PHP curl HTTPS does not work in chroot

Discussion in 'PHP' started by sofatime, May 14, 2007.

  1. sofatime

    sofatime Well-Known Member


    I have compiled lsphp with curl. That works perfectly for HTTP but not for HTTPS. curl from the command line works with https, but not from PHP. Information about my installation:

    lsws 3.1 Enterprise in chroot
    PHP 5.2.2
    Solaris 10 x86
    I have a valid thawte certificate on the https server and also tested it with other https servers.

    I have checked the following:
    stderror: shows no errors
    ldd -> all needed libraries are in chroot

    I use the following PHP testcode:

    $ch = curl_init("");
    $fp = fopen("test.txt", "w");
    curl_setopt($ch, CURLOPT_FILE, $fp);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    I also added:
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    didn't change anything

    I get the following in error.log:
    Connection idle time: 301 while in state: 5 watching for event: 25,close!
    Content len: 0, Request line: GET /curltest.php HTTP/1.1
    HttpExtConnector state: 8, request body sent: 0, response body size: 0, response body sent:0, left in buffer: 0, attempts: 0.

    I assume it has something to do with the chroot, but I don't know where to look (except needed libraries, which seem to be all there). Any hints?

  2. mistwang

    mistwang LiteSpeed Staff

    Have you compiled PHP with openssl? openssl is required for https connection I believe.
    Have you tried your PHP script with lsphp running from command line?

    Please check lsws/logs/error.log and lsws/logs/stderr.log, might be some clue there.
  3. sofatime

    sofatime Well-Known Member

    Thanks for your answer.
    I have not compiled PHP with openssl, but I don't think that is necessary, as libcurl is compiled with openssl.
    I have tried the PHP script with lsphp from the command line: It works! That would also mean to me that openssl in PHP is not necessary.

    About logs: there is nothing in stderr.log. For error.log please check my first post.

    I assume something is missing in the chroot, but I don't see what that could be.

    Thanks again
  4. mistwang

    mistwang LiteSpeed Staff

    It will be a tough job to debug missing component in chroot. :)
    We usually did this:
    strace the application from command line under normal environment, leave the output in one terminal windows.
    Copy strace to the chroot jail, make it work properly.
    Then strace the application from command line under chroot jail, compare the strace output with that of normal environment.

    You should be able to figure out what is missing this way.

Share This Page