I've come across a bug in PHP 5.2 that has been causing issues when I try to use httprl to do an HTTPS POST:
"When opening a socket connection with stream_socket_client() and the ssl:// wrapper, the connect-asynchronously flag (STREAM_CLIENT_ASYNC_CONNECT) causes ssl encryption to fail."
Full details and the patch for PHP 5.2.11 are here: https://bugs.php.net/bug.php?id=48182
The impact of this is that traffic destined for https://server:443/ silently ends up being sent insecurely to http://server:443/. I was alerted to this by the remote server erroring with "The plain HTTP request was sent to HTTPS port" when I switched from using drupal_http_request to httprl_request.
I've included a patch which works for me but will need review as I haven't tested it outside my particular use case.
Comment | File | Size | Author |
---|---|---|---|
#5 | httprl-1351238-5.patch | 1.69 KB | mikeytown2 |
#3 | httprl.async_.ssl_.patch | 1.39 KB | serenecloud |
#2 | httprl.async_.ssl_.patch | 1.39 KB | serenecloud |
httprl.async_.ssl_.patch | 1.27 KB | serenecloud |
Comments
Comment #1
mikeytown2 CreditAttribution: mikeytown2 commentedSo this has been fixed in php versions 5.2.12 and up, is that correct? Can you add some code that conditionally does the work around based off of the PHP version?
EDIT: Looks like php 5.3.0 is also effected after quickly reading the bug report. The final patch will need to take this into account.
Comment #2
serenecloud CreditAttribution: serenecloud commentedThe patches were released in 5.2.11 and 5.3.1 to fix the bug: http://www.php.net/ChangeLog-5.php
Attached a new patch. This one checks the PHP version if you're doing HTTPS requests.
Edit: Ignore this patch, it's got a syntax error.
Comment #3
serenecloud CreditAttribution: serenecloud commentedProper patch this time.
Comment #4
mikeytown2 CreditAttribution: mikeytown2 commentedComment #5
mikeytown2 CreditAttribution: mikeytown2 commentedThis is the patch that has been committed. Thanks for your hard work on this issue!