Coverage Report

Created: 2025-06-13 06:43

/src/php-src/ext/standard/ftp_fopen_wrapper.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
   +----------------------------------------------------------------------+
3
   | Copyright (c) The PHP Group                                          |
4
   +----------------------------------------------------------------------+
5
   | This source file is subject to version 3.01 of the PHP license,      |
6
   | that is bundled with this package in the file LICENSE, and is        |
7
   | available through the world-wide-web at the following url:           |
8
   | https://www.php.net/license/3_01.txt                                 |
9
   | If you did not receive a copy of the PHP license and are unable to   |
10
   | obtain it through the world-wide-web, please send a note to          |
11
   | license@php.net so we can mail you a copy immediately.               |
12
   +----------------------------------------------------------------------+
13
   | Authors: Rasmus Lerdorf <rasmus@php.net>                             |
14
   |          Jim Winstead <jimw@php.net>                                 |
15
   |          Hartmut Holzgraefe <hholzgra@php.net>                       |
16
   |          Sara Golemon <pollita@php.net>                              |
17
   +----------------------------------------------------------------------+
18
 */
19
20
#include "php.h"
21
#include "php_globals.h"
22
#include "php_network.h"
23
#include "php_ini.h"
24
25
#include <stdio.h>
26
#include <stdlib.h>
27
#include <errno.h>
28
#include <sys/types.h>
29
#include <sys/stat.h>
30
#include <fcntl.h>
31
32
#ifdef PHP_WIN32
33
#include <winsock2.h>
34
#define O_RDONLY _O_RDONLY
35
#include "win32/param.h"
36
#else
37
#include <sys/param.h>
38
#endif
39
40
#include "php_standard.h"
41
42
#include <sys/types.h>
43
#ifdef HAVE_SYS_SOCKET_H
44
#include <sys/socket.h>
45
#endif
46
47
#ifdef PHP_WIN32
48
#include <winsock2.h>
49
#else
50
#include <netinet/in.h>
51
#include <netdb.h>
52
#ifdef HAVE_ARPA_INET_H
53
#include <arpa/inet.h>
54
#endif
55
#endif
56
57
#if defined(PHP_WIN32) || defined(__riscos__)
58
#undef AF_UNIX
59
#endif
60
61
#if defined(AF_UNIX)
62
#include <sys/un.h>
63
#endif
64
65
#include "php_fopen_wrappers.h"
66
67
#define FTPS_ENCRYPT_DATA 1
68
0
#define GET_FTP_RESULT(stream)  get_ftp_result((stream), tmp_line, sizeof(tmp_line))
69
70
typedef struct _php_ftp_dirstream_data {
71
  php_stream *datastream;
72
  php_stream *controlstream;
73
  php_stream *dirstream;
74
} php_ftp_dirstream_data;
75
76
/* {{{ get_ftp_result */
77
static inline int get_ftp_result(php_stream *stream, char *buffer, size_t buffer_size)
78
0
{
79
0
  buffer[0] = '\0'; /* in case read fails to read anything */
80
0
  while (php_stream_gets(stream, buffer, buffer_size-1) &&
81
0
       !(isdigit((int) buffer[0]) && isdigit((int) buffer[1]) &&
82
0
       isdigit((int) buffer[2]) && buffer[3] == ' '));
83
0
  return strtol(buffer, NULL, 10);
84
0
}
85
/* }}} */
86
87
/* {{{ php_stream_ftp_stream_stat */
88
static int php_stream_ftp_stream_stat(php_stream_wrapper *wrapper, php_stream *stream, php_stream_statbuf *ssb)
89
0
{
90
  /* For now, we return with a failure code to prevent the underlying
91
   * file's details from being used instead. */
92
0
  return -1;
93
0
}
94
/* }}} */
95
96
/* {{{ php_stream_ftp_stream_close */
97
static int php_stream_ftp_stream_close(php_stream_wrapper *wrapper, php_stream *stream)
98
0
{
99
0
  php_stream *controlstream = stream->wrapperthis;
100
0
  int ret = 0;
101
102
0
  if (controlstream) {
103
0
    if (strpbrk(stream->mode, "wa+")) {
104
0
      char tmp_line[512];
105
0
      int result;
106
107
      /* For write modes close data stream first to signal EOF to server */
108
0
      result = GET_FTP_RESULT(controlstream);
109
0
      if (result != 226 && result != 250) {
110
0
        php_error_docref(NULL, E_WARNING, "FTP server error %d:%s", result, tmp_line);
111
0
        ret = EOF;
112
0
      }
113
0
    }
114
115
0
    php_stream_write_string(controlstream, "QUIT\r\n");
116
0
    php_stream_close(controlstream);
117
0
    stream->wrapperthis = NULL;
118
0
  }
119
120
0
  return ret;
121
0
}
122
/* }}} */
123
124
/* {{{ php_ftp_fopen_connect */
125
static php_stream *php_ftp_fopen_connect(php_stream_wrapper *wrapper, const char *path, const char *mode, int options,
126
                     zend_string **opened_path, php_stream_context *context, php_stream **preuseid,
127
                     php_url **presource, int *puse_ssl, int *puse_ssl_on_data)
128
0
{
129
0
  php_stream *stream = NULL, *reuseid = NULL;
130
0
  php_url *resource = NULL;
131
0
  int result, use_ssl, use_ssl_on_data = 0;
132
0
  char tmp_line[512];
133
0
  char *transport;
134
0
  int transport_len;
135
136
0
  resource = php_url_parse(path);
137
0
