From: Anatol Belski <ab@php.net>
Date: Tue, 16 Aug 2016 11:08:24 +0000 (+0200)
Subject: Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack
X-Git-Tag: php-7.1.0beta3~33^2~8^2~8
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e5b0952be2d7c93bdf491d99f50a14df46c30cd2;p=php

Fix bug #72771: ftps:// opendir wrapper is vulnerable to protocol downgrade attack

(cherry picked from commit f9c2edb4dbc01a817989b70ca7726f177bb1a103)

Conflicts:
	ext/standard/ftp_fopen_wrapper.c
---

diff --git a/ext/standard/ftp_fopen_wrapper.c b/ext/standard/ftp_fopen_wrapper.c
index 10dcdb8006..a28b6c14b1 100644
--- a/ext/standard/ftp_fopen_wrapper.c
+++ b/ext/standard/ftp_fopen_wrapper.c
@@ -187,7 +187,8 @@ static php_stream *php_ftp_fopen_connect(php_stream_wrapper *wrapper, const char
 			/* get the response */
 			result = GET_FTP_RESULT(stream);
 			if (result != 334) {
-				use_ssl = 0;
+				php_stream_wrapper_log_error(wrapper, options, "Server doesn't support FTPS.");
+				goto connect_errexit;
 			} else {
 				/* we must reuse the old SSL session id */
 				/* if we talk to an old ftpd-ssl */
@@ -707,7 +708,7 @@ php_stream * php_stream_ftp_opendir(php_stream_wrapper *wrapper, const char *pat
 	if (result > 299 || result < 200)
 		goto opendir_errexit;
 
-	// tmp_line isn't relevant after the php_fopen_do_pasv().  
+	// tmp_line isn't relevant after the php_fopen_do_pasv().
 	tmp_line[0] = '\0';
 
 	/* set up the passive connection */
@@ -735,7 +736,7 @@ php_stream * php_stream_ftp_opendir(php_stream_wrapper *wrapper, const char *pat
 		php_stream_wrapper_log_error(wrapper, options, "Unable to activate SSL mode");
 		php_stream_close(datastream);
 		datastream = NULL;
-		goto opendir_errexit;	
+		goto opendir_errexit;
 	}