Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

curl error: 1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version #831

Open
jetibbetts opened this issue May 13, 2022 · 9 comments
Open

curl error: 1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version #831

jetibbetts opened this issue May 13, 2022 · 9 comments

Comments

@jetibbetts
Copy link

Issue description

I'm getting the following error:

Uncaught Imagine\Exception\RuntimeException: error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version in /var/www/homesbymarco.com/vendor/imagine/imagine/src/File/Loader.php:237

I get the error on my server running Ubuntu 18.04 with curl 7.58, but I do not get the error on my other server running Ubuntu 20.04 with curl 7.68.

What version of Imagine are you using?

1.3.2

What's the PHP version you are using?

PHP 7.2.34-28+ubuntu18.04.1+deb.sury.org+1 (cli) (built: Nov 19 2021 06:36:36) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.34-28+ubuntu18.04.1+deb.sury.org+1, Copyright (c) 1999-2018, by Zend Technologies

What's the imaging library you are using [gd/imagick/gmagick/any]?

gd

What's the imaging library configuration

php --ri gd

gd

GD Support => enabled
GD headers Version => 2.3.0
GD library Version => 2.3.0
FreeType Support => enabled
FreeType Linkage => with freetype
FreeType Version => 2.8.1
GIF Read Support => enabled
GIF Create Support => enabled
JPEG Support => enabled
libJPEG Version => 8
PNG Support => enabled
libPNG Version => 1.6.34
WBMP Support => enabled
XPM Support => enabled
libXpm Version => 30411
XBM Support => enabled
WebP Support => enabled

Directive => Local Value => Master Value
gd.jpeg_ignore_warning => 1 => 1

Minimal PHP code to reproduce the error:

$url = 'https://cdn.onebauer.media/one/empire-images/features/5665a94d329ff0ca7c62aca1/STA039DV.jpg?format=jpg&quality=80&width=850&ratio=1-1&resize=aspectfit';

$imagine = new Imagine\Gd\Imagine();
$photo = $imagine->open(new Imagine\File\Loader($url));
@ausi
Copy link
Contributor

ausi commented May 15, 2022

error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version looks like SSL problems on your server.

Does the following code work on your server?

$url = 'https://cdn.onebauer.media/one/empire-images/features/5665a94d329ff0ca7c62aca1/STA039DV.jpg?format=jpg&quality=80&width=850&ratio=1-1&resize=aspectfit';
var_dump(strlen(file_get_contents($url));

@jetibbetts
Copy link
Author

Yes

int(90316)

@ausi
Copy link
Contributor

ausi commented May 15, 2022

But the following code fails?

$url = 'https://cdn.onebauer.media/one/empire-images/features/5665a94d329ff0ca7c62aca1/STA039DV.jpg?format=jpg&quality=80&width=850&ratio=1-1&resize=aspectfit';
var_dump(strlen((new Imagine\File\Loader($url))->getData()));

Then it is probably CURL related, please also test the following code:

$url = 'https://cdn.onebauer.media/one/empire-images/features/5665a94d329ff0ca7c62aca1/STA039DV.jpg?format=jpg&quality=80&width=850&ratio=1-1&resize=aspectfit';
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSLVERSION, 5);
var_dump(strlen(curl_exec($curl)));

@jetibbetts
Copy link
Author

The first code does indeed fail with the same original error.

The results of the CURL code is: int(0)

@ausi
Copy link
Contributor

ausi commented May 16, 2022

The results of the CURL code is: int(0)

int(0) means that CURL was not able to load the data.
With the following test code you should get an error message printend too.

$url = 'https://cdn.onebauer.media/one/empire-images/features/5665a94d329ff0ca7c62aca1/STA039DV.jpg?format=jpg&quality=80&width=850&ratio=1-1&resize=aspectfit';
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSLVERSION, 5);
var_dump(strlen(curl_exec($curl)));
var_dump(curl_errno($curl));
var_dump(curl_error($curl));

@jetibbetts
Copy link
Author

It's the original curl error:

int(0) int(35) string(72) "error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version"

@ausi
Copy link
Contributor

ausi commented May 16, 2022

Then you need to fix the CURL setup on your server I think.

You can also disable CURL for PHP, then Imagine would fallback to file_get_contents() automatically.

@ArniPL
Copy link

ArniPL commented Jul 12, 2022

We have the same problem. It looks like the curl_setopt($curl, CURLOPT_SSLVERSION, 5); is the issue here. Now Imagine can't open remote images from servers that disabled TLS 1.1.

Why does Imagine force curl to use the deprecated TLS 1.1 version? Shouldn't this be negotiated automatically, as it is by default? Thanks!

@radli
Copy link
Contributor

radli commented Jan 18, 2023
edited

We have the same problem. It looks like the curl_setopt($curl, CURLOPT_SSLVERSION, 5); is the issue here. Now Imagine can't open remote images from servers that disabled TLS 1.1.

Why does Imagine force curl to use the deprecated TLS 1.1 version? Shouldn't this be negotiated automatically, as it is by default? Thanks!

that's right, you're right: https://en.wikipedia.org/wiki/Transport_Layer_Security
image

radli pushed a commit to radli/Imagine that referenced this issue Jan 19, 2023
php-imagine#831 fixed error tls1.0 version
252c02f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ausi @radli @ArniPL @jetibbetts