php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Return to Bug #65228
Patch ftp.c.patch revision 2013-07-09 20:49 UTC by marco dot beierer at mbsecurity dot ch

Patch ftp.c.patch for FTP related Bug #65228

Patch version 2013-07-09 20:49 UTC

Return to Bug #65228 | Download this patch
Patch Revisions:

Developer: marco.beierer@mbsecurity.ch

diff --git a/ftp.c.unpatched b/ftp.c.patched
index 4c8a94f..bde4792 100644
--- a/ftp.c.unpatched
+++ b/ftp.c.patched
@@ -182,6 +182,7 @@ ftp_close(ftpbuf_t *ftp)
 #if HAVE_OPENSSL_EXT
 		if (ftp->ssl_active) {
 			SSL_shutdown(ftp->ssl_handle);
+			SSL_free(ftp->ssl_handle);
 		}
 #endif		
 		closesocket(ftp->fd);
@@ -297,6 +298,7 @@ ftp_login(ftpbuf_t *ftp, const char *user, const char *pass TSRMLS_DC)
 		if (SSL_connect(ftp->ssl_handle) <= 0) {
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "SSL/TLS handshake failed");
 			SSL_shutdown(ftp->ssl_handle);
+			SSL_free(ftp->ssl_handle);
 			return 0;
 		}
 
@@ -1548,6 +1550,7 @@ data_accepted:
 		if (SSL_connect(data->ssl_handle) <= 0) {
 			php_error_docref(NULL TSRMLS_CC, E_WARNING, "data_accept: SSL/TLS handshake failed");
 			SSL_shutdown(data->ssl_handle);
+			SSL_free(data->ssl_handle);
 			return 0;
 		}
 			
@@ -1565,13 +1568,21 @@ data_accepted:
 databuf_t*
 data_close(ftpbuf_t *ftp, databuf_t *data)
 {
+#if HAVE_OPENSSL_EXT
+	SSL_CTX		*ctx;
+#endif				
 	if (data == NULL) {
 		return NULL;
 	}
 	if (data->listener != -1) {
 #if HAVE_OPENSSL_EXT
 		if (data->ssl_active) {
+		
+			ctx = SSL_get_SSL_CTX(data->ssl_handle);
+			SSL_CTX_free(ctx);
+
 			SSL_shutdown(data->ssl_handle);
+			SSL_free(data->ssl_handle);
 			data->ssl_active = 0;
 		}
 #endif				
@@ -1580,7 +1591,11 @@ data_close(ftpbuf_t *ftp, databuf_t *data)
 	if (data->fd != -1) {
 #if HAVE_OPENSSL_EXT
 		if (data->ssl_active) {
+			ctx = SSL_get_SSL_CTX(data->ssl_handle);
+			SSL_CTX_free(ctx);
+
 			SSL_shutdown(data->ssl_handle);
+			SSL_free(data->ssl_handle);
 			data->ssl_active = 0;
 		}
 #endif				
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Fri Apr 25 07:02:14 2014 UTC