Subject: kern/12066 -- 1.5.1_BETA still affected
To: None <email@example.com>
From: Ingolf Steinbach <firstname.lastname@example.org>
Date: 04/24/2001 22:48:44
Darren Reed wrote:
> Check the FTP RFC.
> It has state diagrams which document what is and isn't allowed.
The state diagrams in STD-0009 for the login sequence indicate
1) a USER command can be answered with a 2xx reply -- in
this case the client does not need to send a PASS command
2) a PASS command can be answered with a 3xx reply -- in
this case an additional ACCT command is necessary.
Both cases are NOT handled by the FTP proxy in 1.5.1_BETA:
especially, active ftp sessions to servers which just need
a USER command without PASS will not have their PORT commands
rewritten and will fail.
It would be really nice if this bug were fixed in 1.5.1.
Please have a look at my message from 2001-02-05 in the
gnats database which suggests a fix for the problem.
Ingolf Steinbach Balin@IRCnet ICQ#60829470
PGP: 0x7B3B5661 213C 828E 0C92 16B5 05D0 4D5B A324 EC04