>
>>
>>
>> <?php
>> function ping($host,$post=25,$timeout=6)
>>
>> {
>> $fsock = fsockopen($host, $port, $errno, $errstr, $timeout);
>> if ( ! $fsock )
>> {
>> return FALSE;
>> }
>> else
>> {
>> return TRUE;
>> }
>> }
Have you noticed that you have a typo in your function? '$post' should be
'$port'...
/frank
--- End Message ---
--- Begin Message ---
I can cli to any host/port that's open, firewall's wide open
fc-lawrence:~># telnet ad1.bac.com 389
Trying 10.13.3.10...
Connected to ad1.bac.com.
Escape character is '^]'.
^CConnection closed by foreign host.
# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
On Tue, Mar 6, 2012 at 9:29 AM, Mike Mackintosh <
mike.mackint...@angrystatic.com> wrote:
> On Mar 6, 2012, at 8:55, Lawrence Decker <lld0...@gmail.com> wrote:
>
> > I've been playing with PHP for about 6 years and I have no idea why this
> is
> > happening... I've been writing a script to auth to AD. When I run the
> > script on my dev box, nothing. I have wireshark running in the
> background
> > on the dev box, I can see the script's traffic go out and hit the DNS
> > server but no other traffic. Command line, no problem talking to other
> > hosts with whatever port I'm trying to hit. On my box, all the scripts
> > work fine. LDAP is enabled, but I can't hit ANY port other than DNS and
> if
> > I use the IP in the script, I see no traffic. Both are FC16-64 patched
> as
> > of last week. I matched line-by-line in the phpinfo() on my box and the
> dev
> > box - no difference. Used this script to try any port open on other
> hosts
> > but no traffic shows up in wireshark!! Any ideas????
> >
> >
> > Lawrence
> >
> >
> >
> > <?php
> > function ping($host,$post=25,$timeout=6)
> >
> > {
> > $fsock = fsockopen($host, $port, $errno, $errstr, $timeout);
> > if ( ! $fsock )
> > {
> > return FALSE;
> > }
> > else
> > {
> > return TRUE;
> > }
> > }
> >
> > /* check if the host is up $host can also be an ip address */
> > $host = 'mail.bac.com';
> > $up = ping($host);
> >
> > /* optionally display either a red or green image to signify the server
> > status */
> > echo '<img src="'.($up ? 'on' : 'off').'.jpg" alt="'.($up ? 'up' :
> > 'down').'" />';
> >
> > ?>
> >
> >
> > or this one
> >
> >
> >
> > <?php
> >
> > //using ldap bind anonymously
> >
> > // connect to ldap server
> > $ldapconn = ldap_connect("10.13.3.10")
> > or die("Could not connect to LDAP server.");
> >
> > if ($ldapconn) {
> >
> > // binding anonymously
> > $ldapbind = ldap_bind($ldapconn);
> >
> > if ($ldapbind) {
> > echo "LDAP bind anonymous successful...";
> > } else {
> > echo "LDAP bind anonymous failed...";
> > }
> >
> > }
> >
> > ?>
> >
> >
> >
> > phpinfo()
> >
> > LDAP Support enabled RCS Version $Id: ldap.c 321634 2012-01-01 13:15:04Z
> > felipe $ Total Links 0/unlimited API Version 3001 Vendor Name OpenLDAP
> Vendor
> > Version 20426 SASL Support Enabled
>
> How many interfaces are on your box? From the cli can you telnet
> 10.13.3.10 389
>
> Also do a netstat -na | grep 389
>
> What returns, any open outgoing sockets?
>
> Mike Mackintosh
> ZCE PHP5.3
> www.highonphp.com
--- End Message ---
--- Begin Message ---
Thanks Franks, corrected but still same problem...
On Tue, Mar 6, 2012 at 9:33 AM, Frank Arensmeier <farensme...@gmail.com>wrote:
>
> 6 mar 2012 kl. 15.29 skrev Mike Mackintosh:
>
> > On Mar 6, 2012, at 8:55, Lawrence Decker <lld0...@gmail.com> wrote:
> >
> >> I've been playing with PHP for about 6 years and I have no idea why
> this is
> >> happening... I've been writing a script to auth to AD. When I run the
> >> script on my dev box, nothing. I have wireshark running in the
> background
> >> on the dev box, I can see the script's traffic go out and hit the DNS
> >> server but no other traffic. Command line, no problem talking to other
> >> hosts with whatever port I'm trying to hit. On my box, all the scripts
> >> work fine. LDAP is enabled, but I can't hit ANY port other than DNS
> and if
> >> I use the IP in the script, I see no traffic. Both are FC16-64 patched
> as
> >> of last week. I matched line-by-line in the phpinfo() on my box and the
> dev
> >> box - no difference. Used this script to try any port open on other
> hosts
> >> but no traffic shows up in wireshark!! Any ideas????
