Fix bug #72667

Open data stream after receiving PASV reply, before sending the
main request.

Included test cases for opendir() with ftp:// and ftps:// wrappers.
Test cases re-use ext/ftp/tests/server.inc

Conflicts:
	ext/standard/ftp_fopen_wrapper.c

2 files changed, 76 insertions, 57 deletions

diff --git a/ext/ftp/tests/cert.pem b/ext/ftp/tests/cert.pem
index 94c61ffcc3..2bb30614ed 100644
--- a/ext/ftp/tests/cert.pem
+++ b/ext/ftp/tests/cert.pem
@@ -1,48 +1,49 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIBmzCCAQQCAQAwWzELMAkGA1UEBhMCUFQxCzAJBgNVBAgTAkx4MQswCQYDVQQH
-EwJMeDEcMBoGA1UEChMTQSBtaW5oYSBlbXByZXNhLCBTQTEUMBIGA1UECxMLUEhQ
-IFFBIFRlYW0wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM9mfEOSYwXf58ch
-4NyO1QOU1XMfquz8OVpvMUITABLAevZpeQn6vZPHNyXHFQC0QC8scydK1rAYd2U+
-9K2aPub6ioMjYyjPpAE07l9EAAPUEBlqqsziB/wT8QjWkByyJEkYu+o0Wyjokhfn
-BMPvm52wLWUx9nvUeNDCftnKg1wxAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQDD
-s1FeqPxnF2bWj8/dG8MyPaRfOAMVz1UsCZUciXIVG5LSIvR2qnMC3iEYt3s13sEq
-z8VJlNHa8nniE+VFNv093yIu+PlWXMEvb5y5EFqP2AYq3RAT+SJsSxGqIdzPZiKY
-INaktLCZmQ/E1v7/4hFzVRq9ydJI82DVS1nv282Whw==
------END CERTIFICATE REQUEST-----
 -----BEGIN CERTIFICATE-----
-MIIC4zCCAkygAwIBAgIBADANBgkqhkiG9w0BAQQFADBbMQswCQYDVQQGEwJQVDEL
-MAkGA1UECBMCTHgxCzAJBgNVBAcTAkx4MRwwGgYDVQQKExNBIG1pbmhhIGVtcHJl
-c2EsIFNBMRQwEgYDVQQLEwtQSFAgUUEgVGVhbTAeFw0wNjExMTkxODIzNTNaFw0w
-NzExMTkxODIzNTNaMFsxCzAJBgNVBAYTAlBUMQswCQYDVQQIEwJMeDELMAkGA1UE
-BxMCTHgxHDAaBgNVBAoTE0EgbWluaGEgZW1wcmVzYSwgU0ExFDASBgNVBAsTC1BI
-UCBRQSBUZWFtMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPZnxDkmMF3+fH
-IeDcjtUDlNVzH6rs/DlabzFCEwASwHr2aXkJ+r2TxzclxxUAtEAvLHMnStawGHdl
-PvStmj7m+oqDI2Moz6QBNO5fRAAD1BAZaqrM4gf8E/EI1pAcsiRJGLvqNFso6JIX
-5wTD75udsC1lMfZ71HjQwn7ZyoNcMQIDAQABo4G2MIGzMB0GA1UdDgQWBBTIga5L
-q+Ub1SWXgNZRYCpq3c8Z+jCBgwYDVR0jBHwweoAUyIGuS6vlG9Ull4DWUWAqat3P
-GfqhX6RdMFsxCzAJBgNVBAYTAlBUMQswCQYDVQQIEwJMeDELMAkGA1UEBxMCTHgx
-HDAaBgNVBAoTE0EgbWluaGEgZW1wcmVzYSwgU0ExFDASBgNVBAsTC1BIUCBRQSBU
-ZWFtggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAe6AA8aC3KDI8
-smd+7XWjaTSp1Q0uMkEZ2PEBzif2I1aPPqw1CQykJ1iDdC/8PJ1yEIezloP2XQoZ
