Created attachment 428780 [details] emerge.info Curlftps return input/output error after mount remote file server with FTP/TLS explicit. Tested on different servers, same result. Reproducible: Always Steps to Reproduce: curlftpfs -v -o user=demo,ssl,tlsv1,no_verify_peer ftp://test.rebex.net /mnt/ftp/ ls /mnt/ftp ls: reading directory '/mnt/ftp': Input/output error Server in example is public, you can use it to reproduce bug (password = 'password') curlftpfs -V curlftpfs 0.9.2 libcurl/7.47.1 fuse/2.9
Tried to do the same on ftp://test.rebex.net. It works for me. Slightly different versions of stuff here though. $ curlftpfs -V curlftpfs 0.9.2 libcurl/7.48.0 fuse/2.9 Let's try to look into what happens (added -d -f): $ curlftpfs -f -d -v -o user=demo,ssl,tlsv1,no_verify_peer ftp://test.rebex.net test.rebex.net/ and run the 'ls' test. I hope curlftpsfs to log useful stuff.
Reproducible: Always for background mode -d already implies -f test with additional command line keys, test results: "-d -f" ls worked "-d " ls worked "-f" ls worked " " ls return i/o error
test with another server - test fail with both modes (background and foregrund) log of another server: curlftpfs -f -d -v -o user=XXX,ssl,tlsv1,no_verify_peer ftp://XXX/ /mnt/ftpw Enter host password for user 'XXX': * Couldn't find host XXX in the .netrc file; using defaults * Trying X.X.X.X... * Connected to XXX (X.X.X.X) port 21 (#0) < 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- < 220-You are user number 1 of 50 allowed. < 220-Local time is now 16:43. Server port: 21. < 220-This is a private system - No anonymous login < 220-IPv6 connections are also welcome on this server. < 220 You will be disconnected after 15 minutes of inactivity. > AUTH SSL < 500 This security scheme is not implemented > AUTH TLS < 234 AUTH TLS OK. * Initializing NSS with certpath: none * warning: ignoring value of ssl.verifyhost * skipping SSL peer certificate verification * ALPN/NPN, server did not agree to a protocol * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: XXX > USER XXX < 331 User XXX OK. Password required > PASS XXX < 230 OK. Current restricted directory is / > PBSZ 0 < 200 PBSZ=0 > PROT P < 200 Data protection level set to "private" > PWD < 257 "/" is your current location * Entry path is '/' * ftp_perform ends with SECONDARY: 0 * Remembering we are in dir "" * Connection #0 to host XXX left intact FUSE library version: 2.9.5 nullpath_ok: 0 nopath: 0 utime_omit_ok: 0 unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0 INIT: 7.23 flags=0x0003f7fb max_readahead=0x00020000 INIT: 7.19 flags=0x00000011 max_readahead=0x00020000 max_write=0x00020000 max_background=0 congestion_threshold=0 unique: 1, success, outsize: 40 unique: 2, opcode: GETATTR (3), nodeid: 1, insize: 56, pid: 23237 getattr / * Couldn't find host XXX in the .netrc file; using defaults * Found bundle for host XXX: 0x8d79a50 [serially] * Re-using existing connection! (#0) with host XXX * Connected to XXX(195.19.40.178) port 21 (#0) * Request has same path as previous transfer > PASV * Connect data stream passively * ftp_perform ends with SECONDARY: 0 < 227 Entering Passive Mode (X.X.X.X) * Trying X.X.X.X... * Connecting to X.X.X.X (X.X.X.X) port 30022 * Connected to XXX (X.X.X.X) port 21 (#0) > TYPE A < 200 TYPE is now ASCII > LIST -a < 150 Accepted data connection * Maxdownload = -1 * Doing the SSL/TLS handshake on the data stream * warning: ignoring value of ssl.verifyhost * skipping SSL peer certificate verification * ALPN/NPN, server did not agree to a protocol * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate:XXX * Remembering we are in dir "" * response reading failed * Connection #0 to host XXX left intact unique: 2, success, outsize: 120 unique: 3, opcode: OPENDIR (27), nodeid: 1, insize: 48, pid: 23237 unique: 3, success, outsize: 