Subject: bin/13401: ftp epsv fails; new ftp option
To: None <gnats-bugs@gnats.netbsd.org>
From: John D Smerdon <jds@smerdon.livonia.mi.us>
List: netbsd-bugs
Date: 07/07/2001 11:24:43
>Number: 13401
>Category: bin
>Synopsis: ftp epsv fails; new ftp option
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Sat Jul 07 08:23:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: John D Smerdon
>Release: NetBSD 1.5.1
>Organization:
>Environment:
System: NetBSD p100 1.5.1 NetBSD 1.5.1 (GENERIC) #20: Fri Jun 22 13:38:30 EDT 2001 jds@p100:/usr/src/sys/arch/i386/compile/GENERIC i386
>Description:
EPSV may be understood by the ftp client and the ftp server,
but not by a firewall (CheckPoint Firewall-1 4.0) between
them.
>How-To-Repeat:
I no longer have access to a CheckPoint firewall to reproduce
the problem.
>Fix:
The EPSV command can be used for interactive FTP sessions.
But it can't be used when building packages.
Add a '-E' option to ftp to disable EPSV. i.e.:
cd /usr/pkgsrc/xxx/yyy
make FETCH_BEFORE_ARGS=-E
Patch for /usr/src/usr.bin/ftp:
===================================================================
RCS file: main.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -C3 -r1.1 -r1.2
*** main.c 2001/07/07 11:58:59 1.1
--- main.c 2001/07/07 14:04:09 1.2
***************
*** 270,276 ****
}
}
! while ((ch = getopt(argc, argv, "Aadefgino:pP:r:RtT:u:vV")) != -1) {
switch (ch) {
case 'A':
activefallback = 0;
--- 270,276 ----
}
}
! while ((ch = getopt(argc, argv, "AadeEfgino:pP:r:RtT:u:vV")) != -1) {
switch (ch) {
case 'A':
activefallback = 0;
***************
*** 292,297 ****
--- 292,301 ----
#endif
break;
+ case 'E':
+ epsv4bad = 1;
+ break;
+
case 'f':
flushcache = 1;
break;
***************
*** 972,978 ****
usage(void)
{
(void)fprintf(stderr,
! "usage: %s [-AadefginpRtvV] [-o outfile] [-P port] [-r retry]\n"
" [-T dir,max[,inc][[user@]host [port]]] [host:path[/]]\n"
" [file:///file] [ftp://[user[:pass]@]host[:port]/path[/]]\n"
" [http://[user[:pass]@]host[:port]/path] [...]\n"
--- 976,982 ----
usage(void)
{
(void)fprintf(stderr,
! "usage: %s [-AadeEfginpRtvV] [-o outfile] [-P port] [-r retry]\n"
" [-T dir,max[,inc][[user@]host [port]]] [host:path[/]]\n"
" [file:///file] [ftp://[user[:pass]@]host[:port]/path[/]]\n"
" [http://[user[:pass]@]host[:port]/path] [...]\n"
===================================================================
RCS file: ftp.1,v
retrieving revision 1.1
retrieving revision 1.2
diff -C3 -r1.1 -r1.2
*** ftp.1 2001/07/07 12:07:07 1.1
--- ftp.1 2001/07/07 14:04:13 1.2
***************
*** 166,171 ****
--- 166,173 ----
.It Fl e
Disables command line editing.
This is useful for Emacs ange-ftp mode.
+ .It Fl E
+ Disables use of EPSV/EPRT.
.It Fl f
Forces a cache reload for transfers that go through the
.Tn FTP
>Release-Note:
>Audit-Trail:
>Unformatted: