sesser Sun Sep 8 12:45:32 2002 EDT
Modified files:
/php4/ext/standard basic_functions.c ftp_fopen_wrapper.c
Log:
Added EXPERIMENTAL ftps fopen wrapper.
For now this leaks the control connection stream because you cannot
close the control connection in ssl mode before you read the data.
Index: php4/ext/standard/basic_functions.c
diff -u php4/ext/standard/basic_functions.c:1.501
php4/ext/standard/basic_functions.c:1.502
--- php4/ext/standard/basic_functions.c:1.501 Thu Sep 5 08:03:43 2002
+++ php4/ext/standard/basic_functions.c Sun Sep 8 12:45:28 2002
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: basic_functions.c,v 1.501 2002/09/05 12:03:43 hyanantha Exp $ */
+/* $Id: basic_functions.c,v 1.502 2002/09/08 16:45:28 sesser Exp $ */
#include "php.h"
#include "php_streams.h"
@@ -1027,6 +1027,7 @@
php_register_url_stream_wrapper("ftp", &php_stream_ftp_wrapper TSRMLS_CC);
# if HAVE_OPENSSL_EXT
php_register_url_stream_wrapper("https", &php_stream_http_wrapper TSRMLS_CC);
+ php_register_url_stream_wrapper("ftps", &php_stream_ftp_wrapper TSRMLS_CC);
# endif
#endif
Index: php4/ext/standard/ftp_fopen_wrapper.c
diff -u php4/ext/standard/ftp_fopen_wrapper.c:1.27
php4/ext/standard/ftp_fopen_wrapper.c:1.28
--- php4/ext/standard/ftp_fopen_wrapper.c:1.27 Thu Sep 5 10:21:55 2002
+++ php4/ext/standard/ftp_fopen_wrapper.c Sun Sep 8 12:45:32 2002
@@ -17,7 +17,7 @@
| Hartmut Holzgraefe <[EMAIL PROTECTED]> |
+----------------------------------------------------------------------+
*/
-/* $Id: ftp_fopen_wrapper.c,v 1.27 2002/09/05 14:21:55 hyanantha Exp $ */
+/* $Id: ftp_fopen_wrapper.c,v 1.28 2002/09/08 16:45:32 sesser Exp $ */
#include "php.h"
#include "php_globals.h"
@@ -83,11 +83,12 @@
while (php_stream_gets(stream, buffer, buffer_size-1) &&
!(isdigit((int) buffer[0]) && isdigit((int) buffer[1]) &&
isdigit((int) buffer[2]) && buffer[3] == ' '));
-
return strtol(buffer, NULL, 10);
}
#define GET_FTP_RESULT(stream) get_ftp_result((stream), tmp_line, sizeof(tmp_line)
TSRMLS_CC)
+#define FTPS_ENCRYPT_DATA 1
+
static int php_stream_ftp_stream_stat(php_stream_wrapper *wrapper,
php_stream *stream,
php_stream_statbuf *ssb
@@ -118,13 +119,13 @@
*/
php_stream * php_stream_url_wrap_ftp(php_stream_wrapper *wrapper, char *path, char
*mode, int options, char **opened_path, php_stream_context *context STREAMS_DC
TSRMLS_DC)
{
- php_stream *stream=NULL;
+ php_stream *stream=NULL, *datastream=NULL;
php_url *resource=NULL;
char tmp_line[512];
unsigned short portno;
char *scratch;
int result;
- int i;
+ int i, use_ssl, use_ssl_on_data=0;
char *tpath, *ttpath;
size_t file_size = 0;
@@ -137,6 +138,8 @@
if (resource == NULL || resource->path == NULL)
return NULL;
+ use_ssl = resource->scheme && (strlen(resource->scheme) > 3) &&
+resource->scheme[3] == 's';
+
/* use port 21 if one wasn't specified */
if (resource->port == 0)
resource->port = 21;
@@ -155,6 +158,62 @@
goto errexit;
}
+#if HAVE_OPENSSL_EXT
+ if (use_ssl) {
+
+ /* send the AUTH TLS request name */
+ php_stream_write_string(stream, "AUTH TLS\r\n");
+
+ /* get the response */
+ result = GET_FTP_RESULT(stream);
+ if (result != 234) {
+ /* AUTH TLS not supported try AUTH SSL */
+ php_stream_write_string(stream, "AUTH SSL\r\n");
+
+ /* get the response */
+ result = GET_FTP_RESULT(stream);
+ if (result != 334) {
+ use_ssl = 0;
+ }
+ } else {
+ /* encrypt data etc */
+
+
+ }
+
+ }
+
+ if (use_ssl) {
+ if (use_ssl && php_stream_sock_ssl_activate_with_method(stream, 1,
+SSLv23_method()) == FAILURE) {
+ php_stream_wrapper_log_error(wrapper, options TSRMLS_CC,
+"Unable to activate SSL mode");
+ php_stream_close(stream);
+ stream = NULL;
+ goto errexit;
+ }
+
+ /* set PBSZ to 0 */
+ php_stream_write_string(stream, "PBSZ 0\r\n");
+
+ /* ignore the response */
+ result = GET_FTP_RESULT(stream);
+
+ /* set data connection protection level */
+#if FTPS_ENCRYPT_DATA
+ php_stream_write_string(stream, "PROT P\r\n");
+
+ /* get the response */
+ result = GET_FTP_RESULT(stream);
+ use_ssl_on_data = result >= 200 && result<=299;
+#else
+ php_stream_write_string(stream, "PROT C\r\n");
+
+ /* get the response */
+ result = GET_FTP_RESULT(stream);
+#endif
+ }
+
+#endif
+
/* send the user name */
php_stream_write_string(stream, "USER ");
if (resource->user != NULL) {
@@ -237,7 +296,7 @@
/* set up the passive connection */
- /* We try EPSV first, needed for IPv6 and works on some IPv4 servers */
+ /* We try EPSV first, needed for IPv6 and works on some IPv4 servers */
php_stream_write_string(stream, "EPSV\r\n");
result = GET_FTP_RESULT(stream);
@@ -308,21 +367,32 @@
} else {
php_stream_write_string(stream, "/");
}
-
- /* close control connection */
- php_stream_write_string(stream, "\r\nQUIT\r\n");
- php_stream_close(stream);
+ php_stream_write_string(stream, "\r\n");
+
+ /* close control connection if not in ssl mode */
+ if (!use_ssl) {
+ php_stream_write_string(stream, "QUIT\r\n");
+ php_stream_close(stream);
+ }
/* open the data channel */
- stream = php_stream_sock_open_host(resource->host, portno, SOCK_STREAM, 0, 0);
- if (stream == NULL)
+ datastream = php_stream_sock_open_host(resource->host, portno, SOCK_STREAM, 0,
+0);
+ if (datastream == NULL)
goto errexit;
- php_stream_context_set(stream, context);
+ php_stream_context_set(datastream, context);
php_stream_notify_progress_init(context, 0, file_size);
+ if (use_ssl_on_data && php_stream_sock_ssl_activate_with_method(datastream, 1,
+SSLv23_method()) == FAILURE) {
+ php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "Unable to
+activate SSL mode");
+ php_stream_close(datastream);
+ datastream = NULL;
+ goto errexit;
+ }
+
+
php_url_free(resource);
- return stream;
+ return datastream;
errexit:
php_url_free(resource);
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
