mirror of
https://github.com/php/php-src.git
synced 2024-09-21 18:07:23 +00:00
Fixed bug #78775
Clear the OpenSSL error queue before performing SSL stream operations. As we don't control all code that could possibly be using OpenSSL, we can't rely on the error queue being empty.
This commit is contained in:
parent
e29922f054
commit
4f984a2fdb
4
NEWS
4
NEWS
@ -26,6 +26,10 @@ PHP NEWS
|
||||
non-ascii characters). (mhagstrand)
|
||||
. Fixed bug #78747 (OpCache corrupts custom extension result). (Nikita)
|
||||
|
||||
- OpenSSL:
|
||||
. Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted
|
||||
connections). (Nikita)
|
||||
|
||||
- Reflection:
|
||||
. Fixed bug #78697 (ReflectionClass::ImplementsInterface - inaccurate error
|
||||
message with traits). (villfa)
|
||||
|
34
ext/curl/tests/bug78775.phpt
Normal file
34
ext/curl/tests/bug78775.phpt
Normal file
@ -0,0 +1,34 @@
|
||||
--TEST--
|
||||
Bug #78775: TLS issues from HTTP request affecting other encrypted connections
|
||||
--SKIPIF--
|
||||
<?php
|
||||
if (!extension_loaded('curl')) die('skip Requires curl');
|
||||
if (getenv('SKIP_ONLINE_TESTS')) die('skip Online test');
|
||||
?>
|
||||
--FILE--
|
||||
<?php
|
||||
|
||||
$sock = fsockopen("tls://google.com", 443);
|
||||
|
||||
var_dump($sock);
|
||||
|
||||
$handle = curl_init('https://self-signed.badssl.com/');
|
||||
curl_setopt_array(
|
||||
$handle,
|
||||
[
|
||||
CURLOPT_RETURNTRANSFER => true,
|
||||
CURLOPT_SSL_VERIFYPEER => true,
|
||||
]
|
||||
);
|
||||
|
||||
var_dump(curl_exec($handle));
|
||||
curl_close($handle);
|
||||
|
||||
fwrite($sock, "GET / HTTP/1.0\n\n");
|
||||
var_dump(fread($sock, 8));
|
||||
|
||||
?>
|
||||
--EXPECTF--
|
||||
resource(%d) of type (stream)
|
||||
bool(false)
|
||||
string(8) "HTTP/1.0"
|
@ -1873,6 +1873,7 @@ static int php_openssl_enable_crypto(php_stream *stream,
|
||||
do {
|
||||
struct timeval cur_time, elapsed_time;
|
||||
|
||||
ERR_clear_error();
|
||||
if (sslsock->is_client) {
|
||||
n = SSL_connect(sslsock->ssl_handle);
|
||||
} else {
|
||||
@ -2045,6 +2046,7 @@ static size_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, siz
|
||||
}
|
||||
|
||||
/* Now, do the IO operation. Don't block if we can't complete... */
|
||||
ERR_clear_error();
|
||||
if (read) {
|
||||
nr_bytes = SSL_read(sslsock->ssl_handle, buf, (int)count);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user