  if (resource == NULL || resource->path == NULL) {
138
0
    if (resource && presource) {
139
0
      *presource = resource;
140
0
    }
141
0
    return NULL;
142
0
  }
143
144
0
  use_ssl = resource->scheme && (ZSTR_LEN(resource->scheme) > 3) && ZSTR_VAL(resource->scheme)[3] == 's';
145
146
  /* use port 21 if one wasn't specified */
147
0
  if (resource->port == 0)
148
0
    resource->port = 21;
149
150
0
  transport_len = (int)spprintf(&transport, 0, "tcp://%s:%d", ZSTR_VAL(resource->host), resource->port);
151
0
  stream = php_stream_xport_create(transport, transport_len, REPORT_ERRORS, STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT, NULL, NULL, context, NULL, NULL);
152
0
  efree(transport);
153
0
  if (stream == NULL) {
154
0
    result = 0; /* silence */
155
0
    goto connect_errexit;
156
0
  }
157
158
0
  php_stream_context_set(stream, context);
159
0
  php_stream_notify_info(context, PHP_STREAM_NOTIFY_CONNECT, NULL, 0);
160
161
  /* Start talking to ftp server */
162
0
  result = GET_FTP_RESULT(stream);
163
0
  if (result > 299 || result < 200) {
164
0
    php_stream_notify_error(context, PHP_STREAM_NOTIFY_FAILURE, tmp_line, result);
165
0
    goto connect_errexit;
166
0
  }
167
168
0
  if (use_ssl) {
169
170
    /* send the AUTH TLS request name */
171
0
    php_stream_write_string(stream, "AUTH TLS\r\n");
172
173
    /* get the response */
174
0
    result = GET_FTP_RESULT(stream);
175
0
    if (result != 234) {
176
      /* AUTH TLS not supported try AUTH SSL */
177
0
      php_stream_write_string(stream, "AUTH SSL\r\n");
178
179
      /* get the response */
180
0
      result = GET_FTP_RESULT(stream);
181
0
      if (result != 334) {
182
0
        php_stream_wrapper_log_error(wrapper, options, "Server doesn't support FTPS.");
183
0
        goto connect_errexit;
184
0
      } else {
185
        /* we must reuse the old SSL session id */
186
        /* if we talk to an old ftpd-ssl */
187
0
        reuseid = stream;
188
0
      }
189
0
    } else {
190
      /* encrypt data etc */
191
192
193
0
    }
194
195
0
  }
196
197
0
  if (use_ssl) {
198
0
    if (php_stream_xport_crypto_setup(stream,
199
0
        STREAM_CRYPTO_METHOD_SSLv23_CLIENT, NULL) < 0
200
0
        || php_stream_xport_crypto_enable(stream, 1) < 0) {
201
0
      php_stream_wrapper_log_error(wrapper, options, "Unable to activate SSL mode");
202
0
      php_stream_close(stream);
203
0
      stream = NULL;
204
0
      goto connect_errexit;
205
0
    }
206
207
    /* set PBSZ to 0 */
208
0
    php_stream_write_string(stream, "PBSZ 0\r\n");
209
210
    /* ignore the response */
211
0
    result = GET_FTP_RESULT(stream);
212
213
    /* set data connection protection level */
214
0
#if FTPS_ENCRYPT_DATA
215
0
    php_stream_write_string(stream, "PROT P\r\n");
216
217
    /* get the response */
218
0
    result = GET_FTP_RESULT(stream);
219
0
    use_ssl_on_data = (result >= 200 && result<=299) || reuseid;
220
#else
221
    php_stream_write_string(stream, "PROT C\r\n");
222
223
    /* get the response */
224
    result = GET_FTP_RESULT(stream);
225
#endif
226
0
  }
227
228
0
#define PHP_FTP_CNTRL_CHK(val, val_len, err_msg) { \
229
0
  unsigned char *s = (unsigned char *) val, *e = (unsigned char *) s + val_len; \
230
0
  while (s < e) { \
231
0
    if (iscntrl(*s)) { \
232
0
      php_stream_wrapper_log_error(wrapper, options, err_msg, val); \
233
0
      goto connect_errexit; \
234
0
    }  \
235
0
    s++;  \
236
0
  }  \
237
0
}
238
239
  /* send the user name */
240
0
  if (resource->user != NULL) {
241
0
    ZSTR_LEN(resource->user) = php_raw_url_decode(ZSTR_VAL(resource->user), ZSTR_LEN(resource->user));
242
243
0
    PHP_FTP_CNTRL_CHK(ZSTR_VAL(resource->user), ZSTR_LEN(resource->user), "Invalid login %s")
244
245
0
    php_stream_printf(stream, "USER %s\r\n", ZSTR_VAL(resource->user));
246
0
  } else {
247
0
    php_stream_write_string(stream, "USER anonymous\r\n");
248
0
  }
249
250
  /* get the response */
251
0
  result = GET_FTP_RESULT(stream);
252
253
  /* if a password is required, send it */
254
0
  if (result >= 300 && result <= 399) {
255
0
    php_stream_notify_info(context, PHP_STREAM_NOTIFY_AUTH_REQUIRED, tmp_line, 0);
256
257
0
    if (resource->pass != NULL) {
258
0
      ZSTR_LEN(resource->pass) = php_raw_url_decode(ZSTR_VAL(resource->pass), ZSTR_LEN(resource->pass));
259
260
0
      PHP_FTP_CNTRL_CHK(ZSTR_VAL(resource->pass), ZSTR_LEN(resource->pass), "Invalid password %s")
261
262
0
      php_stream_printf(stream, "PASS %s\r\n", ZSTR_VAL(resource->pass));
263
0
    } else {
264
      /* if the user has configured who they are,
265
         send that as the password */
266
0
      if (FG(from_address)) {
267
0
        php_stream_printf(stream, "PASS %s\r\n", FG(from_address));
268
0
      } else {
269
0
        php_stream_write_string(stream, "PASS anonymous\r\n");
270
0
      }
271
0
    }
272
273
