Hide Forgot
I use curl to release new versions of software to ftp.gnu.org. I use curl in this manner: curl -# -T [filename] ftp://ftp-upload.gnu.org/incoming/ftp/ It's an anonymous login to upload, but files without known GPG signatures are thrown out. Verified files are moved to ftp.gnu.org. I found that the most recent version of curl failed to login to the server. I looked at it more closely and found that curl was sending 'USER anonymous' then 'PASS ftp@example.com' even after it received code 230 after the USER command. 230 means you are now logged in. I dug through the code and found the problem. Here's the fix: diff -up curl-7.16.4/lib/ftp.c.230 curl-7.16.4/lib/ftp.c --- curl-7.16.4/lib/ftp.c.230 2007-07-01 18:01:19.000000000 -0400 +++ curl-7.16.4/lib/ftp.c 2007-08-09 15:41:10.000000000 -0400 @@ -2372,7 +2372,7 @@ static CURLcode ftp_state_user_resp(stru (void)instate; /* no use for this yet */ /* some need password anyway, and others just return 2xx ignored */ - if((ftpcode == 331 || ftpcode/100 == 2) && (ftpc->state == FTP_USER)) { + if((ftpcode == 331) && (ftpc->state == FTP_USER)) { /* 331 Password required for ... (the server requires to send the user's password too) */ NBFTPSENDF(conn, "PASS %s", ftp->passwd?ftp->passwd:""); Pretty simple to fix.
Thanks for the patch, did you send it to upstream as well?
Applied.
FYI: this was already fixed upstream, and we've added a test case to hopefully avoid this regression in the future.