Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:27992 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 16088 invoked by uid 1010); 10 Feb 2007 19:59:17 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 16073 invoked from network); 10 Feb 2007 19:59:16 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 10 Feb 2007 19:59:16 -0000 Authentication-Results: pb1.pair.com smtp.mail=maurice@iceblog.de; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=maurice@iceblog.de; sender-id=unknown Received-SPF: error (pb1.pair.com: domain iceblog.de from 217.160.111.22 cause and error) X-PHP-List-Original-Sender: maurice@iceblog.de X-Host-Fingerprint: 217.160.111.22 p15097164.pureserver.info Received: from [217.160.111.22] ([217.160.111.22:51375] helo=p15097164.pureserver.info) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 70/6B-06763-3142EC54 for ; Sat, 10 Feb 2007 14:59:16 -0500 Received: (qmail 915 invoked by uid 89); 10 Feb 2007 19:59:11 -0000 Received: from i3ed6c20e.versanet.de (HELO ?192.168.178.20?) (moritz@mertinkat.net@62.214.194.14) by p15097164.pureserver.info with SMTP; 10 Feb 2007 19:59:11 -0000 Message-ID: <45CE240E.50908@iceblog.de> Date: Sat, 10 Feb 2007 20:59:10 +0100 User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) MIME-Version: 1.0 To: Wez Furlong , internals@lists.php.net References: <45CB2D6E.1020804@iceblog.de> <4e89b4260702100604v77955573o63eb416d87b01ad2@mail.gmail.com> In-Reply-To: <4e89b4260702100604v77955573o63eb416d87b01ad2@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Moving Socket extension to PECL From: maurice@iceblog.de (Maurice) Hi Wez, >> In my first tests I also included support for streams (using >> stream_select) in order to support SSL/TLS enabled connections. However, >> the SSL transport layer in the Stream "extension" is totally screwed up >> if you use asynchronous socket streams. > > That's the first I've heard about this; I've been using it in this > fashion successfully > for some time. Normal (synchronous) connections are working just fine - no problem here. Have you really tried SSL with non-blocking streams? It works _sometimes_ (depends on the timing/server/etc.), but not always. I've checked the source code and openssl SSL_* calls are not used the way they should be in non-blocking mode. I'll prepare a test case later... >> That's why I started extending the socket extension with socket_ssl_* >> functions that use the openssl extension (and thus are only available if >> PHP is compiled with openssl support). I will provide a patch for that >> once it's complete and out of beta status. > > The problem with ext/sockets is that it is old, unmaintained, buggy, > and is not tied into the streams layer. Buggy? Well, it used to be really buggy some years ago, but I think it's rather stable now. Sockets are always a little bit problematic because they are not the same on all operating systems, but at least on Linux and Windows I don't have any problems. What if I would start maintaining the sockets extension? I think PHP should have some low-level connection stuff built-in. If you really think of moving ext/sockets to PECL I might as well concentrate on fixing the SSL/crypto problem in non-blocking streams. It's just that streams aren't so talkative regarding error messages... >> Anyway, the Stream-SSL part has to be fixed _before_ moving the socket >> extension to PECL. > > The first step is opening a bug report with details on how to > reproduce the problems that you've hinted at: Yeah, I'm going to do that. I started with a bug (crashes PHP on Windows XP) regarding the streams extension in November. It's assigned, but no action has been taken yet: http://bugs.php.net/bug.php?id=39396 I see, it's not a "major" bug, but it crashes PHP and might (_might_) be used to inject code (haven't checked that). Maurice.