    /* read the response */
274
0
    result = GET_FTP_RESULT(stream);
275
276
0
    if (result > 299 || result < 200) {
277
0
      php_stream_notify_error(context, PHP_STREAM_NOTIFY_AUTH_RESULT, tmp_line, result);
278
0
    } else {
279
0
      php_stream_notify_info(context, PHP_STREAM_NOTIFY_AUTH_RESULT, tmp_line, result);
280
0
    }
281
0
  }
282
0
  if (result > 299 || result < 200) {
283
0
    goto connect_errexit;
284
0
  }
285
286
0
  if (puse_ssl) {
287
0
    *puse_ssl = use_ssl;
288
0
  }
289
0
  if (puse_ssl_on_data) {
290
0
    *puse_ssl_on_data = use_ssl_on_data;
291
0
  }
292
0
  if (preuseid) {
293
0
    *preuseid = reuseid;
294
0
  }
295
0
  if (presource) {
296
0
    *presource = resource;
297
0
  }
298
299
0
  return stream;
300
301
0
connect_errexit:
302
0
  php_url_free(resource);
303
304
0
  if (stream) {
305
0
    php_stream_close(stream);
306
0
  }
307
308
0
  return NULL;
309
0
}
310
/* }}} */
311
312
/* {{{ php_fopen_do_pasv */
313
static unsigned short php_fopen_do_pasv(php_stream *stream, char *ip, size_t ip_size, char **phoststart)
314
0
{
315
0
  char tmp_line[512];
316
0
  int result, i;
317
0
  unsigned short portno;
318
0
  char *tpath, *ttpath, *hoststart=NULL;
319
320
0
#ifdef HAVE_IPV6
321
  /* We try EPSV first, needed for IPv6 and works on some IPv4 servers */
322
0
  php_stream_write_string(stream, "EPSV\r\n");
323
0
  result = GET_FTP_RESULT(stream);
324
325
  /* check if we got a 229 response */
326
0
  if (result != 229) {
327
0
#endif
328
    /* EPSV failed, let's try PASV */
329
0
    php_stream_write_string(stream, "PASV\r\n");
330
0
    result = GET_FTP_RESULT(stream);
331
332
    /* make sure we got a 227 response */
333
0
    if (result != 227) {
334
0
      return 0;
335
0
    }
336
337
    /* parse pasv command (129, 80, 95, 25, 13, 221) */
338
0
    tpath = tmp_line;
339
    /* skip over the "227 Some message " part */
340
0
    for (tpath += 4; *tpath && !isdigit((int) *tpath); tpath++);
341
0
    if (!*tpath) {
342
0
      return 0;
343
0
    }
344
    /* skip over the host ip, to get the port */
345
0
    hoststart = tpath;
346
0
    for (i = 0; i < 4; i++) {
347
0
      for (; isdigit((int) *tpath); tpath++);
348
0
      if (*tpath != ',') {
349
0
        return 0;
350
0
      }
351
0
      *tpath='.';
352
0
      tpath++;
353
0
    }
354
0
    tpath[-1] = '\0';
355
0
    memcpy(ip, hoststart, ip_size);
356
0
    ip[ip_size-1] = '\0';
357
0
    hoststart = ip;
358
359
    /* pull out the MSB of the port */
360
0
    portno = (unsigned short) strtoul(tpath, &ttpath, 10) * 256;
361
0
    if (ttpath == NULL) {
362
      /* didn't get correct response from PASV */
363
0
      return 0;
364
0
    }
365
0
    tpath = ttpath;
366
0
    if (*tpath != ',') {
367
0
      return 0;
368
0
    }
369
0
    tpath++;
370
    /* pull out the LSB of the port */
371
0
    portno += (unsigned short) strtoul(tpath, &ttpath, 10);
372
0
#ifdef HAVE_IPV6
373
0
  } else {
374
    /* parse epsv command (|||6446|) */
375
0
    for (i = 0, tpath = tmp_line + 4; *tpath; tpath++) {
376
0
      if (*tpath == '|') {
377
0
        i++;
378
0
        if (i == 3)
379
0
          break;
380
0
      }
381
0
    }
382
0
    if (i < 3) {
383
0
      return 0;
384
0
    }
385
    /* pull out the port */
386
0
    portno = (unsigned short) strtoul(tpath + 1, &ttpath, 10);
387
0
  }
388
0
#endif
389
0
  if (ttpath == NULL) {
390
    /* didn't get correct response from EPSV/PASV */
391
0
    return 0;
392
0
  }
393
394
0
  if (phoststart) {
395
0
    *phoststart = hoststart;
396
0
  }
397
398
0
  return portno;
399
0
}
400
/* }}} */
401
402
/* {{{ php_fopen_url_wrap_ftp */
403
php_stream * php_stream_url_wrap_ftp(php_stream_wrapper *wrapper, const char *path, const char *mode,
404
                   int options, zend_string **opened_path, php_stream_context *context STREAMS_DC)
405
0
{
406
0
  php_stream *stream = NULL, *datastream = NULL;
407
0
  php_url *resource = NULL;
408
0
  char tmp_line[512];
409
0
  char ip[sizeof("123.123.123.123")];
410
0
  unsigned short portno;
411
0
  char *hoststart = NULL;
412
0
  int result = 0, use_ssl, use_ssl_on_data=0;
413
0
  php_stream *reuseid=NULL;
414
0
  size_t file_size = 0;
415
0
  zval *tmpzval;
416
0
  bool allow_overwrite = 0;
417
0
  int8_t read_write = 0;
418
0
  char *transport;
419
0
  int transport_len;
420
0
  zend_string *error_message = NULL;
421
422
0
  tmp_line[0] = '\0';
423
424
0
  if (strpbrk(mode, "r+")) {
425
0
    read_write = 1; /* Open for reading */
426
0
  }
427
0
  if (strpbrk(mode, "wa+")) {
428
0
    if (read_write) {
429
0
      php_stream_wrapper_log_error(wrapper, options, "FTP does not support simultaneous read/write connections");
430
0
      return NULL;
431
0
    }
432
0
    if (strchr(mode, 'a')) {
433
0
      read_write = 3; /* Open for Appending */
434
0
    } else {
435
0