32 unique: 4, opcode: READDIR (28), nodeid: 1, insize: 80, pid: 23237 getdir[0] * Couldn't find host XXX in the .netrc file; using defaults * Found bundle for host XXX: 0x8d79a50 [serially] * Connection 0 seems to be dead! * Closing connection 0 * Hostname XXX was found in DNS cache * Trying X.X.X.X... * Connected to XXX (X.X.X.X) port 21 (#1) < 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- < 220-You are user number 1 of 50 allowed. < 220-Local time is now 16:43. Server port: 21. < 220-This is a private system - No anonymous login < 220-IPv6 connections are also welcome on this server. < 220 You will be disconnected after 15 minutes of inactivity. > AUTH SSL < 500 This security scheme is not implemented > AUTH TLS < 234 AUTH TLS OK. * warning: ignoring value of ssl.verifyhost * skipping SSL peer certificate verification * ALPN/NPN, server did not agree to a protocol * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: XXX > USER XXX < 331 User X.X.X.X OK. Password required > PASS XXX < 230 OK. Current restricted directory is / > PBSZ 0 < 200 PBSZ=0 > PROT P < 200 Data protection level set to "private" > PWD < 257 "/" is your current location * Entry path is '/' > PASV * Connect data stream passively * ftp_perform ends with SECONDARY: 0 < 227 Entering Passive Mode (X.X.X.X) * Trying X.X.X.X... * Connecting to X.X.X.X (X.X.X.X) port 30028 * Connected to XXX(X.X.X.X) port 21 (#1) > TYPE A < 200 TYPE is now ASCII > LIST -a < 150 Accepted data connection * Maxdownload = -1 * Doing the SSL/TLS handshake on the data stream * warning: ignoring value of ssl.verifyhost * skipping SSL peer certificate verification * ALPN/NPN, server did not agree to a protocol * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * Server certificate: XXX * Remembering we are in dir "" * response reading failed * Connection #1 to host XXX left intact ftpfs: operation ftpfs_getdir failed because Input/output error unique: 4, error: -5 (Input/output error), outsize: 16 unique: 5, opcode: RELEASEDIR (29), nodeid: 1, insize: 64, pid: 0 unique: 5, success, outsize: 16
Does it work if you rebuild curl with USE=-gnutls?
update curl to latest, same issue curlftpfs -V curlftpfs 0.9.2 libcurl/7.48.0 fuse/2.9 test different ssl libs, test results gnutls, test fail: * ALPN, server did not agree to a protocol * GnuTLS recv error (-110): The TLS connection was non-properly terminated. * Closing connection 0 ftpfs: operation ftpfs_getdir failed because Input/output error unique: 4, error: -5 (Input/output error), outsize: 16 unique: 5, opcode: RELEASEDIR (29), nodeid: 1, insize: 64, pid: 0 unique: 5, success, outsize: 16 nss, test fail: * Remembering we are in dir "" * response reading failed * Connection #1 to host XXXX left intact ftpfs: operation ftpfs_getdir failed because Input/output error unique: 4, error: -5 (Input/output error), outsize: 16 unique: 5, opcode: RELEASEDIR (29), nodeid: 1, insize: 64, pid: 0 unique: 5, success, outsize: 16 openssl, test ok (ls works) solve problem for me.
Working for me with: $ curl -V curl 7.54.0 (x86_64-pc-linux-gnu) libcurl/7.54.0 GnuTLS/3.5.11 zlib/1.2.11 Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp Features: IPv6 Largefile GSS-API Kerberos SPNEGO NTLM SSL libz TLS-SRP UnixSockets HTTPS-proxy And: $ curl -V curl 7.53.0 (x86_64-pc-linux-gnu) libcurl/7.53.0 GnuTLS/3.5.11 zlib/1.2.11 Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp Features: IPv6 Largefile GSS-API Kerberos SPNEGO NTLM SSL libz TLS-SRP UnixSockets HTTPS-proxy With: $ curlftpfs -o user=demo,ssl,tlsv1,no_verify_peer ftp://test.rebex.net /tmp/x $ ls /tmp/x aspnet_client pub readme.txt $ curlftpfs -V curlftpfs 0.9.2 libcurl/7.53.0 fuse/2.9 sys-fs/fuse-2.9.7 net-misc/curl-7.53.0 net-fs/curlftpfs-0.9.2-r3
Please reopen if reproduced for a server that we can access.
