Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 578020

Summary: net-fs/curlftpfs-0.9.2-r3 - input/output error with net-misc/curl[gnutls]
Product: Gentoo Linux Reporter: Dblmok <dblmok115>
Component: Current packagesAssignee: Sergei Trofimovich (RETIRED) <slyfox>
Status: RESOLVED WORKSFORME    
Severity: normal CC: alonbl
Priority: Normal    
Version: unspecified   
Hardware: x86   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: emerge.info

Description Dblmok 2016-03-22 19:21:13 UTC
Created attachment 428780 [details]
emerge.info

Curlftps return input/output error after mount remote file server with FTP/TLS explicit.
Tested on different servers, same result.


Reproducible: Always

Steps to Reproduce:
curlftpfs -v -o user=demo,ssl,tlsv1,no_verify_peer  ftp://test.rebex.net /mnt/ftp/
ls /mnt/ftp
ls: reading directory '/mnt/ftp': Input/output error


Server in example is public, you can use it to reproduce bug
(password = 'password')


curlftpfs -V
curlftpfs 0.9.2 libcurl/7.47.1 fuse/2.9
Comment 1 Sergei Trofimovich (RETIRED) gentoo-dev 2016-03-24 22:42:27 UTC
Tried to do the same on ftp://test.rebex.net. It works for me.
Slightly different versions of stuff here though.

$ curlftpfs -V
curlftpfs 0.9.2 libcurl/7.48.0 fuse/2.9

Let's try to look into what happens (added -d -f):

    $ curlftpfs -f -d -v -o user=demo,ssl,tlsv1,no_verify_peer  ftp://test.rebex.net test.rebex.net/

and run the 'ls' test. I hope curlftpsfs to log useful stuff.
Comment 2 Dblmok 2016-03-29 13:42:23 UTC
Reproducible: Always for background mode

-d      already implies -f

test with additional command line keys, test results:
"-d -f" ls worked
"-d   " ls worked
"-f"    ls worked
" "     ls return i/o error
Comment 3 Dblmok 2016-03-29 14:00:13 UTC
test with another server - test fail with both modes (background and foregrund)
log of another server:

curlftpfs -f -d -v -o user=XXX,ssl,tlsv1,no_verify_peer  ftp://XXX/ /mnt/ftpw
Enter host password for user 'XXX':
* Couldn't find host XXX in the .netrc file; using defaults
*   Trying X.X.X.X...
* Connected to XXX (X.X.X.X) port 21 (#0)
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 1 of 50 allowed.
< 220-Local time is now 16:43. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> AUTH SSL
< 500 This security scheme is not implemented
> AUTH TLS
< 234 AUTH TLS OK.
* Initializing NSS with certpath: none
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* ALPN/NPN, server did not agree to a protocol
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: XXX
> USER XXX
< 331 User XXX OK. Password required
> PASS XXX
< 230 OK. Current restricted directory is /
> PBSZ 0
< 200 PBSZ=0
> PROT P
< 200 Data protection level set to "private"
> PWD
< 257 "/" is your current location
* Entry path is '/'
* ftp_perform ends with SECONDARY: 0
* Remembering we are in dir ""
* Connection #0 to host XXX left intact
FUSE library version: 2.9.5
nullpath_ok: 0
nopath: 0
utime_omit_ok: 0
unique: 1, opcode: INIT (26), nodeid: 0, insize: 56, pid: 0
INIT: 7.23
flags=0x0003f7fb
max_readahead=0x00020000
   INIT: 7.19
   flags=0x00000011
   max_readahead=0x00020000
   max_write=0x00020000
   max_background=0
   congestion_threshold=0
   unique: 1, success, outsize: 40
unique: 2, opcode: GETATTR (3), nodeid: 1, insize: 56, pid: 23237
getattr /
* Couldn't find host XXX in the .netrc file; using defaults
* Found bundle for host XXX: 0x8d79a50 [serially]
* Re-using existing connection! (#0) with host XXX
* Connected to XXX(195.19.40.178) port 21 (#0)
* Request has same path as previous transfer
> PASV
* Connect data stream passively
* ftp_perform ends with SECONDARY: 0
< 227 Entering Passive Mode (X.X.X.X)
*   Trying X.X.X.X...
* Connecting to X.X.X.X (X.X.X.X) port 30022
* Connected to XXX (X.X.X.X) port 21 (#0)
> TYPE A
< 200 TYPE is now ASCII
> LIST -a
< 150 Accepted data connection
* Maxdownload = -1
* Doing the SSL/TLS handshake on the data stream
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* ALPN/NPN, server did not agree to a protocol
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:XXX
* Remembering we are in dir ""
* response reading failed
* Connection #0 to host XXX left intact
   unique: 2, success, outsize: 120
unique: 3, opcode: OPENDIR (27), nodeid: 1, insize: 48, pid: 23237
   unique: 3, success, outsize: 32
unique: 4, opcode: READDIR (28), nodeid: 1, insize: 80, pid: 23237
getdir[0]
* Couldn't find host XXX in the .netrc file; using defaults
* Found bundle for host XXX: 0x8d79a50 [serially]
* Connection 0 seems to be dead!
* Closing connection 0
* Hostname XXX was found in DNS cache
*   Trying X.X.X.X...
* Connected to XXX (X.X.X.X) port 21 (#1)
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 1 of 50 allowed.
< 220-Local time is now 16:43. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> AUTH SSL
< 500 This security scheme is not implemented
> AUTH TLS
< 234 AUTH TLS OK.
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* ALPN/NPN, server did not agree to a protocol
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: XXX
> USER XXX
< 331 User X.X.X.X OK. Password required
> PASS XXX
< 230 OK. Current restricted directory is /
> PBSZ 0
< 200 PBSZ=0
> PROT P
< 200 Data protection level set to "private"
> PWD
< 257 "/" is your current location
* Entry path is '/'
> PASV
* Connect data stream passively
* ftp_perform ends with SECONDARY: 0
< 227 Entering Passive Mode (X.X.X.X)
*   Trying X.X.X.X...
* Connecting to X.X.X.X (X.X.X.X) port 30028
* Connected to XXX(X.X.X.X) port 21 (#1)
> TYPE A
< 200 TYPE is now ASCII
> LIST -a
< 150 Accepted data connection
* Maxdownload = -1
* Doing the SSL/TLS handshake on the data stream
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* ALPN/NPN, server did not agree to a protocol
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: XXX
* Remembering we are in dir ""
* response reading failed
* Connection #1 to host XXX left intact
ftpfs: operation ftpfs_getdir failed because Input/output error
   unique: 4, error: -5 (Input/output error), outsize: 16
unique: 5, opcode: RELEASEDIR (29), nodeid: 1, insize: 64, pid: 0
   unique: 5, success, outsize: 16
Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev 2016-03-30 08:23:22 UTC
Does it work if you rebuild curl with USE=-gnutls?
Comment 5 Dblmok 2016-03-31 17:54:47 UTC
update curl to latest, same issue
curlftpfs -V
curlftpfs 0.9.2 libcurl/7.48.0 fuse/2.9


