-
Notifications
You must be signed in to change notification settings - Fork 373
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error OpenSSL Shutdown while in init - cURL - MSSQL #1512
Comments
It seems likely that curl also loads OpenSSL, just like the ODBC Driver and there is probably some interference there. I'm having a bit of trouble getting php-curl to work to verify, but the fact that error goes away when By the way, do you know which version of OpenSSL is used there? |
thanks ! Yes we used OpenSSL 3.0.2 15 Mar 2022 (Library: OpenSSL 3.0.2 15 Mar 2022) |
Can you I can now run the repro code, but I don't get the same error, since I don't have the API URL setup that would return "certificate not allowed", if I understand the setup correctly. |
The error is triggered before the API call. I got the error even when https://www.google.fr is set as the API URL. Are you sure you are using the same set up ? |
Great, thanks. I'll see what I can find in those |
Hi, turns out this is a bug in libcurl. More details here. They have fixed it for curl>=8.3.0. After upgrade the driver no longer throw an error. |
Environment
Php version: 8.2.19
PDO_SQLSRV: pdo_sqlsrv-5.12.0
Microsoft ODBC Driver version: 18.3.2.1-1
MS SQL Server version: 2022 lastest (docker image
mcr.microsoft.com/mssql/server:2022-latest
)Ubuntu via Docker for Mac: Ubuntu 22.04.4 LTS (Jammy Jellyfish)
OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020
Problem description
The following code:
Resulted in this output:
But I expected no SQL error, only the cURL error :
The error only happens when the curl CA verification reports a certificate not allowed.
The error does not happen when I remove
TrustServerCertificate=yes
in the dsn.The error does not happen when
CURLOPT_SSL_VERIFYPEER
is set tofalse
.It's seems that the Mssql driver call openssl function
SSL_shutdown()
whileSSL_in_init()
send true.The
SSL_in_init()
seems to returntrue
only when the curl CA verification reports a certificate not allowed.I don't know if php curl implementation does not close the connection correctly or if the MSSQL driver should check if SSL_in_init() returns
true
before callingSSL_shutdown()
, but there is something wrong here.I opened an issue on PHP, but they suggested that I open an issue here (php/php-src#14230).
The text was updated successfully, but these errors were encountered: