Bug 19008

Summary: fetch -p doesn't use passive mode
Product: Base System Reporter: ken <ken>
Component: binAssignee: Dag-Erling Smørgrav <des>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 5.0-CURRENT   
Hardware: Any   
OS: Any   

Description ken 2000-06-05 04:10:00 UTC 
fetch -p doesn't fetch files using passive mode ftp, although if you set
the FTP_PASSIVE_MODE variable to "yes", it will.

Using capital P instead of lower case p doesn't make any difference.  (The
code is the same in the fetch source anyway.)

Fix: 

I don't have a fix.  I looked into this a little bit, and it looks like the
problem is likely somewhere in libftpio, but it wasn't obvious to me at
first glance what the problem is.
How-To-Repeat: 
Configure a machine with a firewall that denies most incoming packets, or
even just incoming packets from port 20.

Try fetching a file with passive mode ftp, like this:

fetch -p ftp://ftp.freebsd.org/pub/FreeBSD/README.TXT

Watch the firewall logs:

ipfw: 1040 Deny TCP 209.155.82.20:20 A.B.C.D:49159 in via de0
ipfw: 1040 Deny TCP 209.155.82.20:20 A.B.C.D:49159 in via de0
ipfw: 1040 Deny TCP 209.155.82.20:20 A.B.C.D:49159 in via de0
ipfw: 1040 Deny TCP 209.155.82.20:20 A.B.C.D:49159 in via de0

Obviously fetch used active mode instead of passive mode.  In passive mode,
the client connects to the server, not vice versa, as my firewall logs
show.

Interestingly enough, if you set FTP_PASSIVE_MODE to "yes", fetch will get
files in passive mode.
Comment 1 alex 2000-06-05 10:56:08 UTC 
Thus spake ken@kdm.org (ken@kdm.org):

> I don't have a fix.  I looked into this a little bit, and it looks like the
> problem is likely somewhere in libftpio, but it wasn't obvious to me at
> first glance what the problem is.

That is true. I noticed that bug a few weeks ago, too.

But since DES is replacing the current fetch with a new version at the
moment, which does support it, I don't think that anyone will fix
that.

The new fetch should be MFC'ed though, or the bug should be fixed in
3.x and 4.x at least.

Alex
-- 
I need a new ~/.sig.
Comment 2 Dag-Erling Smørgrav freebsd_committer freebsd_triage 2000-06-29 10:35:01 UTC 
Responsible Changed
From-To: freebsd-bugs->des

fetch(1) is mine.
Comment 3 des 2000-07-19 10:41:01 UTC 
3.4-STABLE doesn't seem to have this problem:

root@flood /usr/src/usr.bin/fetch# unset FTP_PASSIVE_MODE
root@flood /usr/src/usr.bin/fetch# fetch -pvvv ftp://ftp.freebsd.org/pub/FreeBSD/README.TXT
Sending: USER anonymous
sourcerer.freesoftware.com FTP server (Version DG-3.1.42 Thu Jul 6 14:10:01 PDT 2000) ready.
Guest login ok, send your email address as password.
Sending: PASS des@flood.ping.uio.no
Welcome to ftp.freesoftware.com - home FTP site for Walnut Creek CDROM.
There are currently 609 users out of 5000 possible.
[...]
Guest login ok, access restrictions apply.
Sending: TYPE I
Type set to I.
Sending: PASV
Entering Passive Mode (216,66,64,162,41,235)
Sending: CWD pub
CWD command successful.
Sending: CWD FreeBSD
CWD command successful.
Sending SIZE README.TXT
6139
Sending MDTM README.TXT
19991225011500
Sending PASV
Entering Passive Mode (216,66,64,162,41,242)
Sending: RETR README.TXT
Opening BINARY mode data connection for 'README.TXT' (6139 bytes).
Receiving README.TXT (6139 bytes)Sending: QUIT
Transfer complete.
Goodbye!
Receiving README.TXT (6139 bytes): 100%
6139 bytes transferred in 0.3 seconds  (22.48 Kbytes/s)

4.0-STABLE and 5.0-CURRENT have the new fetch(1), which does not
exhibit this bug either.

DES
-- 
Dag-Erling Smorgrav - des@flood.ping.uio.no
Comment 4 Dag-Erling Smørgrav freebsd_committer freebsd_triage 2000-07-19 10:41:14 UTC 
State Changed
From-To: open->closed

Seems to be fixed in 3.4. 4.0 and 5.0 have a different fetch(1) which does 
not have this bug.