Solved OpenSSL/1.0.2f breaks php56/curl

A

Abriel

Hi,

Problem occurs after update from OpenSSL/1.0.2d to OpenSSL/1.0.2f. Here is script:
Code: 
<?php
$url = 'https://public-crest.eveonline.com/killmails/33493676/553ac7e2aeabe48092bde10958de0a44dc6f35ef/';
$timeout = 50;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0.1'); // mPDF 5.7.4
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_NOBODY, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt ( $ch , CURLOPT_RETURNTRANSFER , 1 );
curl_setopt ( $ch , CURLOPT_CONNECTTIMEOUT , $timeout );
$data = curl_exec($ch);
echo $data;
?>
The error is:
Code: 
Error: Error getting data: error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac(35) (Code: 0)

But curl in console works fine. When i downgrade to OpenSSL/1.0.2d everything back to normal.
I was trying even set CURL_SSLVERSION_TLSv1 but it looks like AES256-SHA did not work.

Maybe the problem are servers *.eveonline.com. They are practically vulnerable to everything in ssllabs.

Abriel
 
Hi,

I am using openssl from ports.
I think i will try to check it on fresh system.

Edit 1:
On new system under Hyper-V everything works.
Now, how to trace, what is causing problem?

Edit 2:

The problem was a order of extensions in extensions.ini. I changed
Code: 
extension=smbclient.so
extension=ldap.so
to
Code: 
extension=ldap.so
extension=smbclient.so

Everything now works.
Abriel
 
Last edited:
You must log in or register to reply here.
Back
Top