php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #28754 No TLS / SSL support for FTP
Submitted: 2004-06-12 14:49 UTC Modified: 2004-07-22 14:20 UTC
Votes:2
Avg. Score:5.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: toppi at kacke dot de Assigned:
Status: Closed Package: Sockets related
PHP Version: 4.3.4 OS: linux/unix
Private report: No CVE-ID: None
 [2004-06-12 14:49 UTC] toppi at kacke dot de
Description:
------------
TLS/SSL Protocols/Wrappers doesnt work when using
fsockopen()


Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:func(143):reason(267) in /sb3/ftp.inc on line 58

Warning: fsockopen(): php_stream_sock_ssl_activate_with_method: SSL handshake/connection failed in /sb3/ftp.inc on line 58

Warning: fsockopen(): failed to activate SSL mode 2 in /sb3/ftp.inc on line 58


also FOPEN() doesnt do that

ftp_ssl_connect is working fine but useless cause no valid stream for fget() etc....

there sould be a way to connect ssl/tls FTP wihout using php's ftp.lib


Reproduce code:
---------------
just try

$this->_sock = fsockopen("tls://".$server, $port, $errno, $errstr, $this->timeout);

Expected result:
----------------
-Connect to FTP (plain)
-enable wrapper
-get a pointer back




Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-06-12 16:53 UTC] pollita@php.net
What sftp server daemon are you using?
 [2004-06-13 12:13 UTC] toppi at kacke dot de
glftpd 1.3x Linux + TLS
 [2004-07-06 16:02 UTC] sniper@php.net
Please update first to PHP 4.3.7!!
 [2004-07-14 20:06 UTC] toppi at kacke dot de
We did the following on a OS: Fedora Core 2 Linux

Version 4.3.8
/configure --prefix=/home/simon/php348 --with-mysql=/usr/local/mysql-4.0.18 --with-zlib --enable-ftp --with-curl --enable-bcmath  --with-openssl --with-mcrypt --with-mhash --enable-pcntl --enable-shmop --enable-sockets --enable-sysvmsg --enable-sysvsem --enable-sysvshm

GIves Error:
<b>Warning</b>:  fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol in <b>/home/simon/php348--with-mysql=/usr/local/mysql-4.0.18/bin/test.php</b> on line <b>4</b><br />

error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number in <b>/home/simon/php348--with-mysql=/usr/local/mysql-4.0.18/bin/test.php</b> on line <b>4</b><br />
b>Warning</b>:  fsockopen(): php_stream_sock_ssl_activate_with_method: SSL handshake/connection failed in <b>/home/simon/php348--with-mysql=/usr/local/mysql-4.0.18/bin/test.php</b> on line <b>4</b><br />
<b>Warning</b>:  fsockopen(): failed to activate SSL mode 2 in <b>/home/simon/php348--with-mysql=/usr/local/mysql-4.0.18/bin/test.php</b> on line <b>4</b><br />
 failed SSLhandshake<br />

PHP 5 RC3

PHP Warning:  fsockopen() [<a href='function.fsockopen'>function.fsockopen</a>]: SSL operation failed with code 1. OpenSSL Error messages:

error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol in /home/simon/php348/bin/test.php on line 4
 [2004-07-14 20:12 UTC] toppi at kacke dot de
And last but not least (hope) the final release of php5 tells me the same.
 [2004-07-22 12:35 UTC] toppi at kacke dot de
Maybe an idea...

What about to add something like SSLv23_client_method() ?
kinda STREAM_get_SSLv23_client() ?

So you could easy add the tls/ssl layer to any FP created by fsockopen(), fopen() etc... ? Imo would be a kewl thingy to make it some more flexible.

Also i have no clue if this is possible :) just an idea !

ps.
Wez ... if you feel bored sometimes, please remeber this :-)
 [2004-07-22 14:20 UTC] wez@php.net
Won't fix in PHP 4.x or 5.0.x.
Current HEAD now has:

bool stream_socket_enable_crypto($stream, $enable [, $kind [, $session]]);

$stream = fsockopen('tcp://host', $port);
...
// now turn on SSL
stream_socket_enable_crypto($stream, true, STREAM_CRYPTO_METHOD_SSLv23_CLIENT);

...
// we can turn it off too
stream_socket_enable_crypto($stream, false);

The $session parameter is optional and can be used to seed the crypto layer with the session ID from another, separate, SSL enable stream; something that might be useful if you open a second DATA connection for ftp.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 26 14:01:30 2024 UTC