I’ve got a PHP communications server running using stream_socket_server() and stream_socket_accept(), a fairly complicated thing which uses SSL connections and certificates to be certain that the remote side is authorized to connect to the server. One of the things which is coming up in my logs are the failed connections. I’m trying to provide more details on these connections for security purposes.
I’m currently getting most of my error detail on the failed connections by setting an error handler for the stream_socket_accept() call:
public function on_ssa_error($errno, $errstr)
{
$this->ssa_error .= " ERROR [$errno]: $errstr\n";
}
public function on_select_read()
{
$this->ssa_error = "";
set_error_handler(array($this, "on_ssa_error"));
$rsocket = stream_socket_accept($this->ss, 0);
restore_error_handler();
if ($rsocket !== FALSE)
// Finish setting up the socket connection and start using it
else
// Report the error in $this->ssa_error
}
…when I have a failed connection, I tend to get errors like this:
ERROR [2]: stream_socket_accept(): SSL operation failed with code 1. OpenSSL Error messages: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
ERROR [2]: stream_socket_accept(): Failed to enable crypto
ERROR [2]: stream_socket_accept(): accept failed: Success
…which is partly useful in that it identifies the cause of the bad connection as a bad certificate, but I’d really like to have something indicating where the bad request came from, ideally the IP address or Mac Address of the source.
Is there any way to get the IP address of a failed connection using the stream_socket_xxx code? I know it’s possible to get the IP address of an accepted connection, but I’m stumped trying to figure out a way of getting it on a failed connection.
I'm trying to read emails from imap mail with the php library ddeboer/imap .
I've created a subdomain like this: abm.mydomain.be . The IMAP extension wasn't installed so I asked the server administrator to install it. The function imap_open now exists. But now I'm getting the following error:
AuthenticationFailedException in Server.php line 76:
Authentication failed for user abm#mydomain.be with error imap_open(): Couldn't open stream {mail.mydomain.be:993/imap/ssl/validate-cert}
The user and passwords are correctly (100% sure of that). When I check phpinfo I see the following with imap:
Does anyone knows what I'm doing wrong?
I'm trying to integrate a PHP portal with a CRM(microsoft dynamics .NET) system using SOAP.
This is part of my code:
$client = new SoapClient("http://XX.XXX.X.XX:5050/host.svc?wsdl");
This line returns 2 errors
Warninig: Message: SoapClient::SoapClient(http://80.248.5.35:5050/host.svc?wsdl): failed to open stream: Connection refused
Fatal error: Uncaught SoapFault exception: [WSDL] SOAP-ERROR: Parsing WSDL: Couldn't load from 'http://XX.XXX.X.XX:5050/host.svc?wsdl' : failed to load external entity
Opening the link in the browser works and running this code in my local machine(localhost) works also.
i've tried file_get_contents("http://XX.XXX.X.XX:5050/host.svc?wsdl"); but this returns a warning message
Message: file_get_contents(http://80.248.5.35:5050/host.svc?wsdl): failed to open stream: Connection refused
i've tried so many solutions from stackoverflow.
If anyone could help me with this or shed more light on the situation cause this is my first attempt at something like this. Thanks
I found out the problem.
My webserver was denying me from making outgoing connection through any port rather than the default port. i fixed it by changing the web service to the default port on the ISS
I've been frustrated by this "failed to open stream" error too, but from the point of view of trying to connect to a web service from the web.
However, the issue is the same underneath: your web server needs to be able to reach the web service from itself.
My solution if you are using a Windows Server: add an entry to your windows host file to allow loopback on the server for the external domain you're using for the web service.
So, open your "hosts" file, which is usually in somewhere like C:\Windows\System32\drivers\etc. Then add a line like:
<machine LAN IP like 192.168.1.1 or 127.0.0.1> <domain.ofwebsevice.com>
I'm trying to debug the PHP function stream_socket_client but I don't really know how. This is the code that I'm having trouble with:
$this->socket = #stream_socket_client(
$remote, $errno, $errstr,
$this->request->getConfig('connect_timeout'),
STREAM_CLIENT_CONNECT, $context
);
if (!$this->socket) {
throw new HTTP_Request2_ConnectionException(
"Unable to connect to {$remote}. Error: {$errstr}",
0, $errno
);
}
The exception is thrown and the error reads "Unable to connect to tcp://www.dropbox.com:80. Error: Connection timed out". This code comes from a very popular Wordpress plugin that's been well tested. The server I'm working on has some quirks, e.g. I'm allowed to upload or remove files via PHP etc. so I'm wondering if there are any PHP settings that could prevent stream_socket_client from working and how I can check what those settings are for my server.
