You are not logged in.

#1 2015-04-06 13:21:36

user00265
Member
From: Rushford, MN
Registered: 2012-02-13
Posts: 3
Website

PECL broken in PHP 5.6.7?

So, I noticed this on a new install and now trying it on an existing install that I've been using for quite a while now and which I know I've used pecl before on is now not working.

[root@magneto] ~ # pecl channel-update pecl.php.net
Channel "pecl.php.net" is not responding over http://, failed with message: Connection to `pecl.php.net:443' failed: Unable to find the socket transport "ssl" - did you forget to enable it when you configured PHP?
Trying channel "pecl.php.net" over https:// instead
Cannot retrieve channel.xml for channel "pecl.php.net" (Connection to `pecl.php.net:443' failed: Unable to find the socket transport "ssl" - did you forget to enable it when you configured PHP?)

Before anybody suggests this, yes, openssl is installed and operating and PHP on the CLI can see it, sockets are enabled and sockets have SSL support according to php -i, I have looked around, unsuccessfully, for a solution.

Offline

#2 2015-04-07 02:45:05

nishayr
Member
Registered: 2015-04-07
Posts: 1

Re: PECL broken in PHP 5.6.7?

Wow, I thought I was the only one...

I'm having this issue as well... When I am running php -i, I get:
[snip]
openssl

OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.0.1m 19 Mar 2015
OpenSSL Header Version => OpenSSL 1.0.1m 19 Mar 2015

Directive => Local Value => Master Value
openssl.cafile => no value => no value
openssl.capath => no value => no value

[/snip]

and:

Registered Stream Socket Transports => tcp, udp, ssl, sslv3, sslv2, tls, tlsv1.0, tlsv1.1, tlsv1.2
openssl
openssl.cafile => no value => no value
openssl.capath => no value => no value



However, still getting the error above...

Offline

#3 2015-04-08 06:51:32

pioo
Member
Registered: 2015-04-08
Posts: 1

Re: PECL broken in PHP 5.6.7?

I had to use pecl a coupl of days ago. I have the same issue on SUSE Linux Enterprise Server 11 SP3 and openSUSE 13.2 using PHP 5.6.1

I replaced the pecl command with the followgin:

php /usr/share/php5/PEAR/peclcmd.php

For example:

php /usr/share/php5/PEAR/peclcmd.php update-channels

I straced pecl and I found out for some reason pecl does not load php modules. Must be some configuration issue.

Additional info:
Sometimes pecl.php.net is unreacheable, and even curl cannot connect to the site:

curl https://pecl.php.net
curl: (7) Failed to connect to pecl.php.net port 443: Connection refused

Offline

#4 2015-04-08 14:06:48

sascha.seewald
Member
Registered: 2015-04-08
Posts: 2

Re: PECL broken in PHP 5.6.7?

Hi.
I stumbled across the same problem today and i found a pretty neat solution.

If you are using php > 5.6 the SSL handling is different. You need to define a global cert in the php.ini or....

Problem when defining in php.ini:
pecl and pear are calling php with the parameter "-n" this tells php to not use the php.ini and will result in the same error.

@see -> vi /usr/local/bin/pecl (can be a different location)
Line: exec $PHP -C -n -q ...

The best solution (i think):

Check where PHP try's to read the default cert from. This will give you the insights where PHP try's to find the ca cert file.

$ php -r "print_r(openssl_get_cert_locations());"

Example output:

Array
(
    [default_cert_file] => /usr/lib/ssl/cert.pem
    [default_cert_file_env] => SSL_CERT_FILE
    [default_cert_dir] => /usr/lib/ssl/certs
    [default_cert_dir_env] => SSL_CERT_DIR
    [default_private_dir] => /usr/lib/ssl/private
    [default_default_cert_area] => /usr/lib/ssl
    [ini_cafile] => 
    [ini_capath] => 
)

PHP try's to load it from "/usr/lib/ssl/cert.pem" (in my example). But everything breaks at this point because it is not there.

SOLUTION:
I have created a snippet for my dev machines to automatically FIX it.
It tries to fetch the "default_cert_file" path from the output of the command above and then checks for it's existence.
If the file and folders don't exist it creates them. Then curl jumps in and fetches the ca cert file from the curl website and writes it into the required file.

Snippet

PHP_DEFAULT_CERT=$(php -r "print_r(openssl_get_cert_locations());" | sed -n 's/.*=>\s\/\(.*\.pem\)/\/\1/p')
if [[ ! -f ${PHP_DEFAULT_CERT} ]];then
    install -Dv /dev/null "${PHP_DEFAULT_CERT}"
    curl http://curl.haxx.se/ca/cacert.pem -o "${PHP_DEFAULT_CERT}" >/dev/null 2>&1
fi

When the ca cert is in place - just recall "sudo pecl update-channels"


I hope it helps smile

Last edited by sascha.seewald (2015-04-08 14:30:27)

Offline

#5 2015-04-13 13:08:57

antoineg
Member
Registered: 2012-11-23
Posts: 2

Re: PECL broken in PHP 5.6.7?

@sascha.seewald your solution does work for me, still having the same error

I don't understand how such a thing is possible ! How can you release a software and have that kind of error, it's insane ...

I don't know a thing about PECL bug tracking/dev but we should have a look there or do you think this is related to archlinux ? I doubt it is.

Offline

#6 2015-04-13 20:44:30

zajca
Member
From: Czech Republic
Registered: 2008-11-24
Posts: 35

Re: PECL broken in PHP 5.6.7?

I have same issue but @sascha.seewald solution doesn't work for me ssl certificate is in place but I have same issue.
Weird thing is that my other PC which is also running archlinux doesn't have this issue.

worst thing is that I can't work since my PHP modules are compiled with older API and I can't update them.

PHP Warning:  PHP Startup: yaml: Unable to initialize module
Module compiled with module API=20100525
PHP    compiled with module API=20131226

Offline

#7 2015-04-13 22:17:38

sascha.seewald
Member
Registered: 2015-04-08
Posts: 2

Re: PECL broken in PHP 5.6.7?

Hi,

@zajca, @antoineg
what happens when you simply run "sudo pecl update-channels"?

@zajca
Whats the php version on the other machine? Is it < 5.6?

Offline

#8 2015-04-14 19:59:25

zajca
Member
From: Czech Republic
Registered: 2008-11-24
Posts: 35

Re: PECL broken in PHP 5.6.7?

@sascha.seewald

Nice I just tried and it works big_smile Certificate after reboot solved problem. But it wast working before reboot.

Offline

Board footer

Powered by FluxBB