mirror of
https://github.com/php/php-src.git
synced 2024-09-22 18:37:25 +00:00
Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
(cherry picked from commit f9c2edb4dbc01a817989b70ca7726f177bb1a103) Conflicts: ext/standard/ftp_fopen_wrapper.c
This commit is contained in:
parent
a47df5be19
commit
e5b0952be2
@ -187,7 +187,8 @@ static php_stream *php_ftp_fopen_connect(php_stream_wrapper *wrapper, const char
|
||||
/* get the response */
|
||||
result = GET_FTP_RESULT(stream);
|
||||
if (result != 334) {
|
||||
use_ssl = 0;
|
||||
php_stream_wrapper_log_error(wrapper, options, "Server doesn't support FTPS.");
|
||||
goto connect_errexit;
|
||||
} else {
|
||||
/* we must reuse the old SSL session id */
|
||||
/* if we talk to an old ftpd-ssl */
|
||||
@ -707,7 +708,7 @@ php_stream * php_stream_ftp_opendir(php_stream_wrapper *wrapper, const char *pat
|
||||
if (result > 299 || result < 200)
|
||||
goto opendir_errexit;
|
||||
|
||||
// tmp_line isn't relevant after the php_fopen_do_pasv().
|
||||
// tmp_line isn't relevant after the php_fopen_do_pasv().
|
||||
tmp_line[0] = '\0';
|
||||
|
||||
/* set up the passive connection */
|
||||
@ -735,7 +736,7 @@ php_stream * php_stream_ftp_opendir(php_stream_wrapper *wrapper, const char *pat
|
||||
php_stream_wrapper_log_error(wrapper, options, "Unable to activate SSL mode");
|
||||
php_stream_close(datastream);
|
||||
datastream = NULL;
|
||||
goto opendir_errexit;
|
||||
goto opendir_errexit;
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user