swoole-src icon indicating copy to clipboard operation
swoole-src copied to clipboard

Published 20 hours ago verified publisher icon swoole

Swoole cURL Hook creates malformed requests to UNIX Sockets

Open PineappleIOnic opened this issue 2 years ago • 8 comments

Please answer these questions before submitting your issue. Thanks!

  1. What did you do? If possible, provide a simple script for reproducing the error. I was attempting to communicate to a Docker Server through cURL and a UNIX Socket with the swoole hook enabled. Docker does not correctly detect the headers and always returns an error message stating that the host header is not correct. Disabling the Swoole hook for cURL fixes this problem however multiple tasks with cURL will stop working.

  2. What did you expect to see? The docker request to successfully pass and work correctly.

  3. What did you see instead? Docker returns the following error message: 400 Bad Request: malformed Host header stating that the host header is malformed.

  4. What version of Swoole are you using (show your php --ri swoole)? Swoole v4.8.2

  5. What is your machine environment used (show your uname -a & php -v & gcc -v) ? Uname: Linux 55028506596f 5.10.47-linuxkit #1 SMP PREEMPT Sat Jul 3 21:50:16 UTC 2021 aarch64 Linux Php:

PHP 8.0.12 (cli) (built: Nov 12 2021 20:05:35) ( NTS )
Copyright (c) The PHP Group
Zend Engine v4.0.12, Copyright (c) Zend Technologies
    with Zend OPcache v8.0.12, Copyright (c), by Zend Technologies
    with Yasd v0.3.9-alpha, Our Copyright, by codinghuang

GCC is not on the container as it is alpine linux

Thank you for reviewing my bug report, if any more details are required please let me know 👍

PineappleIOnic avatar Nov 19 '21 12:11 PineappleIOnic

  1. Please provide the complete log of php --ri swoole output.
  2. Are you using curl native hook?
  3. Do you have set the http host header?
$host = array("Host: your_host");
curl_setopt($ch,CURLOPT_HTTPHEADER,$host);

matyhtf avatar Nov 20 '21 08:11 matyhtf

Yes, We are using the curl native hook enabled with Swoole\Runtime::enableCoroutine(true, SWOOLE_HOOK_ALL); If you would like to take a look at the code we are using to execute calls it can be found here:

https://github.com/utopia-php/orchestration/blob/94540e5a756604836271a9c8f1e2170415daa7cc/src/Orchestration/Adapter/DockerAPI.php#L52-L92

The $headers is set else where within appwrite which is requiring this library

PineappleIOnic avatar Nov 20 '21 12:11 PineappleIOnic

php --ri swoole output:

/usr/src/code # php --ri swoole

swoole

Swoole => enabled
Author => Swoole Team <[email protected]>
Version => 4.8.2
Built => Nov 19 2021 11:55:14
coroutine => enabled with boost asm context
epoll => enabled
eventfd => enabled
signalfd => enabled
spinlock => enabled
rwlock => enabled
sockets => enabled
openssl => OpenSSL 1.1.1l  24 Aug 2021
dtls => enabled
http2 => enabled
zlib => 1.2.11
brotli => E16777225/D16777225
mutex_timedlock => enabled
pthread_barrier => enabled
async_redis => enabled

Directive => Local Value => Master Value
swoole.enable_coroutine => On => On
swoole.enable_library => On => On
swoole.enable_preemptive_scheduler => Off => Off
swoole.display_errors => On => On
swoole.use_shortname => On => On
swoole.unixsock_buffer_size => 8388608 => 8388608

PineappleIOnic avatar Nov 20 '21 12:11 PineappleIOnic

Hey there, Is there any update on this?

PineappleIOnic avatar Feb 03 '22 14:02 PineappleIOnic

I would suggest stream_socket_client as an alternative. This works well. Fortunately, I never use cUrl to make requests through sockets.

I use HTTP 1.0 and the following headers:

// ...