      read_write = 2; /* Open for writing */
436
0
    }
437
0
  }
438
0
  if (!read_write) {
439
    /* No mode specified? */
440
0
    php_stream_wrapper_log_error(wrapper, options, "Unknown file open mode");
441
0
    return NULL;
442
0
  }
443
444
0
  if (context &&
445
0
    (tmpzval = php_stream_context_get_option(context, "ftp", "proxy")) != NULL) {
446
0
    if (read_write == 1) {
447
      /* Use http wrapper to proxy ftp request */
448
0
      return php_stream_url_wrap_http(wrapper, path, mode, options, opened_path, context STREAMS_CC);
449
0
    } else {
450
      /* ftp proxy is read-only */
451
0
      php_stream_wrapper_log_error(wrapper, options, "FTP proxy may only be used in read mode");
452
0
      return NULL;
453
0
    }
454
0
  }
455
456
0
  stream = php_ftp_fopen_connect(wrapper, path, mode, options, opened_path, context, &reuseid, &resource, &use_ssl, &use_ssl_on_data);
457
0
  if (!stream) {
458
0
    goto errexit;
459
0
  }
460
461
  /* set the connection to be binary */
462
0
  php_stream_write_string(stream, "TYPE I\r\n");
463
0
  result = GET_FTP_RESULT(stream);
464
0
  if (result > 299 || result < 200)
465
0
    goto errexit;
466
467
  /* find out the size of the file (verifying it exists) */
468
0
  php_stream_printf(stream, "SIZE %s\r\n", ZSTR_VAL(resource->path));
469
470
  /* read the response */
471
0
  result = GET_FTP_RESULT(stream);
472
0
  if (read_write == 1) {
473
    /* Read Mode */
474
0
    char *sizestr;
475
476
    /* when reading file, it must exist */
477
0
    if (result > 299 || result < 200) {
478
0
      errno = ENOENT;
479
0
      goto errexit;
480
0
    }
481
482
0
    sizestr = strchr(tmp_line, ' ');
483
0
    if (sizestr) {
484
0
      sizestr++;
485
0
      file_size = atoi(sizestr);
486
0
      php_stream_notify_file_size(context, file_size, tmp_line, result);
487
0
    }
488
0
  } else if (read_write == 2) {
489
    /* when writing file (but not appending), it must NOT exist, unless a context option exists which allows it */
490
0
    if (context && (tmpzval = php_stream_context_get_option(context, "ftp", "overwrite")) != NULL) {
491
0
      allow_overwrite = zend_is_true(tmpzval);
492
0
    }
493
0
    if (result <= 299 && result >= 200) {
494
0
      if (allow_overwrite) {
495
        /* Context permits overwriting file,
496
           so we just delete whatever's there in preparation */
497
0
        php_stream_printf(stream, "DELE %s\r\n", ZSTR_VAL(resource->path));
498
0
        result = GET_FTP_RESULT(stream);
499
0
        if (result >= 300 || result <= 199) {
500
0
          goto errexit;
501
0
        }
502
0
      } else {
503
0
        php_stream_wrapper_log_error(wrapper, options, "Remote file already exists and overwrite context option not specified");
504
0
        errno = EEXIST;
505
0
        goto errexit;
506
0
      }
507
0
    }
508
0
  }
509
510
  /* set up the passive connection */
511
0
  portno = php_fopen_do_pasv(stream, ip, sizeof(ip), &hoststart);
512
513
0
  if (!portno) {
514
0
    goto errexit;
515
0
  }
516
517
  /* Send RETR/STOR command */
518
0
  if (read_write == 1) {
519
    /* set resume position if applicable */
520
0
    if (context &&
521
0
      (tmpzval = php_stream_context_get_option(context, "ftp", "resume_pos")) != NULL &&
522
0
      Z_TYPE_P(tmpzval) == IS_LONG &&
523
0
      Z_LVAL_P(tmpzval) > 0) {
524
0
      php_stream_printf(stream, "REST " ZEND_LONG_FMT "\r\n", Z_LVAL_P(tmpzval));
525
0
      result = GET_FTP_RESULT(stream);
526
0
      if (result < 300 || result > 399) {
527
0
        php_stream_wrapper_log_error(wrapper, options, "Unable to resume from offset " ZEND_LONG_FMT, Z_LVAL_P(tmpzval));
528
0
        goto errexit;
529
0
      }
530
0
    }
531
532
    /* retrieve file */
533
0
    memcpy(tmp_line, "RETR", sizeof("RETR"));
534
0
  } else if (read_write == 2) {
535
    /* Write new file */
536
0
    memcpy(tmp_line, "STOR", sizeof("STOR"));
537
0
  } else {
538
    /* Append */
539
0
    memcpy(tmp_line, "APPE", sizeof("APPE"));
540
0
  }
541
0
  php_stream_printf(stream, "%s %s\r\n", tmp_line, (resource->path != NULL ? ZSTR_VAL(resource->path) : "/"));
542
543
  /* open the data channel */
544
0
  if (hoststart == NULL) {
545
0
    hoststart = ZSTR_VAL(resource->host);
546
0
  }
547
0
  transport_len = (int)spprintf(&transport, 0, "tcp://%s:%d", hoststart, portno);
548
0
  datastream = php_stream_xport_create(transport, transport_len, REPORT_ERRORS, STREAM_XPORT_CLIENT | STREAM_XPORT_CONNECT, NULL, NULL, context, &error_message, NULL);
549
0
  efree(transport);
550
0
  if (datastream == NULL) {
551
0
    tmp_line[0]='\0';
552
0
    goto errexit;
553
0
  }
554
555
0
  result = GET_FTP_RESULT(stream);
556
0
  if (result != 150 && result != 125) {
557
    /* Could not retrieve or send the file
558
     * this data will only be sent to us after connection on the data port was initiated.
