Req #55651 [Com]: Option to force PHP to ignore the PASV address returned

2013-08-24 Thread abrender at elitehosts dot com
Edit report at https://bugs.php.net/bug.php?id=55651&edit=1

 ID: 55651
 Comment by: abrender at elitehosts dot com
 Reported by:abrender at elitehosts dot com
 Summary:Option to force PHP to ignore the PASV address
 returned
 Status: Open
 Type:   Feature/Change Request
 Package:FTP related
 Operating System:   All
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

Hi,

Any chance of this patch getting reviewed and accepted? (A more detailed 
explanation is at http://www.elitehosts.com/blog/php-ftp-passive-ftp-server-
behind-nat-
nightmare/)

There were 78 votes, 72 people reproduced the problem and other people are 
seeing the same problem:

http://blog.derakkilgo.com/2013/08/24/php-has-a-ftps-bug-please-vote-this-bug-
up-so-someone-will-approve-this-patch/

https://bugs.php.net/bug.php?id=64600

http://www.codingforums.com/archive/index.php/t-285742.html

http://www.techques.com/question/1-2851547/How-to-Send-File-over-secure-FTP-SSL-
Protocol

http://www.webdeveloper.com/forum/showthread.php?236275-ftp_connect-blocked

Thanks!


Previous Comments:

[2011-09-10 15:57:03] abrender at elitehosts dot com

PS - this patch works against PHP 5.2.17 as well as 5.3.8


[2011-09-09 08:09:49] abrender at elitehosts dot com

Description:

In response to the PASV command, FTP servers sometimes return their IP address 
(10.X for example) and PHP honors this IP address, stores it in ftp->pasvaddr 
and uses that for future connections.

This is problematic because PHP won't be able to communicate with a server 
behind a NAT device using passive FTP.

The attached patch adds the USEPASVADDRESS option (a boolean) which can be set 
and read via the ftp_set_option() and ftp_get_option() functions. 
USEPASVADDRESS 
is set to TRUE by default to preserve existing functionality. When 
USEPASVADDRESS is set to FALSE, the ftp extension will ignore the IP address 
returned by the PASV command and instead use the IP address passed to 
ftp_connect() (or ftp_ssl_connect())

In the future we may expand the values to include AUTO which would ignore any 
RFC 1918 IP addresses returned by the PASV command.

The only thing to note is that the call to ftp_set_option() must be made before 
ftp_pasv() is called.







-- 
Edit this bug report at https://bugs.php.net/bug.php?id=55651&edit=1


[PHP-BUG] Req #55651 [NEW]: Option to force PHP to ignore the PASV address returned

2011-09-09 Thread abrender at elitehosts dot com
From: 
Operating system: All
PHP version:  5.3.8
Package:  FTP related
Bug Type: Feature/Change Request
Bug description:Option to force PHP to ignore the PASV address returned

Description:

In response to the PASV command, FTP servers sometimes return their IP
address 
(10.X for example) and PHP honors this IP address, stores it in
ftp->pasvaddr 
and uses that for future connections.

This is problematic because PHP won't be able to communicate with a server

behind a NAT device using passive FTP.

The attached patch adds the USEPASVADDRESS option (a boolean) which can be
set 
and read via the ftp_set_option() and ftp_get_option() functions.
USEPASVADDRESS 
is set to TRUE by default to preserve existing functionality. When 
USEPASVADDRESS is set to FALSE, the ftp extension will ignore the IP
address 
returned by the PASV command and instead use the IP address passed to 
ftp_connect() (or ftp_ssl_connect())

In the future we may expand the values to include AUTO which would ignore
any 
RFC 1918 IP addresses returned by the PASV command.

The only thing to note is that the call to ftp_set_option() must be made
before 
ftp_pasv() is called.


-- 
Edit bug report at https://bugs.php.net/bug.php?id=55651&edit=1
-- 
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=55651&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=55651&r=trysnapshot53
Try a snapshot (trunk):  
https://bugs.php.net/fix.php?id=55651&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=55651&r=fixed
Fixed in SVN and need be documented: 
https://bugs.php.net/fix.php?id=55651&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=55651&r=alreadyfixed
Need backtrace:  
https://bugs.php.net/fix.php?id=55651&r=needtrace
Need Reproduce Script:   
https://bugs.php.net/fix.php?id=55651&r=needscript
Try newer version:   
https://bugs.php.net/fix.php?id=55651&r=oldversion
Not developer issue: 
https://bugs.php.net/fix.php?id=55651&r=support
Expected behavior:   
https://bugs.php.net/fix.php?id=55651&r=notwrong
Not enough info: 
https://bugs.php.net/fix.php?id=55651&r=notenoughinfo
Submitted twice: 
https://bugs.php.net/fix.php?id=55651&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=55651&r=globals
PHP 4 support discontinued:  
https://bugs.php.net/fix.php?id=55651&r=php4
Daylight Savings:https://bugs.php.net/fix.php?id=55651&r=dst
IIS Stability:   
https://bugs.php.net/fix.php?id=55651&r=isapi
Install GNU Sed: 
https://bugs.php.net/fix.php?id=55651&r=gnused
Floating point limitations:  
https://bugs.php.net/fix.php?id=55651&r=float
No Zend Extensions:  
https://bugs.php.net/fix.php?id=55651&r=nozend
MySQL Configuration Error:   
https://bugs.php.net/fix.php?id=55651&r=mysqlcfg



