diff options
author | Ville Hukkamäki <vhu@iki.fi> | 2016-07-25 18:50:38 +0000 |
---|---|---|
committer | Nikita Popov <nikic@php.net> | 2016-07-27 15:55:47 +0200 |
commit | cce457c68c3a15efafea3a30560c54f74f3f5ee1 (patch) | |
tree | 3f556976a22f905829b46e12be8b0367aeda1cef /ext/ftp | |
parent | 074b86d8451365c81d3ae76616fb4df1757ddc1f (diff) | |
download | php-git-cce457c68c3a15efafea3a30560c54f74f3f5ee1.tar.gz |
Fix bug #72667
Open data stream after receiving PASV reply, before sending the
main request.
Included test cases for opendir() with ftp:// and ftps:// wrappers.
Test cases re-use ext/ftp/tests/server.inc
Conflicts:
ext/standard/ftp_fopen_wrapper.c
Diffstat (limited to 'ext/ftp')
-rw-r--r-- | ext/ftp/tests/cert.pem | 93 | ||||
-rw-r--r-- | ext/ftp/tests/server.inc | 40 |
2 files changed, 76 insertions, 57 deletions
diff --git a/ext/ftp/tests/cert.pem b/ext/ftp/tests/cert.pem index 94c61ffcc3..2bb30614ed 100644 --- a/ext/ftp/tests/cert.pem +++ b/ext/ftp/tests/cert.pem @@ -1,48 +1,49 @@ ------BEGIN CERTIFICATE REQUEST----- -MIIBmzCCAQQCAQAwWzELMAkGA1UEBhMCUFQxCzAJBgNVBAgTAkx4MQswCQYDVQQH -EwJMeDEcMBoGA1UEChMTQSBtaW5oYSBlbXByZXNhLCBTQTEUMBIGA1UECxMLUEhQ -IFFBIFRlYW0wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM9mfEOSYwXf58ch -4NyO1QOU1XMfquz8OVpvMUITABLAevZpeQn6vZPHNyXHFQC0QC8scydK1rAYd2U+ -9K2aPub6ioMjYyjPpAE07l9EAAPUEBlqqsziB/wT8QjWkByyJEkYu+o0Wyjokhfn -BMPvm52wLWUx9nvUeNDCftnKg1wxAgMBAAGgADANBgkqhkiG9w0BAQQFAAOBgQDD -s1FeqPxnF2bWj8/dG8MyPaRfOAMVz1UsCZUciXIVG5LSIvR2qnMC3iEYt3s13sEq -z8VJlNHa8nniE+VFNv093yIu+PlWXMEvb5y5EFqP2AYq3RAT+SJsSxGqIdzPZiKY -INaktLCZmQ/E1v7/4hFzVRq9ydJI82DVS1nv282Whw== ------END CERTIFICATE REQUEST----- -----BEGIN CERTIFICATE----- -MIIC4zCCAkygAwIBAgIBADANBgkqhkiG9w0BAQQFADBbMQswCQYDVQQGEwJQVDEL -MAkGA1UECBMCTHgxCzAJBgNVBAcTAkx4MRwwGgYDVQQKExNBIG1pbmhhIGVtcHJl -c2EsIFNBMRQwEgYDVQQLEwtQSFAgUUEgVGVhbTAeFw0wNjExMTkxODIzNTNaFw0w -NzExMTkxODIzNTNaMFsxCzAJBgNVBAYTAlBUMQswCQYDVQQIEwJMeDELMAkGA1UE -BxMCTHgxHDAaBgNVBAoTE0EgbWluaGEgZW1wcmVzYSwgU0ExFDASBgNVBAsTC1BI -UCBRQSBUZWFtMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPZnxDkmMF3+fH -IeDcjtUDlNVzH6rs/DlabzFCEwASwHr2aXkJ+r2TxzclxxUAtEAvLHMnStawGHdl -PvStmj7m+oqDI2Moz6QBNO5fRAAD1BAZaqrM4gf8E/EI1pAcsiRJGLvqNFso6JIX -5wTD75udsC1lMfZ71HjQwn7ZyoNcMQIDAQABo4G2MIGzMB0GA1UdDgQWBBTIga5L -q+Ub1SWXgNZRYCpq3c8Z+jCBgwYDVR0jBHwweoAUyIGuS6vlG9Ull4DWUWAqat3P -GfqhX6RdMFsxCzAJBgNVBAYTAlBUMQswCQYDVQQIEwJMeDELMAkGA1UEBxMCTHgx -HDAaBgNVBAoTE0EgbWluaGEgZW1wcmVzYSwgU0ExFDASBgNVBAsTC1BIUCBRQSBU -ZWFtggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAe6AA8aC3KDI8 -smd+7XWjaTSp1Q0uMkEZ2PEBzif2I1aPPqw1CQykJ1iDdC/8PJ1yEIezloP2XQoZ -NjTaCO+uubay03ncoPTZvDUwExN9BYFAYgc2z3tLMHYbA7kM2sIbKys7ZQegLibr -TSKYQOBeYA/FB9GHECJGU3zBRvYi+Og= +MIIDhTCCAm2gAwIBAgIJAN75FFz+owOAMA0GCSqGSIb3DQEBCwUAMFkxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCTEyNy4wLjAuMTAeFw0xNjA3MjUxMjM3 +MTJaFw0yNjA3MjMxMjM3MTJaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21l +LVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV +BAMMCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtG +AIrNUDItISfpAqztL2TFEWEHLGTzCEh5Ag2sdMD7UYbqIPHLOE4EINv+dqEMM0Nz +LYnw7ChtVegXT907xCaQcmeDFSdhqze4L8zawDfnn4syB8XAwGYJfpstYwe3nO6+ +0WvLSb1A5TYNeyoXjwlAUKElxkeWAo51uhR41GDhDQ9GgpqX1ccAhmSoUhgIRSzf +6f4KE3WTdzl1p12ZtkYHB8Jo2jB/JXnwGOz6isLnpRvkex4B7sUX+7u1MqK/e1X7 +Hi1G/VkaAfC2SOfjTePtGBDBXrQ1arYXDPRA04sgFzSh55l7lC/4HasQ/jAb3h95 +dcEIqyc69iioaN1c1NcCAwEAAaNQME4wHQYDVR0OBBYEFNv3kefb1H+6/6CpjiBi ++I2s9E90MB8GA1UdIwQYMBaAFNv3kefb1H+6/6CpjiBi+I2s9E90MAwGA1UdEwQF +MAMBAf8wDQYJKoZIhvcNAQELBQADggEBAIzSEWpHSaBs7KduBRXX5+qFxBN6OCPl +7ID0rxAOYfw7ruzbmwgOpBgMIHGn+KqA6CmQI0jh9bZbv5TV2aFpFsUihugPc2lW +5EshCozxlEPmIJNsO8jDqPE4w3m4KiVTscRWjBa5cco+lwLDqboerm2l7vvrtr6B +pgLaZct1c73MouvoJSCGK5EOGW7jsgaxjxJ3UZug+24Ko1wulO2cgBLhda9Ilrnx +CIKI9h8Z2WVWuVQfyCyO1g7XkJgkBec77OhxD+m4onzPY6waqnnhmFOBcS+gKgBV +jHeK9DCvZ9zet3EyEp6fyQOOtsC+gU0piYgfsQL7aCp5oLe+fjTiuUY= -----END CERTIFICATE----- ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,928762DB6DE222AD - -oOxNUBX0wrqmRqb3IEZMogc1bnVm6JoW6YFjGfHNcIz0jS7UPDhUFDR26y0dYujL -LEgxOcYo8ItvGcXSRbs+3W7lISbosgkB0DOaKx5jVmOGwUVRergUUSY8rbf93FtP -27CEvAfsU6do5HmlJ34mYZW1k+onCznlJXJkupQ5jmiily3GwEdr/5mMIVOmXQ6p -xWkxHySDKyVbR0v4JY3SJLRBuhgofYNG5155PiqZ7KwYY4Aw60eVgINsvJCF9/8b -kEj+lecHbBdAf7N82320Ga+F+VeFnUl0gWFjoIF9UFCO80+7ZvIGdGlyPkr4zMvt -TsC1snJQdHg+IlT3sGayYrQANpTG6GPYhn3KEvK5aqq+bPEe5lija0gw34jbPCo+ -TjHR76lToxzubGZODyyF/rjl5KwUbqTCNuv1PX1jTx7n7sCbu+KHpqXMhTHLKtby -+Wh7WAfsVrbIW+P85/mkfhPbPZ2621f9cyStdFGgWU4dHdD00HIGOgAJvUSbC2Au -oVUoKf2818t1s9aA4ptog04sNi+Ixu+z+3yYNLZj51j4ZX3KuXxLIiQvlvFQ8LQi -RHGQk3u2W3iNtDKKUQjMPaB2FlVtC7FmtHBCpRmos6ld240DDyucqMdIDTMaqV0+ -sL4X+LIeBM/hP/IquRTuQBHBmgjkN4845ihTUJOanyKx605ANq/roHzXrbIxhR5p -pcJLCBMLMWgdOCJMZRavSq04iXeNfP6Mk/joVpHS62Ljdfc94BBLfsOKOErA20Nq -lfvbZqy2tI5IIDoq05S8FU0DYNqq/hyrv9Udo8IAo+WkBOABm0x/WA== ------END RSA PRIVATE KEY----- -
