summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ext/standard/ftp_fopen_wrapper.c16
-rw-r--r--main/network.c12
-rw-r--r--main/php_network.h3
3 files changed, 23 insertions, 8 deletions
diff --git a/ext/standard/ftp_fopen_wrapper.c b/ext/standard/ftp_fopen_wrapper.c
index 18cd52fd64..29ed63b84a 100644
--- a/ext/standard/ftp_fopen_wrapper.c
+++ b/ext/standard/ftp_fopen_wrapper.c
@@ -134,7 +134,7 @@ php_stream_wrapper php_stream_ftp_wrapper = {
*/
php_stream * php_stream_url_wrap_ftp(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context STREAMS_DC TSRMLS_DC)
{
- php_stream *stream=NULL, *datastream=NULL;
+ php_stream *stream=NULL, *datastream=NULL, *reuseid=NULL;
php_url *resource=NULL;
char tmp_line[512];
char ip[sizeof("123.123.123.123")];
@@ -190,6 +190,10 @@ php_stream * php_stream_url_wrap_ftp(php_stream_wrapper *wrapper, char *path, ch
result = GET_FTP_RESULT(stream);
if (result != 334) {
use_ssl = 0;
+ } else {
+ /* we must reuse the old SSL session id */
+ /* if we talk to an old ftpd-ssl */
+ reuseid = stream;
}
} else {
/* encrypt data etc */
@@ -219,7 +223,7 @@ php_stream * php_stream_url_wrap_ftp(php_stream_wrapper *wrapper, char *path, ch
/* get the response */
result = GET_FTP_RESULT(stream);
- use_ssl_on_data = result >= 200 && result<=299;
+ use_ssl_on_data = (result >= 200 && result<=299) || reuseid;
#else
php_stream_write_string(stream, "PROT C\r\n");
@@ -407,14 +411,11 @@ php_stream * php_stream_url_wrap_ftp(php_stream_wrapper *wrapper, char *path, ch
if (datastream == NULL)
goto errexit;
- /* remember control stream */
- datastream->wrapperdata = (zval *)stream;
-
php_stream_context_set(datastream, context);
php_stream_notify_progress_init(context, 0, file_size);
#if HAVE_OPENSSL_EXT
- if (use_ssl_on_data && php_stream_sock_ssl_activate_with_method(datastream, 1, SSLv23_method()) == FAILURE) {
+ if (use_ssl_on_data && php_stream_sock_ssl_activate_with_method_ex(datastream, 1, SSLv23_method(), reuseid) == FAILURE) {
php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "Unable to activate SSL mode");
php_stream_close(datastream);
datastream = NULL;
@@ -422,6 +423,9 @@ php_stream * php_stream_url_wrap_ftp(php_stream_wrapper *wrapper, char *path, ch
}
#endif
+ /* remember control stream */
+ datastream->wrapperdata = (zval *)stream;
+
php_url_free(resource);
return datastream;
diff --git a/main/network.c b/main/network.c
index 68aa87bbe1..8d4f921a4d 100644
--- a/main/network.c
+++ b/main/network.c
@@ -582,11 +582,16 @@ PHPAPI php_stream *_php_stream_sock_open_unix(const char *path, int pathlen, int
}
#if HAVE_OPENSSL_EXT
-PHPAPI int php_stream_sock_ssl_activate_with_method(php_stream *stream, int activate, SSL_METHOD *method TSRMLS_DC)
+PHPAPI int php_stream_sock_ssl_activate_with_method_ex(php_stream *stream, int activate, SSL_METHOD *method, php_stream *control TSRMLS_DC)
{
php_netstream_data_t *sock = (php_netstream_data_t*)stream->abstract;
+ php_netstream_data_t *psock = NULL;
SSL_CTX *ctx = NULL;
+ if (control) {
+ psock = (php_netstream_data_t*)control->abstract;
+ }
+
if (!php_stream_is(stream, PHP_STREAM_IS_SOCKET)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "php_stream_sock_ssl_activate_with_method: stream is not a network stream");
return FAILURE;
@@ -610,6 +615,10 @@ PHPAPI int php_stream_sock_ssl_activate_with_method(php_stream *stream, int acti
}
SSL_set_fd(sock->ssl_handle, sock->socket);
+
+ if (psock) {
+ SSL_copy_session_id(sock->ssl_handle, psock->ssl_handle);
+ }
}
if (activate) {
@@ -626,6 +635,7 @@ PHPAPI int php_stream_sock_ssl_activate_with_method(php_stream *stream, int acti
}
return SUCCESS;
}
+
#endif
PHPAPI void php_stream_sock_set_timeout(php_stream *stream, struct timeval *timeout TSRMLS_DC)
diff --git a/main/php_network.h b/main/php_network.h
index 6602ddd6b4..139f19ce8f 100644
--- a/main/php_network.h
+++ b/main/php_network.h
@@ -148,7 +148,8 @@ PHPAPI void php_stream_sock_set_timeout(php_stream *stream, struct timeval *time
PHPAPI size_t php_stream_sock_set_chunk_size(php_stream *stream, size_t size TSRMLS_DC);
#if HAVE_OPENSSL_EXT
-PHPAPI int php_stream_sock_ssl_activate_with_method(php_stream *stream, int activate, SSL_METHOD *method TSRMLS_DC);
+PHPAPI int php_stream_sock_ssl_activate_with_method_ex(php_stream *stream, int activate, SSL_METHOD *method, php_stream *control TSRMLS_DC);
+#define php_stream_sock_ssl_activate_with_method(stream, activate, method) php_stream_sock_ssl_activate_with_method_ex((stream), (activate), SSLv23_client_method(), NULL TSRMLS_CC)
#define php_stream_sock_ssl_activate(stream, activate) php_stream_sock_ssl_activate_with_method((stream), (activate), SSLv23_client_method() TSRMLS_CC)
#endif
View Lorry Controller Status