I use curl to release new versions of software to ftp.gnu.org. I use curl in this manner: curl -# -T [filename] ftp://ftp-upload.gnu.org/incoming/ftp/ It's an anonymous login to upload, but files without known GPG signatures are thrown out. Verified files are moved to ftp.gnu.org. I found that the most recent version of curl failed to login to the server. I looked at it more closely and found that curl was sending 'USER anonymous' then 'PASS ftp' even after it received code 230 after the USER command. 230 means you are now logged in. I dug through the code and found the problem. Here's the fix: diff -up curl-7.16.4/lib/ftp.c.230 curl-7.16.4/lib/ftp.c --- curl-7.16.4/lib/ftp.c.230 2007-07-01 18:01:19.000000000 -0400 +++ curl-7.16.4/lib/ftp.c 2007-08-09 15:41:10.000000000 -0400 @@ -2372,7 +2372,7 @@ static CURLcode ftp_state_user_resp(stru (void)instate; /* no use for this yet */ /* some need password anyway, and others just return 2xx ignored */ - if((ftpcode == 331 || ftpcode/100 == 2) && (ftpc->state == FTP_USER)) { + if((ftpcode == 331) && (ftpc->state == FTP_USER)) { /* 331 Password required for ... (the server requires to send the user's password too) */ NBFTPSENDF(conn, "PASS %s", ftp->passwd?ftp->passwd:""); Pretty simple to fix.
Thanks for the patch, did you send it to upstream as well?
Applied.
FYI: this was already fixed upstream, and we've added a test case to hopefully avoid this regression in the future.