\ No newline at end of file +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7RgCKzVAyLSEn +6QKs7S9kxRFhByxk8whIeQINrHTA+1GG6iDxyzhOBCDb/nahDDNDcy2J8OwobVXo +F0/dO8QmkHJngxUnYas3uC/M2sA355+LMgfFwMBmCX6bLWMHt5zuvtFry0m9QOU2 +DXsqF48JQFChJcZHlgKOdboUeNRg4Q0PRoKal9XHAIZkqFIYCEUs3+n+ChN1k3c5 +daddmbZGBwfCaNowfyV58Bjs+orC56Ub5HseAe7FF/u7tTKiv3tV+x4tRv1ZGgHw +tkjn403j7RgQwV60NWq2Fwz0QNOLIBc0oeeZe5Qv+B2rEP4wG94feXXBCKsnOvYo +qGjdXNTXAgMBAAECggEAD7yDISa9fWnjZlojGmrX16zjl/alWVo+sPBSJtn9+ZVk +tWSJHihIc+3O4Q2R5FiFGj7cbcHr5j3BwT3sPRfflKoAowgVx/hiDc2RXrJnAouZ +EXZDxu86e5iCpgF7V9OrATjRmjA74wZH/HHHjrLqFwnrfI8TCULmthfYag35Mqax +qrIEzvSuYdaGxblNe+ZfnVEDW2F9DLBGcma0ffUlJp8AvV7bpo8Rj/JovPxit/VS +UdwSRxwSAugctFpmcGlFkoQfxUx1WdEy8hjopLrayMjCCJvRUL4+C4zT9r9PBHOj +fCSbJ+ajQIoRrgaL9bURk8BFMHY8+yMUsWEYVSmFAQKBgQDtOvPkhvZsNocUB5nJ +ti3SXyDQ6OZQuKKHPSeDV/EvmZKeNlrQ1ZnwXLP3vkcedDOkt1nEVq/hUewpjt08 +2MvmMwJBQEnmbTzMf43DtlXsStdP1lhYaFbU4iMM5zRfyBHDu1GPZEPXvKKpJUk0 +M+jYIyTAP3mcZhqDKn0mPVP7VwKBgQDKFy9DtWFKxCvhFQvHx7YeZiVWJbIst/O4 +ZyuPVAErni0hzSeCkmm7+F9hgEdPSLRcSaeTWP4L0u1cixECKboIhoNs38aft7o3 +MdnI2RDSEKtKX2uVuhvpGDNuGpBAc8Qu8iCiv5INSC36ZhD1h++O/TiiUdgRJ3yX +yeG7ej+CgQKBgCR5F95e0aw5hfMSaBaXJ9xcO9Niu2ZVvMdGI7kR4EcNOXmRqczJ +ym0mE5VXb9/Cxd3hQq/pFAl0avbIvEMKoe62kPYvSC1hRiO6yLT6Z6N4rjncHqEZ +CaCZVAI72dWQEQsi1ZtSMwwMOIYA8YxRHs98N75HBA+DszfPZIZoj2zpAoGBAJHp +B3ElhmeLF/tdTLIj2bQ9H/wBH5H2Bvw/UU4c4vNxMzjSfRJjUAAtpgAptFLkNYTk +kR9sA5DZ7BMDPXaIVg9Nv5peP3SWHNc5IPtI7kIdUu9R0cW7J+e2V3vJphlC/ITA +wRuAoZ0BXmEKTHhae3aMEdXwrcZE8kpNsrO/4hcBAoGBAMISiPJPuxAX1UtqcxTa +mDJfnQ2gxRu6AK9VmXqo0X4IBxDSnTjcL0huUlS849wgsE5oTXgdYb2hn+TXM5JJ +NsEXLhV09X1mrk4M4LV1npd0mYxvFsO4+p+IX5YLiahInmQtq0gx3DWE8wouVFER +4yzfp27z8MZT8Qvr/ZI9lzWd +-----END PRIVATE KEY----- diff --git a/ext/ftp/tests/server.inc b/ext/ftp/tests/server.inc index bb0c1ff10b..e2a74029bf 100644 --- a/ext/ftp/tests/server.inc +++ b/ext/ftp/tests/server.inc @@ -2,7 +2,7 @@ $socket = null; $errno = 0; -$context = stream_context_create(array('ssl' => array('local_cert' => dirname(__FILE__).'/cert.pem', 'passphrase' => 'pass'))); +$context = stream_context_create(array('ssl' => array('local_cert' => dirname(__FILE__).'