nlopess Tue Feb 13 18:29:10 2007 UTC
Added files: (Branch: PHP_5_2)
/php-src/ext/ftp/tests bug37799.phpt
Modified files:
/php-src NEWS
/php-src/ext/ftp ftp.c
/php-src/ext/ftp/tests server.inc
Log:
Fixed bug #37799 (ftp_ssl_connect() falls back to non-ssl connection)
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.535&r2=1.2027.2.547.2.536&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.547.2.535 php-src/NEWS:1.2027.2.547.2.536
--- php-src/NEWS:1.2027.2.547.2.535 Tue Feb 13 15:55:45 2007
+++ php-src/NEWS Tue Feb 13 18:29:10 2007
@@ -16,6 +16,7 @@
- Fixed bug #40410 (ext/posix does not compile on MacOS 10.3.9). (Tony)
- Fixed bug #40109 (iptcembed fails on non-jfif jpegs). (Tony)
- Fixed bug #39836 (SplObjectStorage empty after unserialize). (Marcus)
+- Fixed bug #37799 (ftp_ssl_connect() falls back to non-ssl connection). (Nuno)
08 Feb 2007, PHP 5.2.1
- Added read-timeout context option "timeout" for HTTP streams. (Hannes,
Ilia).
http://cvs.php.net/viewvc.cgi/php-src/ext/ftp/ftp.c?r1=1.112.2.4.2.3&r2=1.112.2.4.2.4&diff_format=u
Index: php-src/ext/ftp/ftp.c
diff -u php-src/ext/ftp/ftp.c:1.112.2.4.2.3 php-src/ext/ftp/ftp.c:1.112.2.4.2.4
--- php-src/ext/ftp/ftp.c:1.112.2.4.2.3 Mon Jan 1 09:36:01 2007
+++ php-src/ext/ftp/ftp.c Tue Feb 13 18:29:10 2007
@@ -17,7 +17,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: ftp.c,v 1.112.2.4.2.3 2007/01/01 09:36:01 sebastian Exp $ */
+/* $Id: ftp.c,v 1.112.2.4.2.4 2007/02/13 18:29:10 nlopess Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -266,60 +266,57 @@
}
if (ftp->resp != 334) {
- ftp->use_ssl = 0;
+ return 0;
} else {
ftp->old_ssl = 1;
ftp->use_ssl_for_data = 1;
}
}
- /* now enable ssl if we still need to */
- if (ftp->use_ssl) {
- ctx = SSL_CTX_new(SSLv23_client_method());
- if (ctx == NULL) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING,
"failed to create the SSL context");
+ ctx = SSL_CTX_new(SSLv23_client_method());
+ if (ctx == NULL) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "failed to
create the SSL context");
+ return 0;
+ }
+
+ SSL_CTX_set_options(ctx, SSL_OP_ALL);
+
+ ftp->ssl_handle = SSL_new(ctx);
+ if (ftp->ssl_handle == NULL) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "failed to
create the SSL handle");
+ SSL_CTX_free(ctx);
+ return 0;
+ }
+
+ SSL_set_fd(ftp->ssl_handle, ftp->fd);
+
+ if (SSL_connect(ftp->ssl_handle) <= 0) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS
handshake failed");
+ SSL_shutdown(ftp->ssl_handle);
+ return 0;
+ }
+
+ ftp->ssl_active = 1;
+
+ if (!ftp->old_ssl) {
+
+ /* set protection buffersize to zero */
+ if (!ftp_putcmd(ftp, "PBSZ", "0")) {
+ return 0;
+ }
+ if (!ftp_getresp(ftp)) {
return 0;
}
- SSL_CTX_set_options(ctx, SSL_OP_ALL);
-
- ftp->ssl_handle = SSL_new(ctx);
- if (ftp->ssl_handle == NULL) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING,
"failed to create the SSL handle");
- SSL_CTX_free(ctx);
+ /* enable data conn encryption */
+ if (!ftp_putcmd(ftp, "PROT", "P")) {
return 0;
}
-
- SSL_set_fd(ftp->ssl_handle, ftp->fd);
-
- if (SSL_connect(ftp->ssl_handle) <= 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING,
"SSL/TLS handshake failed");
- SSL_shutdown(ftp->ssl_handle);
+ if (!ftp_getresp(ftp)) {
return 0;
}
- ftp->ssl_active = 1;
-
- if (!ftp->old_ssl) {
-
- /* set protection buffersize to zero */
- if (!ftp_putcmd(ftp, "PBSZ", "0")) {
- return 0;
- }
- if (!ftp_getresp(ftp)) {
- return 0;
- }
-
- /* enable data conn encryption */
- if (!ftp_putcmd(ftp, "PROT", "P")) {
- return 0;
- }
- if (!ftp_getresp(ftp)) {
- return 0;
- }
-
- ftp->use_ssl_for_data = (ftp->resp >= 200 &&
ftp->resp <=299);
- }
+ ftp->use_ssl_for_data = (ftp->resp >= 200 && ftp->resp
<=299);
}
}
#endif
http://cvs.php.net/viewvc.cgi/php-src/ext/ftp/tests/server.inc?r1=1.1.2.6&r2=1.1.2.7&diff_format=u
Index: php-src/ext/ftp/tests/server.inc
diff -u php-src/ext/ftp/tests/server.inc:1.1.2.6
php-src/ext/ftp/tests/server.inc:1.1.2.7
--- php-src/ext/ftp/tests/server.inc:1.1.2.6 Fri Dec 1 16:37:39 2006
+++ php-src/ext/ftp/tests/server.inc Tue Feb 13 18:29:10 2007
@@ -59,7 +59,7 @@
function user_auth($buf) {
- global $user, $s, $ssl;
+ global $user, $s, $ssl, $bug37799;
if (!empty($ssl)) {
if ($buf !== "AUTH TLS\r\n") {
@@ -67,7 +67,13 @@
dump_and_exit($buf);
}
- fputs($s, "234 auth type accepted\r\n");
+ if (empty($bug37799)) {
+ fputs($s, "234 auth type accepted\r\n");
+ } else {
+ fputs($s, "666 dummy\r\n");
+ fputs($s, "666 bogus msg\r\n");
+ exit;
+ }
if (!stream_socket_enable_crypto($s, true,
STREAM_CRYPTO_METHOD_SSLv23_SERVER)) {
die("SSLv23 handshake failed.\n");
http://cvs.php.net/viewvc.cgi/php-src/ext/ftp/tests/bug37799.phpt?view=markup&rev=1.1
Index: php-src/ext/ftp/tests/bug37799.phpt
+++ php-src/ext/ftp/tests/bug37799.phpt
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
