php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-04-16 20:41:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack

Browse Source 
(cherry picked from commit f9c2edb4dbc01a817989b70ca7726f177bb1a103)

Conflicts:
	ext/standard/ftp_fopen_wrapper.c
This commit is contained in:
Anatol Belski
2016-08-16 13:08:24 +02:00
parent a47df5be19
commit e5b0952be2
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ext/standard/ftp_fopen_wrapper.c
View File

@@ -187,7 +187,8 @@ static php_stream *php_ftp_fopen_connect(php_stream_wrapper *wrapper, const char
/* get the response */
result = GET_FTP_RESULT(stream);
if (result != 334) {
use_ssl = 0;
php_stream_wrapper_log_error(wrapper, options, "Server doesn't support FTPS.");
goto connect_errexit;
} else {
/* we must reuse the old SSL session id */
/* if we talk to an old ftpd-ssl */
@@ -707,7 +708,7 @@ php_stream * php_stream_ftp_opendir(php_stream_wrapper *wrapper, const char *pat
if (result > 299 || result < 200)
goto opendir_errexit;
// tmp_line isn't relevant after the php_fopen_do_pasv().
// tmp_line isn't relevant after the php_fopen_do_pasv().
tmp_line[0] = '\0';
/* set up the passive connection */
@@ -735,7 +736,7 @@ php_stream * php_stream_ftp_opendir(php_stream_wrapper *wrapper, const char *pat
php_stream_wrapper_log_error(wrapper, options, "Unable to activate SSL mode");
php_stream_close(datastream);
datastream = NULL;
goto opendir_errexit;
goto opendir_errexit;
}