Edit report at https://bugs.php.net/bug.php?id=36103&edit=1
ID: 36103 Updated by: tony2...@php.net Reported by: rebe at unit01 dot net Summary: ftp ssl connection fails during login Status: No Feedback Type: Bug Package: FTP related Operating System: linux PHP Version: 5.1.2 Assigned To: tony2001 Block user comment: N Private report: N New Comment: @erez dot h at zend dot com I guess it would be better to create a new bug report and add an up to date reproduce case while you're at it. Adding some more explanations to the patch would be a good idea, too. You can also go an other way and send your patch directly to Dmitry for review, dmi...@zend.com/dmi...@php.net I mean. Previous Comments: ------------------------------------------------------------------------ [2012-12-11 15:15:58] erez dot h at zend dot com we still have this issue on windows php build 5.3.19 and 5.4.9 so we implemented this patch which solve the issue. please see if you can add to future versions. diff -ruN php-5.3.19.orig/ext/ftp/ftp.c php-5.3.19/ext/ftp/ftp.c --- php-5.3.19.orig/ext/ftp/ftp.c 2012-11-21 22:07:23.000000000 +0200 +++ php-5.3.19/ext/ftp/ftp.c 2012-12-11 16:49:21.359682714 +0200 @@ -241,6 +241,7 @@ int ftp_login(ftpbuf_t *ftp, const char *user, const char *pass TSRMLS_DC) { + int errcode; #if HAVE_OPENSSL_EXT SSL_CTX *ctx = NULL; #endif @@ -289,13 +290,27 @@ } SSL_set_fd(ftp->ssl_handle, ftp->fd); - - if (SSL_connect(ftp->ssl_handle) <= 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS handshake failed"); - SSL_shutdown(ftp->ssl_handle); - return 0; - } - + + do { + errcode = SSL_connect(ftp->ssl_handle); + switch (SSL_get_error (ftp->ssl_handle, errcode)) { + case SSL_ERROR_NONE: + errcode = 1; + break; + case SSL_ERROR_WANT_WRITE: + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_X509_LOOKUP: + errcode = 0; + break; + default: + /* true error happened */ + php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS handshake failed"); + SSL_shutdown(ftp->ssl_handle); + return 0; + break; + } + } while(errcode == 0 && !SSL_is_init_finished(ftp- >ssl_handle)); + ftp->ssl_active = 1; if (!ftp->old_ssl) { @@ -1493,6 +1508,7 @@ php_sockaddr_storage addr; socklen_t size; + int errcode; #if HAVE_OPENSSL_EXT SSL_CTX *ctx; #endif @@ -1537,11 +1553,26 @@ SSL_copy_session_id(data->ssl_handle, ftp->ssl_handle); } - if (SSL_connect(data->ssl_handle) <= 0) { - php_error_docref(NULL TSRMLS_CC, E_WARNING, "data_accept: SSL/TLS handshake failed"); - SSL_shutdown(data->ssl_handle); - return 0; - } + + do { + errcode = SSL_connect(data->ssl_handle); + switch (SSL_get_error (data->ssl_handle, errcode)) { + case SSL_ERROR_NONE: + errcode = 1; + break; + case SSL_ERROR_WANT_WRITE: + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_X509_LOOKUP: + errcode = 0; + break; + default: + /* true error happened */ + php_error_docref(NULL TSRMLS_CC, E_WARNING, "data_accept: SSL/TLS handshake failed"); + SSL_shutdown(data->ssl_handle); + return 0; + break; + } + } while(errcode == 0 && !SSL_is_init_finished(data- >ssl_handle)); data->ssl_active = 1; } ------------------------------------------------------------------------ [2008-07-21 01:00:01] php-bugs at lists dot php dot net No feedback was provided for this bug for over a week, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open". ------------------------------------------------------------------------ [2008-07-13 16:02:08] j...@php.net Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows (zip): http://snaps.php.net/win32/php5.2-win32-latest.zip For Windows (installer): http://snaps.php.net/win32/php5.2-win32-installer-latest.msi ------------------------------------------------------------------------ [2007-10-12 14:21:59] contact dot removethis at deciacco dot com I made a mistake in my last comment above. It's not the ftp_getdata() function! It's the data_accept() function that also needs to be updated. ------------------------------------------------------------------------ [2007-10-12 04:36:42] contact dot removethis at deciacco dot com I've found that you also have to update the ftp_getdata() function in the same ftp.c file. I was able to get my version running with tony2001's patch. You have to modify it slightly for the ftp_getdata() function. Basically, you have to use data->ssl_handle in the place of ftp->ssl_handle. For more details see my post: http://www.deciacco.com/blog/archives/124 ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=36103 -- Edit this bug report at https://bugs.php.net/bug.php?id=36103&edit=1