ID: 36103
User updated by: rebe at unit01 dot net
Reported By: rebe at unit01 dot net
-Status: Feedback
+Status: Open
Bug Type: FTP related
Operating System: linux
PHP Version: 5.1.2
New Comment:
Frankly - your patch is doing 99% percent the same thing but is not
fixing problem :) I checked that twice cause I didn't believe it but
still getting "handshake failed". The only difference I see is :
}while(errcode == 0 && !SSL_is_init_finished(ftp-ssl_handle));
^^^^^^^^^^^^^^
we didn't use that in our fix.
Previous Comments:
------------------------------------------------------------------------
[2006-01-24 01:14:37] [EMAIL PROTECTED]
Please try this patch:
http://tony2001.phpclub.net/dev/tmp/bug36103.diff
------------------------------------------------------------------------
[2006-01-24 00:38:21] rebe at unit01 dot net
OK here's what we figured out with a friend of mine. Login function in
ext/ftp.c treat all errors (also "want_more..." ) as login fail but it
is not true. A patch below is fixing problem and makes everything
working fine:
@@ -243,6 +243,7 @@
{
#if HAVE_OPENSSL_EXT
SSL_CTX *ctx = NULL;
+ int err,errs;
#endif
if (ftp == NULL) {
return 0;
@@ -291,13 +292,24 @@
}
SSL_set_fd(ftp->ssl_handle, ftp->fd);
-
+/*
if (SSL_connect(ftp->ssl_handle) <= 0) {
php_error_docref(NULL TSRMLS_CC,
E_WARNING, "SSL/TLS handshake failed");
SSL_shutdown(ftp->ssl_handle);
return 0;
}
-
+*/
+err=SSL_connect(ftp->ssl_handle);
+while (err <= 0) {
+ errs = SSL_get_error(ftp->fd, err);
+ if ((errs != SSL_ERROR_WANT_READ) && (errs !=
SSL_ERROR_WANT_WRITE) && (errs != SSL_ERROR_WANT_X509_LOOKUP)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS handshake
failed");
+ SSL_shutdown(ftp->ssl_handle);
+ return 0;
+ }
+ err = SSL_connect(ftp->ssl_handle);
+}
+
------------------------------------------------------------------------
[2006-01-23 10:10:34] rebe at unit01 dot net
OK. I did that test from Trustix distro. The same piece of code acts
exactly the same way.
For me it looks like that openssl works fine as long as many other
aplications using it successfuly (apache, ftp, openvpn etc.).
------------------------------------------------------------------------
[2006-01-20 17:18:47] [EMAIL PROTECTED]
AFAIR Debian had some problems with Openssl packages.
Try to build the newest openssl from sources and recompile PHP using
it.
------------------------------------------------------------------------
[2006-01-20 17:07:47] rebe at unit01 dot net
debian:/var/www/test# uname -a
Linux debian 2.6.8-1-686 #1 Thu Nov 25 04:34:30 UTC 2004 i686 GNU/Linux
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/36103
--
Edit this bug report at http://bugs.php.net/?id=36103&edit=1
