[Python-bugs-list] [Bug #126851] ftplib.py should default to passive mode

noreply@sourceforge.net noreply@sourceforge.net
Wed, 27 Dec 2000 15:16:22 -0800


Bug #126851, was updated on 2000-Dec-26 12:07
Here is a current snapshot of the bug.

Project: Python
Category: Python Library
Status: Open
Resolution: None
Bug Group: Feature Request
Priority: 4
Submitted by: flight
Assigned to : gvanrossum
Summary: ftplib.py should default to passive mode

Details: For the Debian package, there has been the request that the ftplib
module should by default use passive FTP. Any comments


[Forwarded from the Debian bug tracking system, bug#71823]
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=71823&repeatmerged=yes

Sender: Mike Fisk <mfisk@lanl.gov>
Package: python-base
Version: 1.5.2-10

This is an upstream bug that has existed for quite a while (probably
forever).

With many systems living behind firewalls (including their own ipchains
filters), passive FTP should be the default for FTP clients.  It always
has been for Netscape and there hasn't been much uproar about that being
bad.  Python's ftplib.py supports passive mode, but defaults to
non-passive mode.  ftplib.py is used by other Debian packages such as the
downloader in xanim-modules.  The result, when living behind many
firewalls, is that you can't download anything using ftplib.py or
urllib.py.

The patch to fix this is trivial:

--- /usr/lib/python1.5/ftplib.py        Sat Sep 16 14:31:35 2000
+++ /tmp/ftplib.py      Sat Sep 16 14:31:24 2000
@@ -112,7 +112,7 @@
                - port: port to connect to (integer, default previous
port)'''
                if host: self.host = host
                if port: self.port = port
-               self.passiveserver = 0
+               self.passiveserver = 1
                self.sock = socket.socket(socket.AF_INET,
socket.SOCK_STREAM)
                self.sock.connect(self.host, self.port)
                self.file = self.sock.makefile('rb')

-- 
Mike Fisk, RADIANT Team, Network Engineering Group, Los Alamos National
Lab
See http://home.lanl.gov/mfisk/ for contact information

Follow-Ups:

Date: 2000-Dec-27 15:16
By: gvanrossum

Comment:
Hmm...  I like the proposed patch.

I don't know about ftp'ing into a firewall -- why would that be common?
Typically ftp servers live outside firewalls because ftp is considered
insecure...

-------------------------------------------------------

Date: 2000-Dec-27 14:13
By: twouters

Comment:
For what it's worth, I mildly agree that passive mode should be the
default. However, it does have potential for breaking stuff: using
passive-ftp *into* a firewall, instead of out of one, doesn't work. And I'm
pretty sure that Python's ftplib is used much more often in that manner
than is Netscape or whatever other ftp client defaults to passive. It's
probably not much, but I think it's enough to think twice about changing
the default ;P



-------------------------------------------------------

For detailed info, follow this link:
http://sourceforge.net/bugs/?func=detailbug&bug_id=126851&group_id=5470