php调用curl访问https地址时,php-fpm进程crash后重启,nginx报502错误
php-fpm日志报错:
[NOTICE] fpm_got_signal(), line 48: received SIGCHLD [WARNING] fpm_children_bury(), line 215: child 4270 (pool default) exited on signal 11 SIGSEGV (core dumped) after 1816.499155 seconds from start [NOTICE] fpm_children_make(), line 352: child 4444 (pool default) started
dmesg报错:
[1125726.463591] php-cgi[4517]: segfault at 8048 ip 000000319301cefc sp 00007ffc8430fac0 error 4 in libsqlite3.so.0.8.6[3193000000+8b000]
复现代码:
$urlEndPoint = "https://www.google.com/search";
$headerArray = array();
$ch = curl_init();
curl_setopt($ch,CURLOPT_POST,true);
curl_setopt($ch,CURLOPT_URL, $urlEndPoint);
/*curl_setopt($ch,CURLOPT_HTTPHEADER, $headerArray);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postArray); */
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_HEADER, true);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0');
curl_setopt($ch, CURLOPT_VERBOSE, true);
if (!$result = curl_exec($ch)) {
print (curl_error($ch));
}
curl_close ($ch);
echo print_r($result,true);
复现结果:
[root@172-105-209-168 ~]# php test1.php * About to connect() to www.google.com port 443 (#0) * Trying 142.251.42.196... * connected * Connected to www.google.com (142.251.42.196) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb Segmentation fault (core dumped)
排错后确定,是nss的问题,准确说应该是/etc/pki/nssdb这个数据库文件的问题。
Quick fix: 重装一遍nss
如果在nssdb中有自定义证书,需要先备份
yum -y reinstall nss
CentOS 6 太老了,官方的和很多第三方的yum源已经移除 CentOS 6,需要找个能用的:
https://www.mark-gilbert.co.uk/fixing-yum-repos-on-centos-6-now-its-eol/