Edit report at https://bugs.php.net/bug.php?id=39571&edit=1
ID: 39571
Comment by: simoncpu at gmail dot com
Reported by: tim at tmcode dot com
Summary: fsockopen timeout param does not affect ssl/tls
handshake
Status: Closed
Type: Bug
Package: Sockets related
Operating System: Linux
PHP Version: 5CVS-2006-11-21 (CVS)
Block user comment: N
Private report: N
New Comment:
Revision 313616 of ext/openssl/xp_ssl.c fixes the problem, although it
apparently
has some side effects. =)
Previous Comments:
------------------------------------------------------------------------
[2011-09-19 06:34:03] simoncpu at gmail dot com
Hi,
I'd like to report that this still occurs in PHP 5.2.17. :( We came across
this
bug while using PEAR's XML_RPC_Client.
Thanks,
[ simon.cpu ]
------------------------------------------------------------------------
[2006-12-05 03:12:26] tim at tmcode dot com
Thank you for the quick fix, it is timing out correctly now.
------------------------------------------------------------------------
[2006-12-05 01:39:26] il...@php.net
This bug has been fixed in CVS.
Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
Thank you for the report, and for helping us make PHP better.
------------------------------------------------------------------------
[2006-12-04 23:30:27] tim at tmcode dot com
Not to be a pain and beat a dead horse but I still think this is a PHP issue.
OpenSSL is a very common SSL library. A long list of popular packages such as
Curl, wget, links, etc all use openssl. And all of them (that I've taken the
time to test) are able to timeout correctly in the situation I've described.
Just as an example, a quick look at the libcurl source shows that they use the
same technique to timeout the connection as I have described. Granted their
code is a little more polished than my patch, but the idea is the same. They
put the underlying socket into non-blocking mode, and then loop SSL_connect()
until the timeout is reached. Using non-blocking mode to enforce a timeout was
how I was taught to do it ages ago in school. If it were a "hack" than I would
assume the folks at curl would have done it the right way and patched openssl.
The reason this bug is such a problem for me is that we make heavy use of soap
calls to other systems. Combine that with heavy traffic and everything
snowballs when one of these remote soap servers choke. We can't be the only
ones wanting PHP to die gracefully when things go wrong.
Having a timeout parameter that doesn't always timeout is a bug. And blaiming
it on an underlying library does not change the fact that something that should
work in PHP does not.
Also, I wasn't clear about the scope of this bug. It does effect *all* https
stream related functionalty including file_get_contents, SoapClient, etc. It
also prevents max_execution_time from being enforced.
------------------------------------------------------------------------
[2006-12-02 17:04:12] il...@php.net
Sorry, but your problem does not imply a bug in PHP itself. For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. Due to the volume
of reports we can not explain in detail here why your report is not
a bug. The support channels will be able to provide an explanation
for you.
Thank you for your interest in PHP.
It would be one thing to use SSL function or parameter to
enforce the timeout, but what you suggest seems like a hack
(that may have many stability side-effects) to overcome
limitation of the underlying library. My suggestion would be
to make a feature request to the OpenSSL folks to add a
timeout parameter and once it is there, PHP will certainly use
it with the supported version of the lib.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=39571
--
Edit this bug report at https://bugs.php.net/bug.php?id=39571&edit=1