Req #55651 [Com]: Option to force PHP to ignore the PASV address returned

2011-09-10 Thread abrender at elitehosts dot com
Edit report at https://bugs.php.net/bug.php?id=55651&edit=1

 ID: 55651
 Comment by: abrender at elitehosts dot com
 Reported by:abrender at elitehosts dot com
 Summary:Option to force PHP to ignore the PASV address
 returned
 Status: Open
 Type:   Feature/Change Request
 Package:FTP related
 Operating System:   All
 PHP Version:5.3.8
 Block user comment: N
 Private report: N

 New Comment:

PS - this patch works against PHP 5.2.17 as well as 5.3.8


Previous Comments:

[2011-09-09 08:09:49] abrender at elitehosts dot com

Description:

In response to the PASV command, FTP servers sometimes return their IP address 
(10.X for example) and PHP honors this IP address, stores it in ftp->pasvaddr 
and uses that for future connections.

This is problematic because PHP won't be able to communicate with a server 
behind a NAT device using passive FTP.

The attached patch adds the USEPASVADDRESS option (a boolean) which can be set 
and read via the ftp_set_option() and ftp_get_option() functions. 
USEPASVADDRESS 
is set to TRUE by default to preserve existing functionality. When 
USEPASVADDRESS is set to FALSE, the ftp extension will ignore the IP address 
returned by the PASV command and instead use the IP address passed to 
ftp_connect() (or ftp_ssl_connect())

In the future we may expand the values to include AUTO which would ignore any 
RFC 1918 IP addresses returned by the PASV command.

The only thing to note is that the call to ftp_set_option() must be made before 
ftp_pasv() is called.







-- 
Edit this bug report at https://bugs.php.net/bug.php?id=55651&edit=1


Bug #47110 [Com]: Can not use ftp functions behind firewall

2011-09-10 Thread abrender at elitehosts dot com
Edit report at https://bugs.php.net/bug.php?id=47110&edit=1

 ID: 47110
 Comment by: abrender at elitehosts dot com
 Reported by:konix dot net at du dot t-com dot hr
 Summary:Can not use ftp functions behind firewall
 Status: Closed
 Type:   Bug
 Package:FTP related
 Operating System:   Cent OS (Latest patch)
 PHP Version:5.2.8
 Block user comment: N
 Private report: N

 New Comment:

If you're seeing 'failed: Operation now in progress (115)' and you've already 
switched into passive FTP mode then either your firewall needs to be fixed OR 
the 
ftp server is returning a private RFC1918 IP address in response to the PASV 
command which PHP is then trying to connect to and timing out. I've detailed 
this 
issue at http://www.elitehosts.com/blog/php-ftp-passive-ftp-server-behind-nat-
nightmare/ and posted an entry at bugs.php.net with a patch to fix the issue at 
https://bugs.php.net/bug.php?id=55651 - please vote for that feature fix if you 
want it included in future PHP releases.


Previous Comments:

[2009-01-15 17:41:20] konix dot net at du dot t-com dot hr

Fix firewall and it will work.


[2009-01-15 17:21:22] konix dot net at du dot t-com dot hr

FYI for anyone else looking for answer:
- when behind firewall, you will surly set your ftp connection in PASV mode.

Be sure to configure your firewall in a right way as you will need port open in 
upper ranges (from 1024).

Once this is done, all PHP FTP function in PSV mode work as they should.


[2009-01-15 12:47:50] j...@php.net

IIRC, it's just a buggy FTP server issue.


[2009-01-15 08:39:14] konix dot net at du dot t-com dot hr

Description:

I'm trying to connect to FTP server from a script.
Script is behind firewall.
Only FTP port is allowed (application/script is to be used in PCIDSS 
enviroment).

We tried same script on other servers and no problem accured at all. This could 
be a firewall / web application firewall (mod_security) issue but we're not 
sure.

Reproduce code:
---
$ftp_array = array(
 // Host, user, pass
);

$port = 21;
$network_timeout = 30;

echo "Connecting...\n";

// Connect
$ftp_connection = ftp_connect($ftp_array['host'], $port, network);

if ($ftp_connection) {

// Login
if ($login = ftp_login($ftp_connection, $ftp_array['user'], 
$ftp_array['pass'])) {
// Pasive mode
ftp_pasv($ftp_connection, true);
// Change dir
ftp_chdir($ftp_connection, "in");
// Get dir listing
$contents = ftp_nlist($ftp_connection, ".");
// Echo list
echo '';
print_r($contents);
echo '';
} else {
  
  echo "Can't login to remote server.";

}

ftp_close($ftp_connection);

} else {
  
  exit("Can't connect to remote server.");

}

Expected result:

Array
(
[0] => .
[1] => ..
[2] => 11829_RATE_39.txt
)


Actual result:
--
Warning: ftp_nlist() [function.ftp-nlist]: php_connect_nonb() failed: Operation 
now in progress (115) in /var/www/html/public_html/ftp_test.php on line 30







-- 
Edit this bug report at https://bugs.php.net/bug.php?id=47110&edit=1