Bug 11190
Summary: | Ange-ftp is broken in Emacs 20.5.1 | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Brad Kittredge <bmk> |
Component: | wu-ftpd | Assignee: | Bernhard Rosenkraenzer <bero> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.2 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2000-05-09 13:59:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Brad Kittredge
2000-05-03 03:21:42 UTC
The problem is probably that you have /usr/kerberos/bin in your path before /bin. The ange-ftp shipped with emacs 20.5 doesn't seem to be able to use this for non-kerberosized logins. To work around it: remove krb5-workstation from your system or place /usr/bin first in your path. Changing the path variable in /etc/profile.d/krb5.sh to: PATH="$PATH":/usr/kerberos/bin fixed the problem. Thanks. There are two parts of this problem - ange-ftps inability to parse correct
response, and bad response from the wu-ftpd we ship(*). Ange-ftp has been
patched in 20.6-8 (which we be in the next rawhide), and I'm now setting this a
wu-ftpd bug. The patched emacs should work with some ftp servers (but for most
people, just making sure that the kerberos ftp isn't the one used will solve the
problem)
(*) From Eric Marsden:
************************************************************************
according to the state diagrams in RFC959, the only replies allowed
upon connection establishment are 120 then 220, 220, and 421. Your
scenario shows connection establishment leading to a 220, unsuccessful
out of band kerberos authentication, then a 530.
>From the point of view of the FTP command connection this doesn't
conform to the state diagram, so it's unreasonable to expect an FTP
client to be able to handle it.
It seems to me that the ftpd could incorporate kerberos authentication
while staying RFC-compliant by sending a 230 (instead of 331) response
to the `USER' command if out of band authentication was successful.
***********************************************************************
The response can't be fixed as it's a PAM issue (ftp and pam don't go well together). |