$headers = [
    'Host: localhost',
    'User-Agent: PHP/' . PHP_VERSION,
    'Accept: */*',
    'Content-Type: application/json',
    'Connection: close'
];

// ...

fwrite($handle, sprintf("GET %s HTTP/1.0\r\n%s\r\n\r\n", '/containers/' . urlencode($name) . '/json', implode("\r\n", $headers)));

nggit avatar Mar 19 '22 01:03 nggit

Same problem here, if using curl to unix socket (CURLOPT_unix_socket_path) inside coroutine context while enabling hooks Co::set(['hook_flags'=> SWOOLE_HOOK_ALL]); seems to not set request headers AND http method even if set via CURLOPT_CUSTOMREQUEST

php --ri swoole

swoole

Swoole => enabled Author => Swoole Team [email protected] Version => 5.1.0 Built => Nov 7 2023 22:10:36 coroutine => enabled with boost asm context epoll => enabled eventfd => enabled signalfd => enabled cpu_affinity => enabled spinlock => enabled rwlock => enabled openssl => OpenSSL 3.0.2 15 Mar 2022 dtls => enabled http2 => enabled json => enabled mutex_timedlock => enabled pthread_barrier => enabled futex => enabled async_redis => enabled coroutine_sqlite => enabled

Directive => Local Value => Master Value swoole.enable_coroutine => On => On swoole.enable_library => On => On swoole.enable_fiber_mock => Off => Off swoole.enable_preemptive_scheduler => Off => Off swoole.display_errors => On => On swoole.use_shortname => On => On swoole.unixsock_buffer_size => 8388608 => 8388608

ducktype avatar Nov 08 '23 23:11 ducktype

Also this two options are not supported: CURLOPT_PROXY_SSL_VERIFYHOST (not supported error) CURLOPT_PROXY_SSL_VERIFYPEER (not supported error) CURLOPT_CUSTOMREQUEST (no error but misbehave malforming the request) CURLOPT_UNIX_SOCKET_PATH (workaround by @nggit is acceptable for now) i really need this options to call an external service api with PATCH http method and via a non verified https proxy? will be hard o add support for this? how can i help? can someone put me on the right track? ty in advice

ducktype avatar Nov 11 '23 17:11 ducktype

ok solved... "pecl install swoole" with or without "--enable-swoole-curl" on Ubuntu 22.04.3 LTS DOES NOT ENABLE SWOOLE_HOOK_NATIVE_CURL so build swoole manually: "pecl uninstall swoole" wget https://github.com/swoole/swoole-src/archive/refs/tags/v5.1.0.zip unzip v5.1. cd swoole-src-5.1.0 apt install libc-ares-dev AND OTHERS REQUIREMENTS phpize ./configure --enable-openssl --enable-brotli --enable-mysqlnd --enable-swoole-curl --enable-cares --enable-swoole sudo make sudo make install php --ri swoole (MAKE ATTENTION TO THE LINE curl-native => enabled)

swoole

Swoole => enabled Author => Swoole Team [email protected] Version => 5.1.0 Built => Nov 12 2023 19:29:40 coroutine => enabled with boost asm context epoll => enabled eventfd => enabled signalfd => enabled cpu_affinity => enabled spinlock => enabled rwlock => enabled openssl => OpenSSL 3.0.2 15 Mar 2022 dtls => enabled http2 => enabled json => enabled curl-native => enabled c-ares => 1.18.1 mutex_timedlock => enabled pthread_barrier => enabled futex => enabled mysqlnd => enabled async_redis => enabled

Directive => Local Value => Master Value swoole.enable_coroutine => On => On swoole.enable_library => On => On swoole.enable_fiber_mock => Off => Off swoole.enable_preemptive_scheduler => Off => Off swoole.display_errors => On => On swoole.use_shortname => On => On swoole.unixsock_buffer_size => 8388608 => 8388608

ducktype avatar Nov 12 '23 19:11 ducktype