Edit report at https://bugs.php.net/bug.php?id=36103&edit=1
ID: 36103
Comment by: erez dot h at zend dot com
Reported by: rebe at unit01 dot net
Summary: ftp ssl connection fails during login
Status: No Feedback
Type: Bug
Package: FTP related
Operating System: linux
PHP Version: 5.1.2
Assigned To: tony2001
Block user comment: N
Private report: N
New Comment:
we still have this issue on windows php build 5.3.19 and 5.4.9 so we
implemented
this patch which solve the issue. please see if you can add to future versions.
diff -ruN php-5.3.19.orig/ext/ftp/ftp.c php-5.3.19/ext/ftp/ftp.c
--- php-5.3.19.orig/ext/ftp/ftp.c 2012-11-21 22:07:23.000000000 +0200
+++ php-5.3.19/ext/ftp/ftp.c 2012-12-11 16:49:21.359682714 +0200
@@ -241,6 +241,7 @@
int
ftp_login(ftpbuf_t *ftp, const char *user, const char *pass TSRMLS_DC)
{
+ int errcode;
#if HAVE_OPENSSL_EXT
SSL_CTX *ctx = NULL;
#endif
@@ -289,13 +290,27 @@
}
SSL_set_fd(ftp->ssl_handle, ftp->fd);
-
- if (SSL_connect(ftp->ssl_handle) <= 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS
handshake failed");
- SSL_shutdown(ftp->ssl_handle);
- return 0;
- }
-
+
+ do {
+ errcode = SSL_connect(ftp->ssl_handle);
+ switch (SSL_get_error (ftp->ssl_handle,
errcode)) {
+ case SSL_ERROR_NONE:
+ errcode = 1;
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ errcode = 0;
+ break;
+ default:
+ /* true error happened */
+ php_error_docref(NULL
TSRMLS_CC,
E_WARNING, "SSL/TLS handshake failed");
+ SSL_shutdown(ftp->ssl_handle);
+ return 0;
+ break;
+ }
+ } while(errcode == 0 && !SSL_is_init_finished(ftp-
>ssl_handle));
+
ftp->ssl_active = 1;
if (!ftp->old_ssl) {
@@ -1493,6 +1508,7 @@
php_sockaddr_storage addr;
socklen_t size;
+ int errcode;
#if HAVE_OPENSSL_EXT
SSL_CTX *ctx;
#endif
@@ -1537,11 +1553,26 @@
SSL_copy_session_id(data->ssl_handle, ftp->ssl_handle);
}
- if (SSL_connect(data->ssl_handle) <= 0) {
- php_error_docref(NULL TSRMLS_CC, E_WARNING,
"data_accept: SSL/TLS handshake failed");
- SSL_shutdown(data->ssl_handle);
- return 0;
- }
+
+ do {
+ errcode = SSL_connect(data->ssl_handle);
+ switch (SSL_get_error (data->ssl_handle, errcode)) {
+ case SSL_ERROR_NONE:
+ errcode = 1;
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ errcode = 0;
+ break;
+ default:
+ /* true error happened */
+ php_error_docref(NULL TSRMLS_CC,
E_WARNING, "data_accept: SSL/TLS handshake failed");
+ SSL_shutdown(data->ssl_handle);
+ return 0;
+ break;
+ }
+ } while(errcode == 0 && !SSL_is_init_finished(data-
>ssl_handle));
data->ssl_active = 1;
}
Previous Comments:
------------------------------------------------------------------------
[2008-07-21 01:00:01] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
------------------------------------------------------------------------
[2008-07-13 16:02:08] [email protected]
Please try using this CVS snapshot:
http://snaps.php.net/php5.2-latest.tar.gz
For Windows (zip):
http://snaps.php.net/win32/php5.2-win32-latest.zip
For Windows (installer):
http://snaps.php.net/win32/php5.2-win32-installer-latest.msi
------------------------------------------------------------------------
[2007-10-12 14:21:59] contact dot removethis at deciacco dot com
I made a mistake in my last comment above. It's not the ftp_getdata() function!
It's the data_accept() function that also needs to be updated.
------------------------------------------------------------------------
[2007-10-12 04:36:42] contact dot removethis at deciacco dot com
I've found that you also have to update the ftp_getdata() function in the same
ftp.c file. I was able to get my version running with tony2001's patch. You
have to modify it slightly for the ftp_getdata() function. Basically, you have
to use data->ssl_handle in the place of ftp->ssl_handle. For more details see
my post: http://www.deciacco.com/blog/archives/124
------------------------------------------------------------------------
[2006-11-14 02:41:21] be_nice_or_feel_hell at yahoo dot com
Hi, If any of you can help me I would greatly appreciate it. I'm trying to get
into this thru FTP and am getting the error for 550 SSL/TLS required on the
control channel in CMD. As I am trying to connect though I know it is a unix
apache server. I am a "noob". Can anyone help me get to this server with
authentication please?
128.6.68.133
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=36103
--
Edit this bug report at https://bugs.php.net/bug.php?id=36103&edit=1