> >>
> >>
> >> Lawrence
> >>
> >>
> >>
> >> <?php
> >> function ping($host,$post=25,$timeout=6)
> >>
> >> {
> >> $fsock = fsockopen($host, $port, $errno, $errstr, $timeout);
> >> if ( ! $fsock )
> >> {
> >> return FALSE;
> >> }
> >> else
> >> {
> >> return TRUE;
> >> }
> >> }
>
> Have you noticed that you have a typo in your function? '$post' should be
> '$port'...
>
> /frank
>
>
--- End Message ---
--- Begin Message ---
On Tue, Mar 6, 2012 at 8:55 PM, Lawrence Decker <lld0...@gmail.com> wrote:
> I've been playing with PHP for about 6 years and I have no idea why this is
> happening... I've been writing a script to auth to AD. When I run the
> script on my dev box, nothing. I have wireshark running in the background
> on the dev box, I can see the script's traffic go out and hit the DNS
> server but no other traffic. Command line, no problem talking to other
> hosts with whatever port I'm trying to hit. On my box, all the scripts
> work fine. LDAP is enabled, but I can't hit ANY port other than DNS and if
> I use the IP in the script, I see no traffic. Both are FC16-64 patched as
> of last week. I matched line-by-line in the phpinfo() on my box and the dev
> box - no difference. Used this script to try any port open on other hosts
> but no traffic shows up in wireshark!! Any ideas????
Do you have selinux enabled on your dev box?
--- End Message ---
--- Begin Message ---
YEAHHHH that was it!!! Yes, selinux is enabled. Checked the selinux log,
and saw all the connection failures with httpd... Excellent, thanks it's
been driving me nuts!!!
On Tue, Mar 6, 2012 at 10:13 AM, Charles <peac...@gmail.com> wrote:
> On Tue, Mar 6, 2012 at 8:55 PM, Lawrence Decker <lld0...@gmail.com> wrote:
> > I've been playing with PHP for about 6 years and I have no idea why this
> is
> > happening... I've been writing a script to auth to AD. When I run the
> > script on my dev box, nothing. I have wireshark running in the
> background
> > on the dev box, I can see the script's traffic go out and hit the DNS
> > server but no other traffic. Command line, no problem talking to other
> > hosts with whatever port I'm trying to hit. On my box, all the scripts
> > work fine. LDAP is enabled, but I can't hit ANY port other than DNS and
> if
> > I use the IP in the script, I see no traffic. Both are FC16-64 patched
> as
> > of last week. I matched line-by-line in the phpinfo() on my box and the
> dev
> > box - no difference. Used this script to try any port open on other
> hosts
> > but no traffic shows up in wireshark!! Any ideas????
>
> Do you have selinux enabled on your dev box?
>
--- End Message ---
--- Begin Message ---
Hi,
I want to change a SOAP call to curl due to ssl timeout bug of PHP Soap.
My PHP version is PHP 5.2.6-1+lenny13 with Suhosin-Patch 0.9.6.2. I'm
using the following SOAP call and it's handling SSL very good:
$client = new SoapClient('https://92.42.55.82:8442', array('trace' =>
True, 'local_cert' => 'BehnamCa/newkey.pem'));
But when i want to use cURL and overwrite the __doRequest function using
the following code:
$curl = curl_init($location);
curl_setopt($curl, CURLOPT_VERBOSE, TRUE);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($curl, CURLOPT_POST, TRUE);
curl_setopt($curl, CURLOPT_POSTFIELDS, $request);
curl_setopt($curl, CURLOPT_HEADER, FALSE);
curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: text/xml"));
curl_setopt($curl, CURLOPT_TIMEOUT, $this->timeout);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($curl, CURLOPT_CAPATH, '/home/sasan/CA2/BehnamCa/');
curl_setopt($curl, CURLOPT_SSLCERT, '/home/sasan/CA2/BehnamCa/newkey.pem');
curl_setopt($curl, CURLOPT_SSLCERTTYPE, 'PEM');
curl_setopt($curl, CURLOPT_SSLKEY, '/home/sasan/CA2/BehnamCa/private.key');
curl_setopt($curl, CURLOPT_CAINFO, '/home/sasan/CA2/BehnamCa/private.crt');
$response = curl_exec($curl);
I'm receiving the following:
* About to connect() to 92.X.X.X port 8443 (#0)
* Trying 92.X.X.X... * connected
* Connected to 92.X.X.X (92.X.X.X) port 8443 (#0)
* successfully set certificate verify locations:
* CAfile: /home/sasan/CA2/BehnamCa/private.crt
CApath: /home/sasan/CA2/BehnamCa/
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed
* Closing connection #0
string(146) "SSL certificate problem, verify that the CA cert is OK.
Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed"
As you can see, i'm trying every possible way to tell curl about my
keys, but still no success. Am i doing something wrong or this is a bug?
--
Best Regards
Sasan Rose
signature.asc
Description: OpenPGP digital signature
--- End Message ---
