Geoff Millikan
asked on
SSL > fread(fsockopen()) > Not working
When I go to https://www.thawte.com:443/ I see a secure web page there.
So why does the below command return nothing?
shell> php -r 'fwrite(fsockopen("ssl://www.thawte.com" , 443), "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread(fsockopen(" ssl://www.thawte.com", 443), 8192));'
string(0) ""
So why does the below command return nothing?
shell> php -r 'fwrite(fsockopen("ssl://www.thawte.com"
string(0) ""
shell> php -r 'fwrite(fsockopen("ssl://www.thawte.com", 443), "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread(fsockopen("ssl://www.thawte.com", 443), 8192));'
string(0) ""
=== Here's the dump of the Headers I should be seeing =====
GET / HTTP/1.1
Host: www.thawte.com:443
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
HTTP/1.x 200 OK
Date: Tue, 07 Oct 2008 00:45:18 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 36400
Connection: close
Content-Type: text/html
php -r "$fo = fsockopen(\"ssl://www.thawte.com\", 443); fwrite($fo, \"GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n\"); var_dump(fread($fo, 8192));"
> Host: www.thawte.com:443\r\n
hmm, I doubt that such a host exists :)
better use
Host: www.thawte.com\r\n
hmm, I doubt that such a host exists :)
better use
Host: www.thawte.com\r\n
443 is the standard port for SSL
> 443 is the standard port for SSL
what has a standard to do with this? noone restricts you to run HTTPS on any other port.
Anyway, that's out of scope here, the FQDN does not allow to contain : (colon), and as the Host header only allows FQDNs or IPs, the given string is invalid.
what has a standard to do with this? noone restricts you to run HTTPS on any other port.
Anyway, that's out of scope here, the FQDN does not allow to contain : (colon), and as the Host header only allows FQDNs or IPs, the given string is invalid.
ASKER
ahoffmann: I believe the colon is allowed in t he HTTP header per RFC 2616 linked below.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23
kelvinwkw: Looks like you're on the right track. But the code returns with the below error on PHP 5.2
The code below works to read via GET over SSL but I'm stuck on getting a POST to work. But that's scope creep, I guess I'll need to post another question.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23
kelvinwkw: Looks like you're on the right track. But the code returns with the below error on PHP 5.2
The code below works to read via GET over SSL but I'm stuck on getting a POST to work. But that's scope creep, I guess I'll need to post another question.
shell> php -r "$fo = fsockopen(\"ssl://www.thawte.com\", 443); fwrite($fo, \"GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n\"); var_dump(fread($fo, 8192));"
Unmatched ".
-----====== SSL GET method ===----
$fp = fsockopen('ssl://www.thawte.com', 443);
$request="GET / HTTP/1.1\r\n";
$request.="Host: www.thawte.com:443\r\n";
$request.="User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3\r\n";
$request.="Connection: close\r\n";
$request.="\r\n";
fwrite($fp, $request);
$contents=stream_get_contents($fp, -1);
fclose($fp);
echo $contents;
?>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
> .. per RFC 2616 .
dooh, missed the optional part. Thanks for correction.
Anyway, the port part in the host header is optional, hence not part of the solution here.
dooh, missed the optional part. Thanks for correction.
Anyway, the port part in the host header is optional, hence not part of the solution here.
ASKER
kelvinwkw: Yes, that works! I'll give you points.
Your POST example wasn't via SSL. Do you have a working SSL POST example? I cannot get POST to work over SSL. Can you?
Your POST example wasn't via SSL. Do you have a working SSL POST example? I cannot get POST to work over SSL. Can you?
ASKER
Arg. I figured it out, I was missing the below line in t he header.
Content-Type: application/x-www-form-url encoded
And that caused the POST'ed variables to bomb out and hang everything to no end.
Content-Type: application/x-www-form-url
And that caused the POST'ed variables to bomb out and hang everything to no end.