Search code examples
phpapachecurlbrowserid

cURL in PHP does not connect when run from dev server

I am implementing the persona login system (from Mozilla). On my development machine I can not make a connection, using cURL to the authentication server. At least so it seems.

The very same script does run from CLI.

UPDATE: I get this error, from *curl_error()*:

A PKCS #11 module returned CKR_DEVICE_ERROR,
indicating that a problem has occurred with the token or slot.

The cURL PHP module is installed and does support https

Here is a test script:

Also on GitHub

<?php
/**
 * Testing curl and persona
 *
 * Currently a connection is made when running from the CLI,
 * but not when accessed via web
 * Various options have been tried, but make no difference
 */

echo "<pre>\n";

$data = new StdClass();
$data->assertion = "foo";
$data->audience = "http://localhost";

// Do curl
$url = 'https://verifier.login.persona.org/verify';
$ch = curl_init();
curl_setopt_array($ch, array(
    CURLOPT_URL            => $url,
    CURLOPT_POST           => true,
    CURLOPT_POSTFIELDS     => json_encode($data),
    CURLOPT_HEADER         => false,
    CURLOPT_RETURNTRANSFER => true,
    /*
    CURLOPT_SSL_VERIFYPEER => true,
    CURLOPT_SSL_VERIFYHOST => 2,
    CURLOPT_FOLLOWLOCATION => false,
    CURLINFO_HEADER_OUT    => true,
    CURLOPT_CAINFO         => '/etc/ssl/certs/ca-bundle.crt',
    */
    CURLOPT_HTTPHEADER => array('Content-Type: application/json')
));
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
echo "EXEC now\n\n";
$response = curl_exec($ch);
$info = curl_getinfo($ch);
foreach ($info as $ki => $ii) {
    if ( is_array($ii) ) {
        $ii = "(array)";
    }
    echo $ki . " => " . $ii . "\n";
}
curl_close($ch);

// Check response
if ( empty($response) ) {
    header("HTTP/1.0 401 Authentication is possible but has failed");
    echo 'Response is empty - assertion failed: ';
    echo '{"reason" : "Assertion failed, verifying server returned empty content"}';
    exit;
}

//$response = json_decode($response);
echo 'Response decoded: ' . $response . "\n\n";

Output when run from CLI:

url => https://verifier.login.persona.org/verify
content_type => application/json; charset=utf-8
http_code => 200
header_size => 191
request_size => 175
etc

Output when run from the server

url => https://verifier.login.persona.org/verify
content_type => 
http_code => 0
header_size => 0
request_size => 0
etc

I am running Fedora Linux

Solution

  • As per https://bugzilla.redhat.com/show_bug.cgi?id=870856 bug was introduced in a recent yum update, updating should solve the issue.