On 1/20/11 8:58:48 AM, Daniel Stenberg wrote:
On Thu, 20 Jan 2011, Michael Wood wrote:

OK, so the server thinks there's nothing wrong with EPSV, but libcurl couldn't connect, so when libcurl retried with PASV, the server says "Hey! What are you doing? You already asked me to open a port for EPSV and now you want me to open another one for PASV???"

I think the only way libcurl can deal with this is to close the control channel after the EPSV failed and then open a new one when trying the PASV. Unless maybe an ABOR command would work. But, first try the latest version of libcurl, because it might already do something like this. I have not checked.

You're right, after the failed connect I suppose libcurl needs to do either an ABOR or a complete close, and it doesn't do any of that now even in the current version.

However, judging from that output, it wouldn't completely solve this issue as it takes 75 seconds to fail anyway. That failure seems to be network-related (like a firewall) and just about the only way to avoid that problem is to not even try EPSV...


I'm back with the EPSV vs PASV issue - thanks again Daniel and Michael for making this issue more clear.

So here's my findings so far:

-About 15 servers that don't like EPSV were reported. curl tries to connect with EPSV, then switches to PASV after a 75 sec wait and either fails (as in my previous example) or connects. If EPSV is disabled, curl connects with no problems.

Here's an example of successful connection after waiting 75 sec and switching to PASV:

* About to connect() to port 21 (#0)
*   Trying connected
* Connected to ( port 21 (#0)
< 220 FTP Server 205 ready.
< 331 Please specify the password.
 PASS <***>
< 230 Login successful.
< 257 "/"
* Entry path is '/'
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||24440|)

<75 sec wait>

*   Trying Operation timed out
* couldn't connect to host
* got positive EPSV response, but can't connect. Disabling EPSV
< 227 Entering Passive Mode (145,243,189,65,131,198)
*   Trying connected
* Connecting to ( port 33734
< 200 Switching to ASCII mode.
< 150 Here comes the directory listing.
* Maxdownload = -1
-rw-r--r-- 1 ftp ftp 2129482 Jan 30 17:38 GES_KU_STU300111_019.JPG -rw-r--r-- 1 ftp ftp 2170928 Jan 30 17:39 GES_KU_STU300111_020.JPG
drwxr-xr-x    2 ftp      ftp          1024 Jan 30 03:10 MSSP_Pauli-K?ln
drwxr-xr-x    2 ftp      ftp           512 Jan 30 08:35 Pauli_K?ln
drwxr-xr-x    3 ftp      ftp          1536 Jan 30 17:17 _gsdata_
-rw-r--r-- 1 ftp ftp 1641858 Jan 30 16:36 rudel_vfb-freiburg35.jpg -rw-r--r-- 1 ftp ftp 421952 Jan 30 17:39 rudel_vfb-freiburg38.jpg -rw-r--r-- 1 ftp ftp 588405 Jan 30 16:38 rudel_vfb-freiburg39.jpg
* Remembering we are in dir ""
< 226 Directory send OK.
* Connection #0 to host left intact
< 221 Goodbye.
* Closing connection #0

-One server that does exactly the opposite: it doesn't accept PASV. curl can only connect with EPSV enabled. I know that this server is behind a small Firewall and it's Windows 2008 64 bit Microsoft FTP Service from IIS 7 (if it makes any difference).

Here's a log of connection attempt with EPSV disabled:

* About to connect() to www.xeen3d.de port 21 (#0)
*   Trying connected
* Connected to www.xeen3d.de ( port 21 (#0)
< 220 ----------------------- xeen3d -------------------------
 USER ftptest
< 331 Password required for ftptest.
 PASS <***>
< 230-Welcome to xeen3d FTP Server
<     Directory has 28,281,733,120 bytes of disk space available.
< 230 User logged in.
< 257 "/" is current directory.
* Entry path is '/'
* Connect data stream passively
< 227 Entering Passive Mode (87,193,152,189,19,141).

<75 sec wait>

*   Trying Operation timed out
* couldn't connect to host
* Closing connection #0
curl: (7) couldn't connect to host

-Other FTP clients I tried (Cyberduck and Transmit) connect to all sites with no problems.

I'm on Mac OS X 10.5.8, still with libcurl 7.16.3 - but from what Daniel said I understand that later versions wouldn't change anything in this area.

So is there a way to make curl choose the correct method (EPSV/PASV) automatically? Am I missing something? (BTW, the same question applies to choosing between passive and active mode).

I LOVE curl, but obviously I want to understand why I can't achieve something that other FTP clients can - and if I can achieve this, then what am I doing wrong?


List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html

Reply via email to