After hours of search, I've found that it was an apache mod causing this issue
I've written a small PHP script to test the API.
When I call login and next a function, it works.
BUT, when the function is included in a loop, it crash after one or 2 occurrences.
For a while, I've suspected suhosin but I've nothing in the logs about a suhosin alert.
So I've looked into the apache mod, and the winner was: mod_evasive !
It detects the loop as a DoS attack ...
In conclusion: never enabled mod_evasive if your API need to be called in a loop.
PS: I can't add a RESOLVED to my title, too bad