Michal Marek provided a patch for FTP that makes libcurl continue to try PASV

even after EPSV returned a positive response code, if libcurl failed to
connect to the port number the EPSV response said. Obviously some people are
going through protocol-sensitive firewalls (or similar) that don't understand
EPSV and then they don't allow the second connection unless PASV was
used. This also called for a minor fix of test case 238.

4 files changed, 31 insertions, 4 deletions

diff --git a/CHANGES b/CHANGES
index 16de2cb7c..d262cfb6f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,14 @@
 
                                   Changelog
 
+Daniel (24 January 2006)
+- Michal Marek provided a patch for FTP that makes libcurl continue to try
+  PASV even after EPSV returned a positive response code, if libcurl failed to
+  connect to the port number the EPSV response said. Obviously some people are
+  going through protocol-sensitive firewalls (or similar) that don't
+  understand EPSV and then they don't allow the second connection unless PASV
+  was used. This also called for a minor fix of test case 238.
+
 Daniel (20 January 2006)
 - Duane Cathey was one of our friends who reported that curl -P [IP]
   (CURLOPT_FTPPORT) didn't work for ipv6-enabed curls if the IP wasn't a
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index b1c5bd4f7..a06d5bca0 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -18,6 +18,7 @@ This release includes the following changes:
 
 This release includes the following bugfixes:
 
+ o Try PASV after failing to connect to the port the EPSV response contained
  o -P [IP] with ipv6-enabled curl
  o -P [hostname] with ipv6-disabled curl
  o libcurl.m4 was updated
@@ -45,6 +46,6 @@ advice from friends like these:
 
  Dov Murik, Jean Jacques Drouin, Andres Garcia, Yang Tse, Gisle Vanem, Dan
  Fandrich, Alexander Lazic, Michael Jahn, Andrew Benham, Bryan Henderson,
- David Shaw, Jon Turner, Duane Cathey
+ David Shaw, Jon Turner, Duane Cathey, Michal Marek
  
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/ftp.c b/lib/ftp.c
index 3cdcc32ef..ecb717696 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -1661,6 +1661,18 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
 
   Curl_resolv_unlock(data, addr); /* we're done using this address */
 
+  if (result && ftp->count1 == 0 && ftpcode == 229) {
+    infof(data, "got positive EPSV response, but can't connect. "
+          "Disabling EPSV\n");
+    /* disable it for next transfer */
+    conn->bits.ftp_use_epsv = FALSE;
+    data->state.errorbuf = FALSE; /* allow error message to get rewritten */
+    NBFTPSENDF(conn, "PASV", NULL);
+    ftp->count1++;
+    /* remain in the FTP_PASV state */
+    return result;
+ }
+
   if(result)
     return result;
 
diff --git a/tests/data/test238 b/tests/data/test238
index c314f6b7c..8e23b4fb0 100644
--- a/tests/data/test238
+++ b/tests/data/test238
@@ -8,26 +8,32 @@
 ftp
 </server>
  <name>
-FTP getting bad port in 229-response to EPSV
+FTP getting bad port in response to EPSV and in response to PASV
  </name>
  <command>
 ftp://%HOSTIP:%FTPPORT/238
 </command>
 <file name="log/ftpserver.cmd">
 REPLY EPSV 229 Entering Passiv Mode (|||1000000|)
+REPLY PASV 227 Entering Passiv Mode (1216,256,2,127,127,127)
 </file>
 </client>
 
 # Verify data after the test has been "shot"
 <verify>
-# 7 => CURLE_COULDNT_CONNECT
+# curl: (15) Can't resolve new host 1216.256.2.127:32639
+# 15 => CURLE_FTP_CANT_GET_HOST
+# some systems just don't fail on the illegal host name/address but instead
+# moves on and attempt to connect to... yes, to what?
+# 7= CURLE_COULDNT_CONNECT
 <errorcode>
-7
+7, 15
 </errorcode>
 <protocol>
 USER anonymous

 PASS curl_by_daniel@haxx.se

 PWD

 EPSV

+PASV

 </protocol>
 </verify>