search

docker-library / php

Docker Official Image packaging for PHP
https://php.net
MIT License
3.81k stars 2k forks source link

Issue with libcurl in php:8.3-apache-bookworm causing connection errors #1542

Open jvancoillie opened 3 days ago

jvancoillie commented 3 days ago

Description:

When using the php:8.3-apache-bookworm Docker image behind a corporate proxy, I encountered an issue with curl during composer install. The error indicates a problem with the connection, and it didn't occur when using the php:8.2-apache-bookworm image. The error appears to be related to libcurl in the new PHP 8.3 image.

Here is the error log:

Failed to download symfony/var-dumper from dist: curl error 2 while downloading https://api.github.com/repos/symfony/var-dumper/zipball/ee14c8254a480913268b1e3b1cba8045ed122694: [CONN-1-0] send: no filter connected Now trying to download from source
Syncing symfony/http-kernel (v6.4.12) into cache Failed to download symfony/serializer from dist: curl error 2 while downloading https://codeload.github.com/symfony/serializer/legacy.zip/10ae9c1b90f4809ccb7277cc8fe8d80b3af4412c: [CONN-9-0] send: no filter connected Now trying to download from source

Steps to reproduce the issue:

  1. Use the php:8.3-apache-bookworm image behind a corporate proxy.
  2. Run composer install with any project that requires dependencies from GitHub.

Expected behavior:

The dependencies should be downloaded without connection issues, as they were with ~php:8.2-apache-bookworm~ php:8.2-apache-bullseye.

Additional information:

Please advise if any additional information is required to assist in debugging this issue.

LaurentGoderre commented 3 days ago

What happens if you pull down the latest php:8.2-apache-bookworm?

jvancoillie commented 2 days ago

I apologize for the error in my initial request. I mentioned that the expected behavior was based on php:8.2-apache-bookworm, while it was actually php:8.2-apache-bullseye.

Summary of tests:

It seems the issue is specific to the bookworm distribution and the version of libcurl (7.88.1-10+deb12u7). The same problem does not arise on bullseye with an earlier version of curl (7.74.0).

LaurentGoderre commented 2 days ago

Ive read that some version of cUrl have issues with multiplexing with http2 so you try setting the http version to 1.1 using CURLOPT_HTTP_VERSION = CURL_HTTP_VERSION_1_1 or something similar

https://www.php.net/manual/en/curl.constants.php#constant.curlopt-http-version

jvancoillie commented 2 days ago

Thanks for the suggestion. Unfortunately, this forces me to add a specific configuration for using Composer to work around the libcurl issue. It's quite problematic in my workflow. So I think I'll stick with Bullseye for now. I would have liked to benefit from Bookworm, but it seems I have no choice but to wait for a patch for libcurl. 😕

yosifkit commented 2 days ago

🤔 If bullseye works and bookworm doesn't that seems like it could possibly be libseccomp (https://github.com/docker-library/official-images/issues/16829). You could try running the bookworm container with --security-opt seccomp=unconfined to verify whether or not it is the cause.

jvancoillie commented 1 day ago

Hi @yosifkit,

I tested with the --security-opt seccomp=unconfined option as suggested, but the error persists. Here’s the command I used:

docker run --rm -it \
  --security-opt seccomp=unconfined \
  -w /app \
  php:8.3-apache-bookworm \
  bash -c "apt-get update && apt-get install -y git unzip && curl -sS https://getcomposer.org/installer | php && php composer.phar create-project symfony/skeleton my_project"

Unfortunately, I’m still seeing the same error:

Failed to download psr/container from dist: curl error 2 while downloading https://api.github.com/repos/php-fig/container/zipball/c71ecc56dfe541dbd90c5360474fbc405f8d5963: [CONN-1-0] send: no filter connected

It seems that disabling seccomp didn’t solve the issue. Any additional insights would be appreciated!

Thanks!