[php-maint] Bug#759501: Bug#759501: Bug#759501: php5: TLS/SSL connections do not honour the SubjectAltName within certificates
Ondřej Surý
ondrej at sury.org
Sun Oct 19 12:59:14 UTC 2014
Control: forwarded -1 https://bugs.php.net/bug.php?id=68265
Andre,
thank you for the test case, I have successfully repeated your problem
in PHP 5.6.2 and forwarded the issue to the upstream. Hopefully they
will fix it before the final Debian release. Sorry it took so long, I
just didn't have enough time.
Cheers,
Ondrej
On Thu, Aug 28, 2014, at 19:25, Andre Klärner wrote:
> Hi Ondřej,
>
> I attached an example script that demonstrates the issue. Feel free to
> run
> tests against my server. Please note that I use CAcert.org certificates,
> so
> make sure you provide the root certificates for CAcert.org to PHP
> (example
> included)
>
> The output on my machines is:
> kandre at mainframe(pts/14) ~ % ./ssl-test-debs.php
> trying to connect to ssl://debs.ak-online.be
> PHP Warning: fsockopen(): Peer certificate CN=`debs.ak-online.net' did
> not match expected CN=`debs.ak-online.be' in
> /media/Jen/kandre/ssl-test-debs.php on line 8
> PHP Warning: fsockopen(): Failed to enable crypto in
> /media/Jen/kandre/ssl-test-debs.php on line 8
> PHP Warning: fsockopen(): unable to connect to
> ssl://debs.ak-online.be:993 (Unknown error) in
> /media/Jen/kandre/ssl-test-debs.php on line 8 (0)
> trying to connect to ssl://debs.ak-online.net
> connection succeeded
>
> Kind regards,
> Andre
>
> --
> Andre Klärner
> _______________________________________________
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-maint
> Email had 2 attachments:
> + ssl-test-debs.php
> 1k (text/plain)
> + smime.p7s
> 6k (application/x-pkcs7-signature)
--
Ondřej Surý <ondrej at sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
More information about the pkg-php-maint
mailing list