-NjTaCO+uubay03ncoPTZvDUwExN9BYFAYgc2z3tLMHYbA7kM2sIbKys7ZQegLibr
-TSKYQOBeYA/FB9GHECJGU3zBRvYi+Og=
+MIIDhTCCAm2gAwIBAgIJAN75FFz+owOAMA0GCSqGSIb3DQEBCwUAMFkxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCTEyNy4wLjAuMTAeFw0xNjA3MjUxMjM3
+MTJaFw0yNjA3MjMxMjM3MTJaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21l
+LVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV
+BAMMCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtG
+AIrNUDItISfpAqztL2TFEWEHLGTzCEh5Ag2sdMD7UYbqIPHLOE4EINv+dqEMM0Nz
+LYnw7ChtVegXT907xCaQcmeDFSdhqze4L8zawDfnn4syB8XAwGYJfpstYwe3nO6+
+0WvLSb1A5TYNeyoXjwlAUKElxkeWAo51uhR41GDhDQ9GgpqX1ccAhmSoUhgIRSzf
+6f4KE3WTdzl1p12ZtkYHB8Jo2jB/JXnwGOz6isLnpRvkex4B7sUX+7u1MqK/e1X7
+Hi1G/VkaAfC2SOfjTePtGBDBXrQ1arYXDPRA04sgFzSh55l7lC/4HasQ/jAb3h95
+dcEIqyc69iioaN1c1NcCAwEAAaNQME4wHQYDVR0OBBYEFNv3kefb1H+6/6CpjiBi
++I2s9E90MB8GA1UdIwQYMBaAFNv3kefb1H+6/6CpjiBi+I2s9E90MAwGA1UdEwQF
+MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAIzSEWpHSaBs7KduBRXX5+qFxBN6OCPl
+7ID0rxAOYfw7ruzbmwgOpBgMIHGn+KqA6CmQI0jh9bZbv5TV2aFpFsUihugPc2lW
+5EshCozxlEPmIJNsO8jDqPE4w3m4KiVTscRWjBa5cco+lwLDqboerm2l7vvrtr6B
+pgLaZct1c73MouvoJSCGK5EOGW7jsgaxjxJ3UZug+24Ko1wulO2cgBLhda9Ilrnx
+CIKI9h8Z2WVWuVQfyCyO1g7XkJgkBec77OhxD+m4onzPY6waqnnhmFOBcS+gKgBV
+jHeK9DCvZ9zet3EyEp6fyQOOtsC+gU0piYgfsQL7aCp5oLe+fjTiuUY=
 -----END CERTIFICATE-----
------BEGIN RSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,928762DB6DE222AD
-
-oOxNUBX0wrqmRqb3IEZMogc1bnVm6JoW6YFjGfHNcIz0jS7UPDhUFDR26y0dYujL
-LEgxOcYo8ItvGcXSRbs+3W7lISbosgkB0DOaKx5jVmOGwUVRergUUSY8rbf93FtP
-27CEvAfsU6do5HmlJ34mYZW1k+onCznlJXJkupQ5jmiily3GwEdr/5mMIVOmXQ6p
-xWkxHySDKyVbR0v4JY3SJLRBuhgofYNG5155PiqZ7KwYY4Aw60eVgINsvJCF9/8b
-kEj+lecHbBdAf7N82320Ga+F+VeFnUl0gWFjoIF9UFCO80+7ZvIGdGlyPkr4zMvt
-TsC1snJQdHg+IlT3sGayYrQANpTG6GPYhn3KEvK5aqq+bPEe5lija0gw34jbPCo+
-TjHR76lToxzubGZODyyF/rjl5KwUbqTCNuv1PX1jTx7n7sCbu+KHpqXMhTHLKtby
-+Wh7WAfsVrbIW+P85/mkfhPbPZ2621f9cyStdFGgWU4dHdD00HIGOgAJvUSbC2Au
-oVUoKf2818t1s9aA4ptog04sNi+Ixu+z+3yYNLZj51j4ZX3KuXxLIiQvlvFQ8LQi
-RHGQk3u2W3iNtDKKUQjMPaB2FlVtC7FmtHBCpRmos6ld240DDyucqMdIDTMaqV0+
