?
Solved

SSL >  fread(fsockopen()) > Not working

Posted on 2008-10-06
9
Medium Priority
?
1,019 Views
Last Modified: 2012-06-21
When I go to https://www.thawte.com:443/  I see a secure web page there.  

So why does the below command return nothing?

shell> php -r 'fwrite(fsockopen("ssl://www.thawte.com", 443), "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread(fsockopen("ssl://www.thawte.com", 443), 8192));'

string(0) ""
shell> php -r 'fwrite(fsockopen("ssl://www.thawte.com", 443), "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread(fsockopen("ssl://www.thawte.com", 443), 8192));'
 
string(0) ""
 
 
=== Here's the dump of the Headers I should be seeing =====
GET / HTTP/1.1
Host: www.thawte.com:443
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
 
HTTP/1.x 200 OK
Date: Tue, 07 Oct 2008 00:45:18 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 36400
Connection: close
Content-Type: text/html

Open in new window

0
Comment
Question by:Geoff Millikan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 3
9 Comments
 
LVL 11

Expert Comment

by:kelvinwkw
ID: 22657643
php -r "$fo = fsockopen(\"ssl://www.thawte.com\", 443); fwrite($fo, \"GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n\"); var_dump(fread($fo, 8192));"
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 22664756
> Host: www.thawte.com:443\r\n

hmm, I doubt that such a host exists :)
better use
    Host: www.thawte.com\r\n
0
 
LVL 11

Expert Comment

by:kelvinwkw
ID: 22664829
443 is the standard port for SSL
0
WordPress Tutorial 2: Terminology

An important part of learning any new piece of software is understanding the terminology it uses. Thankfully WordPress uses fairly simple names for everything that make it easy to start using the software.

 
LVL 51

Expert Comment

by:ahoffmann
ID: 22664857
> 443 is the standard port for SSL
what has a standard to do with this? noone restricts you to run HTTPS on any other port.
Anyway, that's out of scope here, the FQDN does not allow to contain : (colon), and as the Host header only allows FQDNs or IPs, the given string is invalid.
0
 

Author Comment

by:Geoff Millikan
ID: 22666241
ahoffmann: I believe the colon is allowed in t he HTTP header per RFC 2616 linked below.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23

kelvinwkw: Looks like you're on the right track.  But the code returns with the below error on PHP 5.2

The code below works to read via GET over SSL but I'm stuck on getting a POST to work.  But that's scope creep, I guess I'll need to post another question.
shell> php -r "$fo = fsockopen(\"ssl://www.thawte.com\", 443); fwrite($fo, \"GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n\"); var_dump(fread($fo, 8192));"
 
Unmatched ".
 
 
-----====== SSL GET method ===----
$fp = fsockopen('ssl://www.thawte.com', 443);
$request="GET / HTTP/1.1\r\n";
$request.="Host: www.thawte.com:443\r\n";
$request.="User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3\r\n";
$request.="Connection: close\r\n";
$request.="\r\n";
fwrite($fp, $request);
$contents=stream_get_contents($fp, -1);
fclose($fp);
echo $contents;
?>

Open in new window

0
 
LVL 11

Accepted Solution

by:
kelvinwkw earned 2000 total points
ID: 22666480
What about this?

php -r '$fo = fsockopen("ssl://www.thawte.com", 443); fwrite($fo, "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread($fo, 8192));'

To perform a post, you may refer to the sample below

<?php      
$req="cmd=_xclick&business=a12345@hotmail.com&item_name=Youth&currency_code=USD&amount=75.00";
header("POST /us/cgi-bin/webscr HTTP/1.0");
header("Host: www.sandbox.paypal.com");
header("Content-Type: application/x-www-form-urlencoded");
header("Content-Length: " . strlen($req));
header($req);
?>
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 22666502
> .. per RFC 2616 .
dooh, missed the optional part. Thanks for correction.
Anyway, the port part in the host header is optional, hence not part of the solution here.
0
 

Author Comment

by:Geoff Millikan
ID: 22668246
kelvinwkw:  Yes, that works!  I'll give you points.

Your POST example wasn't via SSL. Do you have a working SSL POST example?  I cannot get POST to work over SSL.  Can you?
0
 

Author Comment

by:Geoff Millikan
ID: 22673266
Arg.  I figured it out, I was missing the below line in t he header.

Content-Type: application/x-www-form-urlencoded

And that caused the POST'ed variables to bomb out and hang everything to no end.
0

Featured Post

7 Extremely Useful Linux Commands for Beginners

Just getting started with Linux? Here's a quick start guide that has 7 commands that we believe will come in handy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this. Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it i…
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question