/cert.pem'))); for ($i=0; $i<10 && !$socket; ++$i) { $port = rand(50000, 65535); @@ -265,7 +265,7 @@ if ($pid) { } elseif (preg_match("~^NLST(?: ([A-Za-z./]+))?\r\n$~", $buf, $m)) { - if (isset($m[1]) && $m[1] === 'bogusdir') { + if (isset($m[1]) && (($m[1] === 'bogusdir') || ($m[1] === '/bogusdir'))) { fputs($s, "250 $m[1]: No such file or directory\r\n"); continue; } @@ -276,13 +276,18 @@ if ($pid) { continue; } - fputs($s, "150 File status okay; about to open data connection\r\n"); - - if (!$fs = stream_socket_client("tcp://$host:$port")) { - fputs($s, "425 Can't open data connection\r\n"); - continue; + if (empty($pasv)) { + fputs($s, "150 File status okay; about to open data connection\r\n"); + if (!$fs = stream_socket_client("tcp://$host:$port")) { + fputs($s, "425 Can't open data connection\r\n"); + continue; + } + } else { + fputs($s, "125 Data connection already open; transfer starting.\r\n"); + $fs=$pasvs; } + if (empty($m[1]) || $m[1] !== 'emptydir') { fputs($fs, "file1\r\nfile1\r\nfile\nb0rk\r\n"); } @@ -368,7 +373,7 @@ if ($pid) { } fputs($s, "226 Closing data Connection.\r\n"); break; - case "mediumfile": + case "mediumfile": fputs($s, "150 File status okay; about to open data connection.\r\n"); for($i = 0; $i < 150; $i++){ fputs($fs, "This is line $i of the test data.\n"); @@ -384,13 +389,26 @@ if ($pid) { }elseif (preg_match('/^PASV/', $buf, $matches)) { - $port = $pasv_port; - $p2 = $port % ((int) 1 << 8); - $p1 = ($port-$p2)/((int) 1 << 8); + $pasv=true; + $p2 = $pasv_port % ((int) 1 << 8); + $p1 = ($pasv_port-$p2)/((int) 1 << 8); $host = "127.0.0.1"; + if (!empty($ssl)) { + $soc = stream_socket_server("tcp://127.0.0.1:$pasv_port", $errno, $errstr, STREAM_SERVER_BIND|STREAM_SERVER_LISTEN, $context); + } else { + $soc = stream_socket_server("tcp://127.0.0.1:$pasv_port"); + } + fputs($s, "227 Entering Passive Mode. (127,0,0,1,{$p1},{$p2})\r\n"); + $pasvs = stream_socket_accept($soc,10); + + if ((!empty($ssl)) && (!stream_socket_enable_crypto($pasvs, true, STREAM_CRYPTO_METHOD_SSLv23_SERVER))) { + die("SSLv23 handshake failed.\n"); + } + }elseif (preg_match('/^EPSV/', $buf, $matches)) { + fputs($s, "550 Extended passsive mode not supported.\r\n"); } elseif (preg_match('/^SITE EXEC/', $buf, $matches)) { fputs($s, "200 OK\r\n"); |