-sL4X+LIeBM/hP/IquRTuQBHBmgjkN4845ihTUJOanyKx605ANq/roHzXrbIxhR5p
-pcJLCBMLMWgdOCJMZRavSq04iXeNfP6Mk/joVpHS62Ljdfc94BBLfsOKOErA20Nq
-lfvbZqy2tI5IIDoq05S8FU0DYNqq/hyrv9Udo8IAo+WkBOABm0x/WA==
------END RSA PRIVATE KEY-----
- 
\ No newline at end of file
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7RgCKzVAyLSEn
+6QKs7S9kxRFhByxk8whIeQINrHTA+1GG6iDxyzhOBCDb/nahDDNDcy2J8OwobVXo
+F0/dO8QmkHJngxUnYas3uC/M2sA355+LMgfFwMBmCX6bLWMHt5zuvtFry0m9QOU2
+DXsqF48JQFChJcZHlgKOdboUeNRg4Q0PRoKal9XHAIZkqFIYCEUs3+n+ChN1k3c5
+daddmbZGBwfCaNowfyV58Bjs+orC56Ub5HseAe7FF/u7tTKiv3tV+x4tRv1ZGgHw
+tkjn403j7RgQwV60NWq2Fwz0QNOLIBc0oeeZe5Qv+B2rEP4wG94feXXBCKsnOvYo
+qGjdXNTXAgMBAAECggEAD7yDISa9fWnjZlojGmrX16zjl/alWVo+sPBSJtn9+ZVk
+tWSJHihIc+3O4Q2R5FiFGj7cbcHr5j3BwT3sPRfflKoAowgVx/hiDc2RXrJnAouZ
+EXZDxu86e5iCpgF7V9OrATjRmjA74wZH/HHHjrLqFwnrfI8TCULmthfYag35Mqax
+qrIEzvSuYdaGxblNe+ZfnVEDW2F9DLBGcma0ffUlJp8AvV7bpo8Rj/JovPxit/VS
+UdwSRxwSAugctFpmcGlFkoQfxUx1WdEy8hjopLrayMjCCJvRUL4+C4zT9r9PBHOj
+fCSbJ+ajQIoRrgaL9bURk8BFMHY8+yMUsWEYVSmFAQKBgQDtOvPkhvZsNocUB5nJ
+ti3SXyDQ6OZQuKKHPSeDV/EvmZKeNlrQ1ZnwXLP3vkcedDOkt1nEVq/hUewpjt08
+2MvmMwJBQEnmbTzMf43DtlXsStdP1lhYaFbU4iMM5zRfyBHDu1GPZEPXvKKpJUk0
+M+jYIyTAP3mcZhqDKn0mPVP7VwKBgQDKFy9DtWFKxCvhFQvHx7YeZiVWJbIst/O4
+ZyuPVAErni0hzSeCkmm7+F9hgEdPSLRcSaeTWP4L0u1cixECKboIhoNs38aft7o3
+MdnI2RDSEKtKX2uVuhvpGDNuGpBAc8Qu8iCiv5INSC36ZhD1h++O/TiiUdgRJ3yX
+yeG7ej+CgQKBgCR5F95e0aw5hfMSaBaXJ9xcO9Niu2ZVvMdGI7kR4EcNOXmRqczJ
+ym0mE5VXb9/Cxd3hQq/pFAl0avbIvEMKoe62kPYvSC1hRiO6yLT6Z6N4rjncHqEZ
+CaCZVAI72dWQEQsi1ZtSMwwMOIYA8YxRHs98N75HBA+DszfPZIZoj2zpAoGBAJHp
+B3ElhmeLF/tdTLIj2bQ9H/wBH5H2Bvw/UU4c4vNxMzjSfRJjUAAtpgAptFLkNYTk
+kR9sA5DZ7BMDPXaIVg9Nv5peP3SWHNc5IPtI7kIdUu9R0cW7J+e2V3vJphlC/ITA
+wRuAoZ0BXmEKTHhae3aMEdXwrcZE8kpNsrO/4hcBAoGBAMISiPJPuxAX1UtqcxTa
+mDJfnQ2gxRu6AK9VmXqo0X4IBxDSnTjcL0huUlS849wgsE5oTXgdYb2hn+TXM5JJ
+NsEXLhV09X1mrk4M4LV1npd0mYxvFsO4+p+IX5YLiahInmQtq0gx3DWE8wouVFER
+4yzfp27z8MZT8Qvr/ZI9lzWd
+-----END PRIVATE KEY-----
diff --git a/ext/ftp/tests/server.inc b/ext/ftp/tests/server.inc
index bb0c1ff10b..e2a74029bf 100644
--- a/ext/ftp/tests/server.inc
+++ b/ext/ftp/tests/server.inc
@@ -2,7 +2,7 @@
 