Try to check allow_url_fopen.
This option enables the URL-aware fopen wrappers that enable accessing URL object like files.
See: https://php.net/manual/en/filesystem.configuration.php
So I have a little problem with a PHP script I'm currently writing. To start off, let me say the script is supposed to connect to an IMAP mailbox, search for some emails and download their attachments. All of this is already coded and is working with my own gmail account. The problem arise when I try and connect to an exchange server. Short code excerpt :
$mbox = imap_open($host, $login, $password);
echo '<br/>' . imap_last_error() . '<br/>';
$emails = imap_search($mbox, 'FROM "patate#patate.com"', SE_UID);
I have tried two main $host "version" (with and without SSL) :
1 - {server:993/imap/ssl/novalidate-cert}INBOX
2 - {server:143/imap/novalidate-cert}INBOX
The novalidate-cert deal with a certificate error. I also tried the "notsl" parameters, for both of these, without any noticeable outcome. The error I get is this lovely message, absolutely not cryptic in any way, shape or form :
[CLOSED] IMAP connection broken (server response)
Additionally, I also receive these notices :
Notice: Unknown: Unknown GSSAPI failure: An invalid name was supplied (errflg=1) in Unknown on line 0
Notice: Unknown: GSSAPI mechanism status: Hostname cannot be canonicalized (errflg=1) in Unknown on line 0
Notice: Unknown: Retrying PLAIN authentication after AUTHENTICATE failed. (errflg=1) in Unknown on line 0
Notice: Unknown: Retrying PLAIN authentication after AUTHENTICATE failed. (errflg=1) in Unknown on line 0
Notice: Unknown: Can not authenticate to IMAP server: AUTHENTICATE failed. (errflg=2) in Unknown on line 0
Notice: Unknown: [CLOSED] IMAP connection broken (server response) (errflg=1) in Unknown on line 0
The first two especially puzzle me... I did try this script on another server, to make sure the issue was not related to my local network. After a lot of googling around, I only got this : http://www.phpfreaks.com/forums/index.php?topic=190628.0 which seems like a somewhat cumbersome fix.
Any ideas?
I'm having this same issue, it looks like the errors are being generated because an Exchange server advertises authentication protocols that it does not support (http://vision.eng.shu.ac.uk/mmvlwiki/index.php/Exchange). It also seems like this issue is isolated to linux servers as I have no issues with the exact same code on a Windows box. This has been a longstanding issue and PHP was recently patched (v 5.3.2) to allow you to disable certain authentication protocols (http://php.net/manual/en/function.imap-open.php). The below code works intermittently for me:
$this->inbox = imap_open("{server:993/imap/ssl/novalidate-cert}$inbox",
$username, $password, NULL, 1,
array('DISABLE_AUTHENTICATOR' => 'PLAIN')) or
die(var_dump(imap_errors()));
This also works intermittently:
$this->inbox = imap_open("{server:993/imap/ssl/novalidate-cert}$inbox",
$username, $password, NULL, 1,
array('DISABLE_AUTHENTICATOR' => 'GSSAPI')) or
die(var_dump(imap_errors()));
SO I ghetto rigged this it does seem to work...although it has the potential for an endless loop/DOS attack on my company's exchange server but /care
Hopefully there is a better solution, but this should help:
$tryCnt = 0;
while(!is_resource($this->inbox)){
$this->inbox = imap_open("{server.com:993/imap/ssl/novalidate-cert}$inbox",
$username, $password, NULL, 1,
array('DISABLE_AUTHENTICATOR' => 'GSSAPI'));
$tryCnt ++;
if(!is_resource($this->inbox)){
$this->inbox = imap_open("{server.com:993/imap/ssl/novalidate-cert}$inbox",
$username, $password, NULL, 1,
array('DISABLE_AUTHENTICATOR' => 'PLAIN'));
$tryCnt ++;
}
if($tryCnt > 20){
echo "Cannot Connect To Exchange Server:<BR>";
die(var_dump(imap_errors()));
}
}
I have a PHP script that connects to an OWA email server and brings back the content of an email using the imap_open PHP function. Using that content, it then creates a page in a MindTouch instance.
All of this code works correctly, but the script was reporting the GSSAPI failure errors shown above. In my web results page, success was (correctly) reported, but the page also displayed the GSSAPI error messages.
What I discovered in my code was that I was turning on error_reporting(E_ALL). When I changed the reporting level, the error message went away.
I know that the error is still there, and I don't know why. But, since all of my code is working correctly, I just wanted the error message to go away, because it was confusing my users.
Changing the reporting level to a lower one took care of that.