559
     */
560
0
    php_stream_close(datastream);
561
0
    datastream = NULL;
562
0
    goto errexit;
563
0
  }
564
565
0
  php_stream_context_set(datastream, context);
566
0
  php_stream_notify_progress_init(context, 0, file_size);
567
568
0
  if (use_ssl_on_data && (php_stream_xport_crypto_setup(datastream,
569
0
      STREAM_CRYPTO_METHOD_SSLv23_CLIENT, NULL) < 0 ||
570
0
      php_stream_xport_crypto_enable(datastream, 1) < 0)) {
571
572
0
    php_stream_wrapper_log_error(wrapper, options, "Unable to activate SSL mode");
573
0
    php_stream_close(datastream);
574
0
    datastream = NULL;
575
0
    tmp_line[0]='\0';
576
0
    goto errexit;
577
0
  }
578
579
  /* remember control stream */
580
0
  datastream->wrapperthis = stream;
581
582
0
  php_url_free(resource);
583
0
  return datastream;
584
585
0
errexit:
586
0
  if (resource) {
587
0
    php_url_free(resource);
588
0
  }
589
0
  if (stream) {
590
0
    php_stream_notify_error(context, PHP_STREAM_NOTIFY_FAILURE, tmp_line, result);
591
0
    php_stream_close(stream);
592
0
  }
593
0
  if (tmp_line[0] != '\0')
594
0
    php_stream_wrapper_log_error(wrapper, options, "FTP server reports %s", tmp_line);
595
596
0
  if (error_message) {
597
0
    php_stream_wrapper_log_error(wrapper, options, "Failed to set up data channel: %s", ZSTR_VAL(error_message));
598
0
    zend_string_release(error_message);
599
0
  }
600
0
  return NULL;
601
0
}
602
/* }}} */
603
604
/* {{{ php_ftp_dirsteam_read */
605
static ssize_t php_ftp_dirstream_read(php_stream *stream, char *buf, size_t count)
606
0
{
607
0
  php_stream_dirent *ent = (php_stream_dirent *)buf;
608
0
  php_stream *innerstream;
609
0
  size_t tmp_len;
610
0
  zend_string *basename;
611
612
0
  innerstream =  ((php_ftp_dirstream_data *)stream->abstract)->datastream;
613
614
0
  if (count != sizeof(php_stream_dirent)) {
615
0
    return -1;
616
0
  }
617
618
0
  if (php_stream_eof(innerstream)) {
619
0
    return 0;
620
0
  }
621
622
0
  if (!php_stream_get_line(innerstream, ent->d_name, sizeof(ent->d_name), &tmp_len)) {
623
0
    return -1;
624
0
  }
625
626
0
  basename = php_basename(ent->d_name, tmp_len, NULL, 0);
627
628
0
  tmp_len = MIN(sizeof(ent->d_name), ZSTR_LEN(basename) - 1);
629
0
  memcpy(ent->d_name, ZSTR_VAL(basename), tmp_len);
630
0
  ent->d_name[tmp_len - 1] = '\0';
631
0
  zend_string_release_ex(basename, 0);
632
0
  ent->d_type = DT_UNKNOWN;
633
634
  /* Trim off trailing whitespace characters */
635
0
  while (tmp_len > 0 &&
636
0
      (ent->d_name[tmp_len - 1] == '\n' || ent->d_name[tmp_len - 1] == '\r' ||
637
0
       ent->d_name[tmp_len - 1] == '\t' || ent->d_name[tmp_len - 1] == ' ')) {
638
0
    ent->d_name[--tmp_len] = '\0';
639
0
  }
640
641
0
  return sizeof(php_stream_dirent);
642
0
}
643
/* }}} */
644
645
/* {{{ php_ftp_dirstream_close */
646
static int php_ftp_dirstream_close(php_stream *stream, int close_handle)
647
0
{
648
0
  php_ftp_dirstream_data *data = stream->abstract;
649
650
  /* close control connection */
651
0
  if (data->controlstream) {
652
0
    php_stream_close(data->controlstream);
653
0
    data->controlstream = NULL;
654
0
  }
655
  /* close data connection */
656
0
  php_stream_close(data->datastream);
657
0
  data->datastream = NULL;
658
659
0
  efree(data);
660
0
  stream->abstract = NULL;
661
662
0
  return 0;
663
0
}
664
/* }}} */
665
666
/* ftp dirstreams only need to support read and close operations,
667
   They can't be rewound because the underlying ftp stream can't be rewound. */
668
static const php_stream_ops php_ftp_dirstream_ops = {
669
  NULL, /* write */
670
  php_ftp_dirstream_read, /* read */
671
  php_ftp_dirstream_close, /* close */
672
  NULL, /* flush */
673
  "ftpdir",
674
  NULL, /* rewind */
675
  NULL, /* cast */
676
  NULL, /* stat */
677
  NULL  /* set option */
678
};
679
680
/* {{{ php_stream_ftp_opendir */
681
static php_stream * php_stream_ftp_opendir(php_stream_wrapper *wrapper, const char *path, const char *mode, int options,
682
                  zend_string **opened_path, php_stream_context *context STREAMS_DC)
683
0
{
684
0
  php_stream *stream, *reuseid, *datastream = NULL;
685
0
  php_ftp_dirstream_data *dirsdata;
686
0
  php_url *resource = NULL;
687
0
  int result = 0, use_ssl, use_ssl_on_data = 0;
688
0
  char *hoststart = NULL, tmp_line[512];
689
0
  char ip[sizeof("123.123.123.123")];
690
0
  unsigned short portno;
691
692
0
  tmp_line[0] = '\0';
693
694
0
  stream = php_ftp_fopen_connect(wrapper, path, mode, options, opened_path, context, &reuseid, &resource, &use_ssl, &use_ssl_on_data);
695
0
  if (!stream) {
696
0
    goto opendir_errexit;
697
0
  }
698
699
  /* set the connection to be ascii */
700
0
  php_stream_write_string(stream, "TYPE A\r\n");
701
0
  result = GET_FTP_RESULT(stream);
702
0
  if (result > 299 || result < 200)
703
0
    goto opendir_errexit;
704
705
  // tmp_line isn't relevant after the php_fopen_do_pasv().
706
0
  tmp_line[0] = '\0';
707
708
  /* set up the passive connection */
709
0
  portno = php_fopen_do_pasv(stream, ip, sizeof(ip), &hoststart);
710
711
0
  if (!portno) {
712
0
    goto opendir_errexit;
713
0
  }
714
715
  /* open the data channel */
716
0
  if (hoststart == NULL) {
717
0
    hoststart = ZSTR_VAL(resource->host);
718
0
  }
719
720
0
  datastream = php_stream_sock_open_host(hoststart, portno, SOCK_STREAM, 0, 0);
721
0
  if (datastream == NULL) {
722
0
    goto opendir_errexit;
723
0
  }
724
725
0
  php_stream_printf(stream, "NLST %s\r\n", (resource->path != NULL ? ZSTR_VAL(resource->path) : "/"));
726
727
0
  result = GET_FTP_RESULT(stream);
728
0
  if (result != 150 && result != 125) {
729
    /* Could not retrieve or send the file
730
     * this data will only be sent to us after connection on the data port was initiated.
