Bug 11190

Summary: Ange-ftp is broken in Emacs 20.5.1
Product: [Retired] Red Hat Linux Reporter: Brad Kittredge <bmk>
Component: wu-ftpdAssignee: Bernhard Rosenkraenzer <bero>
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-05-09 13:59:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Brad Kittredge 2000-05-03 03:21:42 UTC 
Ange-ftp will not successfully complete a login.  When trying to login to
an ftp server, the response is always:

FTP Error: USER request failed: 530 Please login with USER and PASS.

Ange-ftp still works with Emacs 20.4.1 shipped in Redhat 6.1, and it works
as well in versions on other platforms.  The problem is specific to this
installation, AFAIK.  This problem occurs on a clean installation of 6.2,
not an upgrade.
Comment 1 Trond Eivind Glomsrxd 2000-05-03 13:51:59 UTC 
The problem is probably that you have /usr/kerberos/bin in your path before
/bin. The ange-ftp shipped with emacs 20.5 doesn't seem to be able to use this
for non-kerberosized logins. To work around it: remove krb5-workstation from
your system or place /usr/bin first in your path.
Comment 2 Brad Kittredge 2000-05-04 02:16:59 UTC 
Changing the path variable in /etc/profile.d/krb5.sh to:

PATH="$PATH":/usr/kerberos/bin

fixed the problem.  Thanks.
Comment 3 Trond Eivind Glomsrxd 2000-05-09 13:59:59 UTC 
There are two parts of this problem - ange-ftps inability to parse correct
response, and bad response from the wu-ftpd we ship(*). Ange-ftp has been
patched in 20.6-8 (which we be in the next rawhide), and I'm now setting this a
wu-ftpd bug. The patched emacs should work with some ftp servers (but for most
people, just making sure that the kerberos ftp isn't the one used will solve the
problem)


(*) From Eric Marsden:
************************************************************************

according to the state diagrams in RFC959, the only replies allowed
upon connection establishment are 120 then 220, 220, and 421. Your
scenario shows connection establishment leading to a 220, unsuccessful
out of band kerberos authentication, then a 530.

>From the point of view of the FTP command connection this doesn't
conform to the state diagram, so it's unreasonable to expect an FTP
client to be able to handle it.

It seems to me that the ftpd could incorporate kerberos authentication
while staying RFC-compliant by sending a 230 (instead of 331) response
to the `USER' command if out of band authentication was successful.
***********************************************************************
Comment 4 Bernhard Rosenkraenzer 2000-08-30 09:58:26 UTC 
The response can't be fixed as it's a PAM issue (ftp and pam don't go well
together).