Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:54833
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Received-SPF: pass (pb1.pair.com: domain thelounge.net designates 91.118.73.15 as permitted sender)
Message-ID: <4E542972.1070807@thelounge.net>
Date: Wed, 24 Aug 2011 00:28:02 +0200
Organization: the lounge interactive design
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0) Gecko/20110816 Thunderbird/6.0
MIME-Version: 1.0
To: internals@lists.php.net
References: <4E4C61E0.3040007@thelounge.net> <11AAFE15-0785-4651-8F28-716E219017DE@macvicar.net>
In-Reply-To: <11AAFE15-0785-4651-8F28-716E219017DE@macvicar.net>
OpenPGP: id=7F780279;
	url=http://arrakis.thelounge.net/gpg/h.reindl_thelounge.net.pub.txt
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enig46B3D8823C027FA00372ED19"
Subject: Re: [PHP-DEV] 5.3.7 is breaking SSL
From: h.reindl@thelounge.net (Reindl Harald)

--------------enig46B3D8823C027FA00372ED19
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable



Am 23.08.2011 19:21, schrieb Scott MacVicar:
> On Aug 17, 2011, at 5:50 PM, Reindl Harald wrote:
>=20
>> well i guess it is the change below this results in connections in han=
ging
>> around and after a hughe timeout filling my mailbox with cron-mails:
>>
>> mysqlnd 5.0.8-dev - 20102224 - $Revision: 310735 $
>>
>> without ssl_set() all works fine but unencyrpted :-(
>> ___________
>>
>> MySQL server has gone away
>>
>> $this->ssl_key =3D '/etc/mysql-ssl/client.pem';
>> $this->ssl_crt =3D '/etc/mysql-ssl/client.pem';
>> $this->ssl_ca  =3D '/etc/mysql-ssl/ca.crt';
>>
>> $>conn->ssl_set($this->ssl_key, $this->ssl_crt, $this->ssl_ca, NULL, N=
ULL);
>> ___________
>>
>> https://bugs.php.net/bug.php?id=3D55283
>>
>> - MySQLi extension:
>>  . Fixed bug #55283 (SSL options set by mysqli_ssl_set ignored for MyS=
QLi
>>    persistent connections). (Andrey)
>>
>>
>=20
>=20
> Do you have a full script I can use to look at? Do you set a mysql time=
out?

wtah exactly are you mssing?

the code is above and timeouts does not matter if it takes 30 minutes
before "mysql server has gone" what leads to take a long time to
recognize that cronjobs are defacto dead

$conn =3D mysqli_init();
$conn->ssl_set
(
 '/etc/mysql-ssl/client.pem',
 '/etc/mysql-ssl/client.pem',
 '/etc/mysql-ssl/ca.crt',
 NULL,
 NULL
);
mysqli_real_connect($conn, $host, $user, $pwd, $db, port, '', 0);

this code is packed in a abstraction-layer which calls finally
mysqli_connect_error() to display "mysql server has gone away"

PHP 5.3.8 is fixing this as far as i see on the first test machine
"Ssl_cipher DHE-RSA-AES256-SHA" instead dead and timeout

    * Reverted a change in timeout handling restoring PHP 5.3.6
      behavior, which caused mysqlnd SSL connections to hang (Bug
      #55283).



--------------enig46B3D8823C027FA00372ED19
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5UKXIACgkQhmBjz394AnmAQQCfS+SypAGA59S3HQIYDYU0Tns8
LTMAn02BAN9B0dFPeQDaiFXrmuLCI4ZY
=izI0
-----END PGP SIGNATURE-----

--------------enig46B3D8823C027FA00372ED19--