#10832 closed defect (invalid)
Cannot fetch files by ftp through a firewall for some ftp servers
Reported by: | macports@… | Owned by: | darwinports-bugs@… |
---|---|---|---|
Priority: | Normal | Milestone: | |
Component: | base | Version: | 1.3.2 |
Keywords: | ftp | Cc: | macosforge.org@… |
Port: |
Description
This is a followup bug report to Ticket #10320.
There are two problems that lead to the situation described in ticket 10320. First, the ftp client accesses servers in passive mode by trying "EPSV" first and then, if that fails, trying "PASV". The server at ftp.cwru.edu, and presumable more servers, break the connection after the "EPSV" request, making it impossible to try "PASV".
Second, the port program then tries various distfile hosts at opendarwin.org, which no longer respond.
There are many options for fixing this:
OPTION 1 - (Solution) Fix the ftp function to make a second connection attempt using "PASV" first. I don't know if port uses Apple's command line ftp program; if so, this might not work because Apple does not yet provide a command line option or environment variable to force "PASV" to be tried first. The Apple ftp client will work in interactive mode by entering the "epsv4" command before any data connections are opened.
OPTION 2 - (Solution) Use other distfile hosts as backup providers of the files.
OPTION 3 - (Partial solution) Fix the Portfile for readline (and possibly other ports) to not point to ftp servers which exhibit this problem. This is only a partial solution because we can't control what software will be used at these servers in the future, and we might run into the same problems again with new ports.
OPTION 4 - (NOT a solution) Wait for Apple to fix the behaviour of its command line ftp client and then use it. Who knows how long this might take?
OPTION 5 - (NOT a solution) Accept the workaround in Ticket 10320 as good enough. Most users don't have the level of sophistication needed to either figure out the workaround themselves, or to find documentation about the workaround. The install should simply work.
Change History (3)
comment:1 Changed 18 years ago by f.vincent@…
comment:2 Changed 17 years ago by kballard (Lily Ballard)
Resolution: | → invalid |
---|---|
Status: | new → closed |
Just set fetch.use_epsv to no in your Portfile. This is actually documented in portfile.7, though I don't know if it was documented back when this bug was opened.
As far as I know DarwinPort 1.0 used curl for fetching. The workaround for the EPSV issue was to create a .curlrc file containing '--disable-epsv' in the home directory.
With DarwinPort 1.1 or 1.2 (I can't remember), curl usage was replaced by libcurl. The .curlrc workaround was not working anymore. But it was then possible to force the usage of a proxy that correctly handle the EPSV command. To do that I use to set an environment variable all_proxy="some.proxy:some_port" or ftp_proxy="some.proxy:some_port". Apparently this workaround doesn't work anymore with MacPort 1.3...
Just my 2 cents worth.