731
     */
732
0
    php_stream_close(datastream);
733
0
    datastream = NULL;
734
0
    goto opendir_errexit;
735
0
  }
736
737
0
  php_stream_context_set(datastream, context);
738
0
  if (use_ssl_on_data && (php_stream_xport_crypto_setup(datastream,
739
0
      STREAM_CRYPTO_METHOD_SSLv23_CLIENT, NULL) < 0 ||
740
0
      php_stream_xport_crypto_enable(datastream, 1) < 0)) {
741
742
0
    php_stream_wrapper_log_error(wrapper, options, "Unable to activate SSL mode");
743
0
    php_stream_close(datastream);
744
0
    datastream = NULL;
745
0
    goto opendir_errexit;
746
0
  }
747
748
0
  php_url_free(resource);
749
750
0
  dirsdata = emalloc(sizeof *dirsdata);
751
0
  dirsdata->datastream = datastream;
752
0
  dirsdata->controlstream = stream;
753
0
  dirsdata->dirstream = php_stream_alloc(&php_ftp_dirstream_ops, dirsdata, 0, mode);
754
755
0
  return dirsdata->dirstream;
756
757
0
opendir_errexit:
758
0
  if (resource) {
759
0
    php_url_free(resource);
760
0
  }
761
0
  if (stream) {
762
0
    php_stream_notify_error(context, PHP_STREAM_NOTIFY_FAILURE, tmp_line, result);
763
0
    php_stream_close(stream);
764
0
  }
765
0
  if (tmp_line[0] != '\0') {
766
0
    php_stream_wrapper_log_error(wrapper, options, "FTP server reports %s", tmp_line);
767
0
  }
768
0
  return NULL;
769
0
}
770
/* }}} */
771
772
/* {{{ php_stream_ftp_url_stat */
773
static int php_stream_ftp_url_stat(php_stream_wrapper *wrapper, const char *url, int flags, php_stream_statbuf *ssb, php_stream_context *context)
774
0
{
775
0
  php_stream *stream = NULL;
776
0
  php_url *resource = NULL;
777
0
  int result;
778
0
  char tmp_line[512];
779
780
  /* If ssb is NULL then someone is misbehaving */
781
0
  if (!ssb) return -1;
782
783
0
  stream = php_ftp_fopen_connect(wrapper, url, "r", 0, NULL, context, NULL, &resource, NULL, NULL);
784
0
  if (!stream) {
785
0
    goto stat_errexit;
786
0
  }
787
788
0
  ssb->sb.st_mode = 0644;                 /* FTP won't give us a valid mode, so approximate one based on being readable */
789
0
  php_stream_printf(stream, "CWD %s\r\n", (resource->path != NULL ? ZSTR_VAL(resource->path) : "/")); /* If we can CWD to it, it's a directory (maybe a link, but we can't tell) */
790
0
  result = GET_FTP_RESULT(stream);
791
0
  if (result < 200 || result > 299) {
792
0
    ssb->sb.st_mode |= S_IFREG;
793
0
  } else {
794
0
    ssb->sb.st_mode |= S_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH;
795
0
  }
796
797
0
  php_stream_write_string(stream, "TYPE I\r\n"); /* we need this since some servers refuse to accept SIZE command in ASCII mode */
798
799
0
  result = GET_FTP_RESULT(stream);
800
801
0
  if(result < 200 || result > 299) {
802
0
    goto stat_errexit;
803
0
  }
804
805
0
  php_stream_printf(stream, "SIZE %s\r\n", (resource->path != NULL ? ZSTR_VAL(resource->path) : "/"));
806
0
  result = GET_FTP_RESULT(stream);
807
0
  if (result < 200 || result > 299) {
808
    /* Failure either means it doesn't exist
809
       or it's a directory and this server
810
       fails on listing directory sizes */
811
0
    if (ssb->sb.st_mode & S_IFDIR) {
812
0
      ssb->sb.st_size = 0;
813
0
    } else {
814
0
      goto stat_errexit;
815
0
    }
816
0
  } else {
817
0
    ssb->sb.st_size = atoi(tmp_line + 4);
818
0
  }
819
820
0
  php_stream_printf(stream, "MDTM %s\r\n", (resource->path != NULL ? ZSTR_VAL(resource->path) : "/"));
821
0
  result = GET_FTP_RESULT(stream);
822
0
  if (result == 213) {
823
0
    char *p = tmp_line + 4;
824
0
    int n;
825
0
    struct tm tm, tmbuf, *gmt;
826
0
    time_t stamp;
827
828
0
    while ((size_t)(p - tmp_line) < sizeof(tmp_line) && !isdigit(*p)) {
829
0
      p++;
830
0
    }
831
832
0
    if ((size_t)(p - tmp_line) > sizeof(tmp_line)) {
833
0
      goto mdtm_error;
834
0
    }
835
836
0
    n = sscanf(p, "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec);
837
0
    if (n != 6) {
838
0
      goto mdtm_error;
839
0
    }
840
841
0
    tm.tm_year -= 1900;
842
0
    tm.tm_mon--;
843
0
    tm.tm_isdst = -1;
844
845
    /* figure out the GMT offset */
846
0
    stamp = time(NULL);
847
0
    gmt = php_gmtime_r(&stamp, &tmbuf);
848
0
    if (!gmt) {
849
0
      goto mdtm_error;
850
0
    }
851
0
    gmt->tm_isdst = -1;
852
853
    /* apply the GMT offset */
854
0
    tm.tm_sec += (long)(stamp - mktime(gmt));
855
0
    tm.tm_isdst = gmt->tm_isdst;
856
857
0
    ssb->sb.st_mtime = mktime(&tm);
858
0
  } else {
859
    /* error or unsupported command */
860
0
mdtm_error:
861
0
    ssb->sb.st_mtime = -1;
862
0
  }
863
864
0
  ssb->sb.st_ino = 0;           /* Unknown values */
865
0
  ssb->sb.st_dev = 0;
866
0
  ssb->sb.st_uid = 0;
867
0
  ssb->sb.st_gid = 0;
868
0
  ssb->sb.st_atime = -1;
869
0
  ssb->sb.st_ctime = -1;
870
871
0
  ssb->sb.st_nlink = 1;
872
0
  ssb->sb.st_rdev = -1;
873
0
#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE
874
0
  ssb->sb.st_blksize = 4096;        /* Guess since FTP won't expose this information */
875
0
#ifdef HAVE_STRUCT_STAT_ST_BLOCKS
876
0
  ssb->sb.st_blocks = (int)((4095 + ssb->sb.st_size) / ssb->sb.st_blksize); /* emulate ceil */
877
0
#endif
878
0
#endif
879
0
  php_stream_close(stream);
880
0
  php_url_free(resource);
881
0
  return 0;
882
883
0
stat_errexit:
884
0
  if (resource) {
885
0
    php_url_free(resource);
886
0
  }
887
0
  if (stream) {
888
0
    php_stream_close(stream);
889
0
  }
890
0
  return -1;
891
0
}
892
/* }}} */
893
894
/* {{{ php_stream_ftp_unlink */
895
static int php_stream_ftp_unlink(php_stream_wrapper *wrapper, const char *url, int options, php_stream_context *context)
896
0
{
897
0
  php_stream *stream = NULL;
898
0
  php_url *resource = NULL;
899
0
  int result;
900
0
  char tmp_line[512];
901
902
0
  stream = php_ftp_fopen_connect(wrapper, url, "r", 0, NULL, context, NULL, &resource, NULL, NULL);
903
0
  if (!stream) {
904
0
    if (options & REPORT_ERRORS) {
905
0
      php_error_docref(NULL, E_WARNING, "Unable to connect to %s", url);
906
0
    }
907
0
    goto unlink_errexit;
908
0
  }
909
910
0
  if (resource->path == NULL) {
911
0
    if (options & REPORT_ERRORS) {
912
0
      php_error_docref(NULL, E_WARNING, "Invalid path provided in %s", url);
913
0
    }
914
0
    goto unlink_errexit;
915
0
  }
916
917
  /* Attempt to delete the file */
918
0
  php_stream_printf(stream, "DELE %s\r\n", ZSTR_VAL(resource->path));
919
920
0
  result = GET_FTP_RESULT(stream);
921
0
  if (result < 200 || result > 299) {
922
0
    if (options & REPORT_ERRORS) {
923
0
      php_error_docref(NULL, E_WARNING, "Error Deleting file: %s", tmp_line);
924
0
    }
925
0
    goto unlink_errexit;
926
0
  }
927
928
0
  php_url_free(resource);
929
0
  php_stream_close(stream);
930
0
  return 1;
931
932
0
unlink_errexit:
933
0
  if (resource) {
934
0
    php_url_free(resource);
935
0
  }
936
0
  if (stream) {
937
0
    php_stream_close(stream);
938
0
  }
939
0
  return 0;
940
0
}
941
/* }}} */
942
943
/* {{{ php_stream_ftp_rename */
944
static int php_stream_ftp_rename(php_stream_wrapper *wrapper, const char *url_from, const char *url_to, int options, php_stream_context *context)
945
0
{
946
0
  php_stream *stream = NULL;
947
0
  php_url *resource_from = NULL, *resource_to = NULL;
948
0
  int result;
949
0
  char tmp_line[512];
950
951
0
  resource_from = php_url_parse(url_from);
952
0
  resource_to = php_url_parse(url_to);
953
  /* Must be same scheme (ftp/ftp or ftps/ftps), same host, and same port
954
    (or a 21/0 0/21 combination which is also "same")
955
     Also require paths to/from */
956
0
  if (!resource_from ||
957
0
    !resource_to ||
958
0
    !resource_from->scheme ||
959
0
    !resource_to->scheme ||
960
0
    !zend_string_equals(resource_from->scheme, resource_to->scheme) ||
961
0
    !resource_from->host ||
962
0
    !resource_to->host ||
963
0
    !zend_string_equals(resource_from->host, resource_to->host) ||
964
0
    (resource_from->port != resource_to->port &&
965
0
     resource_from->port * resource_to->port != 0 &&
966
0
     resource_from->port + resource_to->port != 21) ||
967
0
    !resource_from->path ||
968
0
    !resource_to->path) {
969
0
    goto rename_errexit;
970
0
  }
971
972
0
  stream = php_ftp_fopen_connect(wrapper, url_from, "r", 0, NULL, context, NULL, NULL, NULL, NULL);
973
0
  if (!stream) {
974
0
    if (options & REPORT_ERRORS) {
975
0
      php_error_docref(NULL, E_WARNING, "Unable to connect to %s", ZSTR_VAL(resource_from->host));
976
0
    }
977
0
    goto rename_errexit;
978
0
  }
979
980
  /* Rename FROM */
981
0
  php_stream_printf(stream, "RNFR %s\r\n", ZSTR_VAL(resource_from->path));
982
983
0
  result = GET_FTP_RESULT(stream);
984
0
  if (result < 300 || result > 399) {
985
0
    if (options & REPORT_ERRORS) {
986
0
      php_error_docref(NULL, E_WARNING, "Error Renaming file: %s", tmp_line);
987
0
    }
988
0
    goto rename_errexit;
989
0
  }
990
991
  /* Rename TO */
992
0
  php_stream_printf(stream, "RNTO %s\r\n", ZSTR_VAL(resource_to->path));
993
994
0
  result = GET_FTP_RESULT(stream);
995
0
  if (result < 200 || result > 299) {
996
0
    if (options & REPORT_ERRORS) {
997
0
      php_error_docref(NULL, E_WARNING, "Error Renaming file: %s", tmp_line);
998
0
    }
999
0
    goto rename_errexit;
1000
0
  }
1001
1002
0
  php_url_free(resource_from);
1003
0
  php_url_free(resource_to);
1004
0
  php_stream_close(stream);
1005
0
  return 1;
1006
1007
0
rename_errexit:
1008
0
  if (resource_from) {
1009
0
    php_url_free(resource_from);
1010
0
  }
1011
0
  if (resource_to) {
1012
0
    php_url_free(resource_to);
1013
0
  }
1014
0
  if (stream) {
1015
0
    php_stream_close(stream);
1016
0
  }
1017
0
  return 0;
1018
0
}
1019
/* }}} */
1020
1021
/* {{{ php_stream_ftp_mkdir */
1022
static int php_stream_ftp_mkdir(php_stream_wrapper *wrapper, const char *url, int mode, int options, php_stream_context *context)
1023
0
{
1024
0
