Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 251570 - on FTP uploads, curl still tries to send PASS even if server returned code 230
on FTP uploads, curl still tries to send PASS even if server returned code 230
Product: Fedora
Classification: Fedora
Component: curl (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Jindrich Novy
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-08-09 15:54 EDT by David Cantrell
Modified: 2013-07-02 19:22 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-08-10 07:42:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description David Cantrell 2007-08-09 15:54:24 EDT
I use curl to release new versions of software to ftp.gnu.org.  I use curl in
this manner:

curl -# -T [filename] ftp://ftp-upload.gnu.org/incoming/ftp/

It's an anonymous login to upload, but files without known GPG signatures are
thrown out.  Verified files are moved to ftp.gnu.org.

I found that the most recent version of curl failed to login to the server.  I
looked at it more closely and found that curl was sending 'USER anonymous' then
'PASS ftp@example.com' even after it received code 230 after the USER command. 
230 means you are now logged in.

I dug through the code and found the problem.  Here's the fix:

diff -up curl-7.16.4/lib/ftp.c.230 curl-7.16.4/lib/ftp.c
--- curl-7.16.4/lib/ftp.c.230   2007-07-01 18:01:19.000000000 -0400
+++ curl-7.16.4/lib/ftp.c       2007-08-09 15:41:10.000000000 -0400
@@ -2372,7 +2372,7 @@ static CURLcode ftp_state_user_resp(stru
   (void)instate; /* no use for this yet */
   /* some need password anyway, and others just return 2xx ignored */
-  if((ftpcode == 331 || ftpcode/100 == 2) && (ftpc->state == FTP_USER)) {
+  if((ftpcode == 331) && (ftpc->state == FTP_USER)) {
     /* 331 Password required for ...
        (the server requires to send the user's password too) */
     NBFTPSENDF(conn, "PASS %s", ftp->passwd?ftp->passwd:"");

Pretty simple to fix.
Comment 1 Jindrich Novy 2007-08-10 06:10:04 EDT
Thanks for the patch, did you send it to upstream as well?
Comment 2 Jindrich Novy 2007-08-10 07:43:06 EDT
Comment 3 Daniel Stenberg 2007-08-18 16:41:26 EDT
FYI: this was already fixed upstream, and we've added a test case to hopefully
avoid this regression in the future.

Note You need to log in before you can comment on or make changes to this bug.