ID: 36103
User updated by: rebe at unit01 dot net
Reported By: rebe at unit01 dot net
-Status: Feedback
+Status: Open
Bug Type: FTP related
Operating System: linux
PHP Version: 5.1.2
New Comment:
OK, so looks like your patch is also working properly. Just give me a
couple of days - maybe 'till the middle of the next week to check
everything again because I am a little bit busy now doing different
work.
I want to really confirm that this is a final sollution, so you could
apply that patch into official PHP release.
It is my first subbmission and I am glad to have really active and
collaborating PHP development team :)
Previous Comments:
------------------------------------------------------------------------
[2006-01-24 10:50:40] [EMAIL PROTECTED]
>Frankly - your patch is doing 99% percent the same thing
Yes, it does.
>}while(errcode == 0 && !SSL_is_init_finished(ftp-ssl_handle));
>we didn't use that in our fix.
So does it work without that check?
------------------------------------------------------------------------
[2006-01-24 10:44:57] rebe at unit01 dot net
Frankly - your patch is doing 99% percent the same thing but is not
fixing problem :) I checked that twice cause I didn't believe it but
still getting "handshake failed". The only difference I see is :
}while(errcode == 0 && !SSL_is_init_finished(ftp-ssl_handle));
^^^^^^^^^^^^^^
we didn't use that in our fix.
------------------------------------------------------------------------
[2006-01-24 01:14:37] [EMAIL PROTECTED]
Please try this patch:
http://tony2001.phpclub.net/dev/tmp/bug36103.diff
------------------------------------------------------------------------
[2006-01-24 00:38:21] rebe at unit01 dot net
OK here's what we figured out with a friend of mine. Login function in
ext/ftp.c treat all errors (also "want_more..." ) as login fail but it
is not true. A patch below is fixing problem and makes everything
working fine:
@@ -243,6 +243,7 @@
{
#if HAVE_OPENSSL_EXT
SSL_CTX *ctx = NULL;
+ int err,errs;
#endif
if (ftp == NULL) {
return 0;
@@ -291,13 +292,24 @@
}
SSL_set_fd(ftp->ssl_handle, ftp->fd);
-
+/*
if (SSL_connect(ftp->ssl_handle) <= 0) {
php_error_docref(NULL TSRMLS_CC,
E_WARNING, "SSL/TLS handshake failed");
SSL_shutdown(ftp->ssl_handle);
return 0;
}
-
+*/
+err=SSL_connect(ftp->ssl_handle);
+while (err <= 0) {
+ errs = SSL_get_error(ftp->fd, err);
+ if ((errs != SSL_ERROR_WANT_READ) && (errs !=
SSL_ERROR_WANT_WRITE) && (errs != SSL_ERROR_WANT_X509_LOOKUP)) {
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS handshake
failed");
+ SSL_shutdown(ftp->ssl_handle);
+ return 0;
+ }
+ err = SSL_connect(ftp->ssl_handle);
+}
+
------------------------------------------------------------------------
[2006-01-23 10:10:34] rebe at unit01 dot net
OK. I did that test from Trustix distro. The same piece of code acts
exactly the same way.
For me it looks like that openssl works fine as long as many other
aplications using it successfuly (apache, ftp, openvpn etc.).
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/36103
--
Edit this bug report at http://bugs.php.net/?id=36103&edit=1
