From: Operating system: Linux (Ubuntu) PHP version: 5.3.3 Package: OpenSSL related Bug Type: Bug Bug description:Cannot disable SessionTicket extension for servers that do not support it
Description: ------------ This bug originated here: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/592442 As noted in the bug discussion, servers that do not properly support the SessionTicket extension added in openssl 0.9.8n and later will produce an error. Users should have the ability to disable this extension, much like the openssl s_client utility does by passing -no_ticket. With the test script below, if php is compiled against openssl < 0.9.8n (such as 0.9.8g) will print the actual HTTP result on all three servers, but with >= 0.9.8n, will fail with SSL errors. Test script: --------------- <?php $urls = array("https://cas.ucdavis.edu/login";, "https://server.db.kvk.nl/";, "https://gmail.com/";); foreach ($urls as $url) { $fp = fopen($url, 'r'); print "$url - "; if ($fp === FALSE) { print "FAIL\n"; } else { $data = stream_get_contents($fp); print "OK ". strlen($data)." bytes\n"; } fclose($fp); } Expected result: ---------------- https://cas.ucdavis.edu/login - OK 4796 bytes Warning: fopen(https://server.db.kvk.nl/): failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden in /home/clint/test.php on line 6 https://server.db.kvk.nl/ - FAIL Warning: fclose(): supplied argument is not a valid stream resource in /home/clint/test.php on line 14 https://gmail.com/ - OK 19059 bytes Actual result: -------------- # php test.php PHP Warning: fopen(): SSL operation failed with code 1. OpenSSL Error messages: error:140773F2:SSL routines:func(119):reason(1010) in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 6 PHP Warning: fopen(): Failed to enable crypto in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 6 PHP Warning: fopen(https://cas.ucdavis.edu/login): failed to open stream: operation failed in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 6 https://cas.ucdavis.edu/login - FAIL PHP Warning: fclose() expects parameter 1 to be resource, boolean given in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 14 PHP Warning: fopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1407741A:SSL routines:func(119):reason(1050) in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 6 PHP Warning: fopen(): Failed to enable crypto in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 6 PHP Warning: fopen(https://server.db.kvk.nl/): failed to open stream: operation failed in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 6 https://server.db.kvk.nl/ - FAIL PHP Warning: fclose() expects parameter 1 to be resource, boolean given in /home/clint/pkg/php5/bzr/natty-php-ssl-fix/test.php on line 14 https://gmail.com/ - OK 19061 bytes -- Edit bug report at http://bugs.php.net/bug.php?id=53447&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=53447&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=53447&r=trysnapshot53 Try a snapshot (trunk): http://bugs.php.net/fix.php?id=53447&r=trysnapshottrunk Fixed in SVN: http://bugs.php.net/fix.php?id=53447&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=53447&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=53447&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=53447&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=53447&r=needscript Try newer version: http://bugs.php.net/fix.php?id=53447&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=53447&r=support Expected behavior: http://bugs.php.net/fix.php?id=53447&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=53447&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=53447&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=53447&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=53447&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=53447&r=dst IIS Stability: http://bugs.php.net/fix.php?id=53447&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=53447&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=53447&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=53447&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=53447&r=mysqlcfg