test different ssl libs, test results

gnutls, test fail:
* ALPN, server did not agree to a protocol
* GnuTLS recv error (-110): The TLS connection was non-properly terminated.
* Closing connection 0
ftpfs: operation ftpfs_getdir failed because Input/output error
   unique: 4, error: -5 (Input/output error), outsize: 16
unique: 5, opcode: RELEASEDIR (29), nodeid: 1, insize: 64, pid: 0
   unique: 5, success, outsize: 16

nss, test fail:
* Remembering we are in dir ""
* response reading failed
* Connection #1 to host XXXX left intact
ftpfs: operation ftpfs_getdir failed because Input/output error
   unique: 4, error: -5 (Input/output error), outsize: 16
unique: 5, opcode: RELEASEDIR (29), nodeid: 1, insize: 64, pid: 0
   unique: 5, success, outsize: 16


openssl, test ok (ls works)
solve problem for me.
Comment 6 Alon Bar-Lev (RETIRED) gentoo-dev 2017-04-28 07:46:55 UTC
Working for me with:

$ curl -V
curl 7.54.0 (x86_64-pc-linux-gnu) libcurl/7.54.0 GnuTLS/3.5.11 zlib/1.2.11
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp 
Features: IPv6 Largefile GSS-API Kerberos SPNEGO NTLM SSL libz TLS-SRP UnixSockets HTTPS-proxy 

And:

$ curl -V
curl 7.53.0 (x86_64-pc-linux-gnu) libcurl/7.53.0 GnuTLS/3.5.11 zlib/1.2.11
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp 
Features: IPv6 Largefile GSS-API Kerberos SPNEGO NTLM SSL libz TLS-SRP UnixSockets HTTPS-proxy 

With:

$ curlftpfs -o user=demo,ssl,tlsv1,no_verify_peer  ftp://test.rebex.net /tmp/x
$ ls /tmp/x
aspnet_client  pub  readme.txt

$ curlftpfs -V
curlftpfs 0.9.2 libcurl/7.53.0 fuse/2.9

sys-fs/fuse-2.9.7
net-misc/curl-7.53.0
net-fs/curlftpfs-0.9.2-r3
Comment 7 Alon Bar-Lev (RETIRED) gentoo-dev 2017-04-28 07:47:40 UTC
Please reopen if reproduced for a server that we can access.