?
Solved

SSL >  fread(fsockopen()) > Not working

Posted on 2008-10-06
9
Medium Priority
?
1,042 Views
Last Modified: 2012-06-21
When I go to https://www.thawte.com:443/  I see a secure web page there.  

So why does the below command return nothing?

shell> php -r 'fwrite(fsockopen("ssl://www.thawte.com", 443), "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread(fsockopen("ssl://www.thawte.com", 443), 8192));'

string(0) ""
shell> php -r 'fwrite(fsockopen("ssl://www.thawte.com", 443), "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread(fsockopen("ssl://www.thawte.com", 443), 8192));'
 
string(0) ""
 
 
=== Here's the dump of the Headers I should be seeing =====
GET / HTTP/1.1
Host: www.thawte.com:443
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
 
HTTP/1.x 200 OK
Date: Tue, 07 Oct 2008 00:45:18 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 36400
Connection: close
Content-Type: text/html

Open in new window

0
Comment
Question by:Geoff Millikan
  • 3
  • 3
  • 3
9 Comments
 
LVL 11

Expert Comment

by:kelvinwkw
ID: 22657643
php -r "$fo = fsockopen(\"ssl://www.thawte.com\", 443); fwrite($fo, \"GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n\"); var_dump(fread($fo, 8192));"
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 22664756
> Host: www.thawte.com:443\r\n

hmm, I doubt that such a host exists :)
better use
    Host: www.thawte.com\r\n
0
 
LVL 11

Expert Comment

by:kelvinwkw
ID: 22664829
443 is the standard port for SSL
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 51

Expert Comment

by:ahoffmann
ID: 22664857
> 443 is the standard port for SSL
what has a standard to do with this? noone restricts you to run HTTPS on any other port.
Anyway, that's out of scope here, the FQDN does not allow to contain : (colon), and as the Host header only allows FQDNs or IPs, the given string is invalid.
0
 

Author Comment

by:Geoff Millikan
ID: 22666241
ahoffmann: I believe the colon is allowed in t he HTTP header per RFC 2616 linked below.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23

kelvinwkw: Looks like you're on the right track.  But the code returns with the below error on PHP 5.2

The code below works to read via GET over SSL but I'm stuck on getting a POST to work.  But that's scope creep, I guess I'll need to post another question.
shell> php -r "$fo = fsockopen(\"ssl://www.thawte.com\", 443); fwrite($fo, \"GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n\"); var_dump(fread($fo, 8192));"
 
Unmatched ".
 
 
-----====== SSL GET method ===----
$fp = fsockopen('ssl://www.thawte.com', 443);
$request="GET / HTTP/1.1\r\n";
$request.="Host: www.thawte.com:443\r\n";
$request.="User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3\r\n";
$request.="Connection: close\r\n";
$request.="\r\n";
fwrite($fp, $request);
$contents=stream_get_contents($fp, -1);
fclose($fp);
echo $contents;
?>

Open in new window

0
 
LVL 11

Accepted Solution

by:
kelvinwkw earned 2000 total points
ID: 22666480
What about this?

php -r '$fo = fsockopen("ssl://www.thawte.com", 443); fwrite($fo, "GET / HTTP/1.1\r\nHost: www.thawte.com:443\r\nConnection: Close\r\n\r\n"); var_dump(fread($fo, 8192));'

To perform a post, you may refer to the sample below

<?php      
$req="cmd=_xclick&business=a12345@hotmail.com&item_name=Youth&currency_code=USD&amount=75.00";
header("POST /us/cgi-bin/webscr HTTP/1.0");
header("Host: www.sandbox.paypal.com");
header("Content-Type: application/x-www-form-urlencoded");
header("Content-Length: " . strlen($req));
header($req);
?>
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 22666502
> .. per RFC 2616 .
dooh, missed the optional part. Thanks for correction.
Anyway, the port part in the host header is optional, hence not part of the solution here.
0
 

Author Comment

by:Geoff Millikan
ID: 22668246
kelvinwkw:  Yes, that works!  I'll give you points.

Your POST example wasn't via SSL. Do you have a working SSL POST example?  I cannot get POST to work over SSL.  Can you?
0
 

Author Comment

by:Geoff Millikan
ID: 22673266
Arg.  I figured it out, I was missing the below line in t he header.

Content-Type: application/x-www-form-urlencoded

And that caused the POST'ed variables to bomb out and hang everything to no end.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to count occurrences of each item in an array.
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
Suggested Courses
Course of the Month14 days, 14 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question