  php_stream *stream = NULL;
1025
0
  php_url *resource = NULL;
1026
0
  int result, recursive = options & PHP_STREAM_MKDIR_RECURSIVE;
1027
0
  char tmp_line[512];
1028
1029
0
  stream = php_ftp_fopen_connect(wrapper, url, "r", 0, NULL, context, NULL, &resource, NULL, NULL);
1030
0
  if (!stream) {
1031
0
    if (options & REPORT_ERRORS) {
1032
0
      php_error_docref(NULL, E_WARNING, "Unable to connect to %s", url);
1033
0
    }
1034
0
    goto mkdir_errexit;
1035
0
  }
1036
1037
0
  if (resource->path == NULL) {
1038
0
    if (options & REPORT_ERRORS) {
1039
0
      php_error_docref(NULL, E_WARNING, "Invalid path provided in %s", url);
1040
0
    }
1041
0
    goto mkdir_errexit;
1042
0
  }
1043
1044
0
  if (!recursive) {
1045
0
    php_stream_printf(stream, "MKD %s\r\n", ZSTR_VAL(resource->path));
1046
0
    result = GET_FTP_RESULT(stream);
1047
0
  } else {
1048
    /* we look for directory separator from the end of string, thus hopefully reducing our work load */
1049
0
    char *p, *e, *buf;
1050
1051
0
    buf = estrndup(ZSTR_VAL(resource->path), ZSTR_LEN(resource->path));
1052
0
    e = buf + ZSTR_LEN(resource->path);
1053
1054
    /* find a top level directory we need to create */
1055
0
    while ((p = strrchr(buf, '/'))) {
1056
0
      *p = '\0';
1057
0
      php_stream_printf(stream, "CWD %s\r\n", strlen(buf) ? buf : "/");
1058
0
      result = GET_FTP_RESULT(stream);
1059
0
      if (result >= 200 && result <= 299) {
1060
0
        *p = '/';
1061
0
        break;
1062
0
      }
1063
0
    }
1064
1065
0
    php_stream_printf(stream, "MKD %s\r\n", strlen(buf) ? buf : "/");
1066
0
    result = GET_FTP_RESULT(stream);
1067
1068
0
    if (result >= 200 && result <= 299) {
1069
0
      if (!p) {
1070
0
        p = buf;
1071
0
      }
1072
      /* create any needed directories if the creation of the 1st directory worked */
1073
0
      while (p != e) {
1074
0
        if (*p == '\0' && *(p + 1) != '\0') {
1075
0
          *p = '/';
1076
0
          php_stream_printf(stream, "MKD %s\r\n", buf);
1077
0
          result = GET_FTP_RESULT(stream);
1078
0
          if (result < 200 || result > 299) {
1079
0
            if (options & REPORT_ERRORS) {
1080
0
              php_error_docref(NULL, E_WARNING, "%s", tmp_line);
1081
0
            }
1082
0
            break;
1083
0
          }
1084
0
        }
1085
0
        ++p;
1086
0
      }
1087
0
    }
1088
1089
0
    efree(buf);
1090
0
  }
1091
1092
0
  php_url_free(resource);
1093
0
  php_stream_close(stream);
1094
1095
0
  if (result < 200 || result > 299) {
1096
    /* Failure */
1097
0
    return 0;
1098
0
  }
1099
1100
0
  return 1;
1101
1102
0
mkdir_errexit:
1103
0
  if (resource) {
1104
0
    php_url_free(resource);
1105
0
  }
1106
0
  if (stream) {
1107
0
    php_stream_close(stream);
1108
0
  }
1109
0
  return 0;
1110
0
}
1111
/* }}} */
1112
1113
/* {{{ php_stream_ftp_rmdir */
1114
static int php_stream_ftp_rmdir(php_stream_wrapper *wrapper, const char *url, int options, php_stream_context *context)
1115
0
{
1116
0
  php_stream *stream = NULL;
1117
0
  php_url *resource = NULL;
1118
0
  int result;
1119
0
  char tmp_line[512];
1120
1121
0
  stream = php_ftp_fopen_connect(wrapper, url, "r", 0, NULL, context, NULL, &resource, NULL, NULL);
1122
0
  if (!stream) {
1123
0
    if (options & REPORT_ERRORS) {
1124
0
      php_error_docref(NULL, E_WARNING, "Unable to connect to %s", url);
1125
0
    }
1126
0
    goto rmdir_errexit;
1127
0
  }
1128
1129
0
  if (resource->path == NULL) {
1130
0
    if (options & REPORT_ERRORS) {
1131
0
      php_error_docref(NULL, E_WARNING, "Invalid path provided in %s", url);
1132
0
    }
1133
0
    goto rmdir_errexit;
1134
0
  }
1135
1136
0
  php_stream_printf(stream, "RMD %s\r\n", ZSTR_VAL(resource->path));
1137
0
  result = GET_FTP_RESULT(stream);
1138
1139
0
  if (result < 200 || result > 299) {
1140
0
    if (options & REPORT_ERRORS) {
1141
0
      php_error_docref(NULL, E_WARNING, "%s", tmp_line);
1142
0
    }
1143
0
    goto rmdir_errexit;
1144
0
  }
1145
1146
0
  php_url_free(resource);
1147
0
  php_stream_close(stream);
1148
1149
0
  return 1;
1150
1151
0
rmdir_errexit:
1152
0
  if (resource) {
1153
0
    php_url_free(resource);
1154
0
  }
1155
0
  if (stream) {
1156
0
    php_stream_close(stream);
1157
0
  }
1158
0
  return 0;
1159
0
}
1160
/* }}} */
1161
1162
static const php_stream_wrapper_ops ftp_stream_wops = {
1163
  php_stream_url_wrap_ftp,
1164
  php_stream_ftp_stream_close, /* stream_close */
1165
  php_stream_ftp_stream_stat,
1166
  php_stream_ftp_url_stat, /* stat_url */
1167
  php_stream_ftp_opendir, /* opendir */
1168
  "ftp",
1169
  php_stream_ftp_unlink, /* unlink */
1170
  php_stream_ftp_rename, /* rename */
1171
  php_stream_ftp_mkdir,  /* mkdir */
1172
  php_stream_ftp_rmdir,  /* rmdir */
1173
  NULL
1174
};
1175
1176
PHPAPI const php_stream_wrapper php_stream_ftp_wrapper =  {
1177
  &ftp_stream_wops,
1178
  NULL,
1179
  1 /* is_url */
1180
};