I've come across a bug in PHP 5.2 that has been causing issues when I try to use httprl to do an HTTPS POST:

"When opening a socket connection with stream_socket_client() and the ssl:// wrapper, the connect-asynchronously flag (STREAM_CLIENT_ASYNC_CONNECT) causes ssl encryption to fail."
Full details and the patch for PHP 5.2.11 are here: https://bugs.php.net/bug.php?id=48182

The impact of this is that traffic destined for https://server:443/ silently ends up being sent insecurely to http://server:443/. I was alerted to this by the remote server erroring with "The plain HTTP request was sent to HTTPS port" when I switched from using drupal_http_request to httprl_request.

I've included a patch which works for me but will need review as I haven't tested it outside my particular use case.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

mikeytown2’s picture

Status: Active » Needs work

So this has been fixed in php versions 5.2.12 and up, is that correct? Can you add some code that conditionally does the work around based off of the PHP version?

...
  static $php;
  if (!isset($php)) {
    $php = version_compare(PHP_VERSION, '5.2.12', '>=');
  }
  if ($uri['scheme'] == 'https' && !$php) {
...

EDIT: Looks like php 5.3.0 is also effected after quickly reading the bug report. The final patch will need to take this into account.

serenecloud’s picture

FileSize
1.39 KB

The patches were released in 5.2.11 and 5.3.1 to fix the bug: http://www.php.net/ChangeLog-5.php

Attached a new patch. This one checks the PHP version if you're doing HTTPS requests.

Edit: Ignore this patch, it's got a syntax error.

serenecloud’s picture

FileSize
1.39 KB

Proper patch this time.

mikeytown2’s picture

Status: Needs work » Needs review
mikeytown2’s picture

Status: Needs review » Fixed
FileSize
1.69 KB

This is the patch that has been committed. Thanks for your hard work on this issue!

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.