Merge branch 'PHP-7.3' into PHP-7.4

* PHP-7.3:
  Fixed bug #78775

Author: nikic

NEWS

@@ -9,6 +9,10 @@ PHP                                                                        NEWS
   . Fixed bug #77930 (stream_copy_to_stream should use mmap more often).
     (Nikita)
 
+- OpenSSL:
+  . Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted
+    connections). (Nikita)
+
 - Reflection:
   . Fixed bug #78774 (ReflectionNamedType on Typed Properties Crash). (Nikita)
 

ext/curl/tests/bug78775.phpt

@@ -0,0 +1,34 @@
+--TEST--
+Bug #78775: TLS issues from HTTP request affecting other encrypted connections
+--SKIPIF--
+<?php
+if (!extension_loaded('curl')) die('skip Requires curl');
+if (getenv('SKIP_ONLINE_TESTS')) die('skip Online test');
+?>
+--FILE--
+<?php
+
+$sock = fsockopen("tls://google.com", 443);
+
+var_dump($sock);
+
+$handle = curl_init('https://self-signed.badssl.com/');
+curl_setopt_array(
+    $handle,
+    [
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_SSL_VERIFYPEER => true,
+    ]
+);
+
+var_dump(curl_exec($handle));
+curl_close($handle);
+
+fwrite($sock, "GET / HTTP/1.0\n\n");
+var_dump(fread($sock, 8));
+
+?>
+--EXPECTF--
+resource(%d) of type (stream)
+bool(false)
+string(8) "HTTP/1.0"

ext/openssl/xp_ssl.c

@@ -1965,6 +1965,7 @@ static int php_openssl_enable_crypto(php_stream *stream,
 		do {
 			struct timeval cur_time, elapsed_time;
 
+			ERR_clear_error();
 			if (sslsock->is_client) {
 				n = SSL_connect(sslsock->ssl_handle);
 			} else {
@@ -2137,6 +2138,7 @@ static ssize_t php_openssl_sockop_io(int read, php_stream *stream, char *buf, si
 			}
 
 			/* Now, do the IO operation. Don't block if we can't complete... */
+			ERR_clear_error();
 			if (read) {
 				nr_bytes = SSL_read(sslsock->ssl_handle, buf, (int)count);