Edit report at https://bugs.php.net/bug.php?id=36103&edit=1
ID: 36103 Comment by: hessemanj2100 at gmail dot com Reported by: rebe at unit01 dot net Summary: ftp ssl connection fails during login Status: No Feedback Type: Bug Package: FTP related Operating System: linux PHP Version: 5.1.2 Assigned To: tony2001 Block user comment: N Private report: N New Comment: Here we are at versions 5.3.25 and 5.4.15 and this bug still exists? Come on, this is PHP for crying out loud. The most popular scripting language on the web. Please implement this patch already that "erez dot h at zend dot com" made. It works perfectly because I tried it. Just a simple patch that decides how to handle certain SSL errors. It sucks having to patch ftp.c every time I want to compile PHP with FTP support. You (PHP development team) are seriously slacking. How hard can it be? Add it to the source tree already! Previous Comments: ------------------------------------------------------------------------ [2012-12-12 08:01:11] erez dot h at zend dot com Hi Tony I think this is the right place to write the comments since i am experiencing all the of the same issues as mentioned on comment [2006-01-20 15:32 UTC] rebe at unit01 dot net. The main difference is that it appear on our windows php and not linux. Also need to mention the patch is used from comments 1. [2006-01-24 00:38 UTC] rebe at unit01 dot net 2. [2007-10-12 14:21 UTC] contact dot removethis at deciacco dot com The test case is as follows: (http://php.net/manual/en/function.ftp-ssl- connect.php) <?php // set up basic ssl connection $conn_id = ftp_ssl_connect($ftp_server); // login with username and password $login_result = ftp_login($conn_id, $ftp_user_name, $ftp_user_pass); echo ftp_pwd($conn_id); // / // close the ssl connection ftp_close($conn_id); ?> And I will pass this to Dimitry as well. Thanks ------------------------------------------------------------------------ [2012-12-11 16:00:45] tony2...@php.net @erez dot h at zend dot com I guess it would be better to create a new bug report and add an up to date reproduce case while you're at it. Adding some more explanations to the patch would be a good idea, too. You can also go an other way and send your patch directly to Dmitry for review, dmi...@zend.com/dmi...@php.net I mean. ------------------------------------------------------------------------ [2012-12-11 15:15:58] erez dot h at zend dot com we still have this issue on windows php build 5.3.19 and 5.4.9 so we implemented this patch which solve the issue. please see if you can add to future versions. diff -ruN php-5.3.19.orig/ext/ftp/ftp.c php-5.3.19/ext/ftp/ftp.c --- php-5.3.19.orig/ext/ftp/ftp.c 2012-11-21 22:07:23.000000000 +0200 +++ php-5.3.19/ext/ftp/ftp.c 2012-12-11 16:49:21.359682714 +0200 @@ -241,6 +241,7 @@ int ftp_login(ftpbuf_t *ftp, const char *user, const char *pass TSRMLS_DC) { + int errcode; #if HAVE_OPENSSL_EXT SSL_CTX *ctx = NULL; #endif @@ -289,13 +290,27 @@ } SSL_set_fd(ftp->ssl_handle, ftp->fd); - - if (SSL_connect(ftp->ssl_handle) <= 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS handshake failed"); - SSL_shutdown(ftp->ssl_handle); - return 0; - } - + + do { + errcode = SSL_connect(ftp->ssl_handle); + switch (SSL_get_error (ftp->ssl_handle, errcode)) { + case SSL_ERROR_NONE: + errcode = 1; + break; + case SSL_ERROR_WANT_WRITE: + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_X509_LOOKUP: + errcode = 0; + break; + default: + /* true error happened */ + php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS handshake failed"); + SSL_shutdown(ftp->ssl_handle); + return 0; + break; + } + } while(errcode == 0 && !SSL_is_init_finished(ftp- >ssl_handle)); + ftp->ssl_active = 1; if (!ftp->old_ssl) { @@ -1493,6 +1508,7 @@ php_sockaddr_storage addr; socklen_t size; + int errcode; #if HAVE_OPENSSL_EXT SSL_CTX *ctx; #endif @@ -1537,11 +1553,26 @@ SSL_copy_session_id(data->ssl_handle, ftp->ssl_handle); } - if (SSL_connect(data->ssl_handle) <= 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "data_accept: SSL/TLS handshake failed"); - SSL_shutdown(data->ssl_handle); - return 0; - } + + do { + errcode = SSL_connect(data->ssl_handle); + switch (SSL_get_error (data->ssl_handle, errcode)) { + case SSL_ERROR_NONE: + errcode = 1; + break; + case SSL_ERROR_WANT_WRITE: + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_X509_LOOKUP: + errcode = 0; + break; + default: + /* true error happened */ + php_error_docref(NULL TSRMLS_CC, E_WARNING, "data_accept: SSL/TLS handshake failed"); + SSL_shutdown(data->ssl_handle); + return 0; + break; + } + } while(errcode == 0 && !SSL_is_init_finished(data- >ssl_handle)); data->ssl_active = 1; } ------------------------------------------------------------------------ [2008-07-21 01:00:01] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". ------------------------------------------------------------------------ [2008-07-13 16:02:08] j...@php.net Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.2-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.2-win32-installer-latest.msi ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=36103 -- Edit this bug report at https://bugs.php.net/bug.php?id=36103&edit=1