 $socket = null;
 $errno = 0;
-$context = stream_context_create(array('ssl' => array('local_cert' => dirname(__FILE__).'/cert.pem', 'passphrase' => 'pass')));
+$context = stream_context_create(array('ssl' => array('local_cert' => dirname(__FILE__).'/cert.pem')));
 
 for ($i=0; $i<10 && !$socket; ++$i) {
 	$port = rand(50000, 65535);
@@ -265,7 +265,7 @@ if ($pid) {
 
 		} elseif (preg_match("~^NLST(?: ([A-Za-z./]+))?\r\n$~", $buf, $m)) {
 
-			if (isset($m[1]) && $m[1] === 'bogusdir') {
+			if (isset($m[1]) && (($m[1] === 'bogusdir') || ($m[1] === '/bogusdir'))) {
 				fputs($s, "250 $m[1]: No such file or directory\r\n");
 				continue;
 			}
@@ -276,13 +276,18 @@ if ($pid) {
 				continue;
 			}
 
-			fputs($s, "150 File status okay; about to open data connection\r\n");
-
-			if (!$fs = stream_socket_client("tcp://$host:$port")) {
-				fputs($s, "425 Can't open data connection\r\n");
-				continue;
+			if (empty($pasv)) {
+				fputs($s, "150 File status okay; about to open data connection\r\n");
+				if (!$fs = stream_socket_client("tcp://$host:$port")) {
+					fputs($s, "425 Can't open data connection\r\n");
+					continue;
+				}
+			} else {
+				fputs($s, "125 Data connection already open; transfer starting.\r\n");
+				$fs=$pasvs;
 			}
 
+
 			if (empty($m[1]) || $m[1] !== 'emptydir') {
 				fputs($fs, "file1\r\nfile1\r\nfile\nb0rk\r\n");
 			}
@@ -368,7 +373,7 @@ if ($pid) {
                                         }
 					fputs($s, "226 Closing data Connection.\r\n");
                                         break;
-                case "mediumfile":
+				case "mediumfile":
 					fputs($s, "150 File status okay; about to open data connection.\r\n");
 					for($i = 0; $i < 150; $i++){
 						fputs($fs, "This is line $i of the test data.\n");
@@ -384,13 +389,26 @@ if ($pid) {
 
 
 		}elseif (preg_match('/^PASV/', $buf, $matches)) {
-			$port = $pasv_port;
-			$p2 = $port % ((int) 1 << 8);
-			$p1 = ($port-$p2)/((int) 1 << 8);
+			$pasv=true;
+			$p2 = $pasv_port % ((int) 1 << 8);
+			$p1 = ($pasv_port-$p2)/((int) 1 << 8);
 			$host = "127.0.0.1";
+			if (!empty($ssl)) {
+				$soc = stream_socket_server("tcp://127.0.0.1:$pasv_port", $errno, $errstr, STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context);
+			} else {
+				$soc = stream_socket_server("tcp://127.0.0.1:$pasv_port");
+			}
+
 			fputs($s, "227 Entering Passive Mode. (127,0,0,1,{$p1},{$p2})\r\n");
 
+			$pasvs = stream_socket_accept($soc,10);
+
+			if ((!empty($ssl)) && (!stream_socket_enable_crypto($pasvs, true, STREAM_CRYPTO_METHOD_SSLv23_SERVER))) {
+				die("SSLv23 handshake failed.\n");
+			}
 
+		}elseif (preg_match('/^EPSV/', $buf, $matches)) {
+			fputs($s, "550 Extended passsive mode not supported.\r\n");
 		} elseif (preg_match('/^SITE EXEC/', $buf, $matches)) {
 			fputs($s, "200 OK\r\n");