GNOME Bugzilla – Bug 516704
Be able to connect to an Active FTP Site
Last modified: 2009-06-16 10:41:16 UTC
I am not able to set up a Server using Active FTP from the Nautilus application. It works fine with Passive FTP, but I could not find an option to tell it to use Active FTP. Unfortunately, one of the sites which I administer does not allow Passive FTP.
Hi, FTP connection handling has been rewritten for 2.22.0. Is this still an issue with this latest version of Nautilus? Also, CC-ing Benjamin.
Yes, this is still not implemented.
*** Bug 579851 has been marked as a duplicate of this bug. ***
I'm not sure we want this feature, as it: - has various security implications - probably requires quite a bit of code to implement (might be easier with gnio now?) - isn't used very widely as almost all servers allow passive connections Any reasons why it's a good idea to support it? One reason it would make sense would be server-to-server transfers (FXP), but that would require even more code inside gvfs.
Well, Benjamin, the only reason I've subscribed to this bug is because I have to access a server with active ftp connectios and, of course, I cannot change how the server is configured. I don't understand the possible security implications this may be. But, if they are important, then it would be at least nice to gvfs to say something like: The connection cannot be stablished because the server use active ftp connections, which are unsecure. The best thing to do is to warn the server administrator. Currently, no error appears, a blank page is displayed, and the user has no idea what is going on, just giving the impresion that gvfs has a bug. In all cases, the best would be to allow the user to choose if he/she wants to connect to such unsecure connection, and not to uncoditionally forbid it, in which case the user will simply download another ftp conection interface and connect to the server anyway.
commit 2839922c259b848d7689d245a055c628754dc116 Author: Benjamin Otte <otte@gnome.org> Date: Mon Jun 15 23:03:26 2009 +0200 [FTP] Bug 516704 – Be able to connect to an Active FTP Site Add initial support for the PORT command. Support for EPRT and a non-ugly API are still missing. It turns out the security issues are only for ftp servers (You don't want to allow some random client to tell you where to you open connections, that's a good method to do bad things to internal network), the code required was not that much and someone had to test the new gnio APIs for servers, so all in all quite a few reasons to implement this. ;) I'll close this bug once EPRT support has landed.
Sorry Benjamin, I didn't understand your message. The bug is fixed, will not be fixed, there was some code changed? Someone (me?) can help testing something?
It means the first part of a fix has landed. If you don't use any non-standard things (like IPv6), git master should now connect to active ftp sites. The code for IPv6 will follow later, and then I'll close the bug.
commit 19a6bf345fdb8d445e4c3683e4ca0af0a0031f0b Author: Benjamin Otte <otte@gnome.org> Date: Tue Jun 16 11:16:27 2009 +0200 [FTP] add EPRT support The code does not support some corner cases that are listed in the RFC (see inline comments), but I suspect those will never be hit. We can add those when they are hit.