Bug #47659 for Net-FTPSSL: Net-FTPSSL-0.09 ccc() does not perform bidirection SSL shutdown

Hi TJ, Nice catch on the FPTS/SFTP typo and thanks for providing the Perl info your program is running against. Per your request, attached is the test script I used to test out the ccc() command added in version 0.09. I should probably add it to 10- compex.t, but I never got arround to it. I hope I didn't introduce any typos when I took out some hard coded defaults to the main test server I used to test ccc() against. Just drop the script into the test directory with 10-compex.t and run it from there "perl t/05-ccc.t" Now I have bad news about your patch. I changed the value used for SSL_no_shudown from 1 to 0 and the patch hangs on my FTPS server. So it looks like the fix will have to be a bit more complex than just a one line change. Looks like some FTPS servers require it to be "1" and others require it to be "0" to work. So I'll have to look at making this value configurable somehow. Either as an argument to the ccc() command or as another option to "new". It's also possible that different versions of stop_SSL() work differently, or it's a Perl 5.8.8 vs 5.10 issue. We are using different versions of IO::Socket:SSL, v1.18 vs v1.24. So more research is needed on my end. Would you be willing to grant me temporary access to your FTPS server via a temporary account that Net::FTPSSL could use? So that I can quickly rule out a few things? So that I can verify the issue is strictly with your proftpd server and not our code differences. If you are willing, we can exchange that info off line via personal email addresses. Since I don't think you want that info floating around on a public site. Otherwise we might have to exchange updates to FTPSSL.pm between us as we try to rule out all the various differences. Thanks Curtis

# Before `make install' is performed this script should be runnable with # `make test'. After `make install' it should work as `perl ./t/10-complex.t' ######################### # Goal here is to give as many success messagse as possible. # Especially when not all FTP servers support all functions. # So the logic here can be a bit convoluted. use strict; use Test::More tests => 14; # plan tests => 40; # Can't use due to BEGIN block BEGIN { use_ok('Net::FTPSSL') } # Test # 1 sleep (1); # So test 1 completes before the message prints! diag( "\nYou can also perform a deeper test." ); diag( "Some information will be required for this test:" ); diag( "A secure ftp server address, a user, a password and a directory" ); diag( "where the user has permissions to read and write." ); my $more_test = ask_yesno("Do you want to make a deeper test"); SKIP: { skip "Deeper test skipped for some reason...", 40 unless $more_test; my( $address, $server, $port, $user, $pass, $dir, $mode, $data, $encrypt_mode ); $address = ask("Server address ( server.org[:port] )"); $address = "server.org" unless ($address); $user = ask("\tUser (default 'anonymous')"); $pass = ask("\tPassword (default 'user\@localhost')"); $dir = ask("\tDirectory (default <HOME>)"); $mode = uc (ask("\tConnection mode (I)mplicit, (E)xplicit, or (C)lear. (default 'E')")); if ( $mode eq CLR_CRYPT ) { $data = $encrypt_mode = ""; # Make sure not undef ... } else { $data = uc (ask("\tData Connection mode (C)lear or (P)rotected. (default 'P')")); $encrypt_mode = "T"; } ( $server, $port ) = split( /:/, $address ); # INET didn't support despite comments elsewhere. # my @svrs = split (/,\s*/, $server); # if (scalar (@svrs) > 1) { $server = \@svrs; } # Requested list of servers # $port = 21 unless $port; # Let FTPSSL provide the default port. $mode = EXP_CRYPT unless $mode =~ /^(I|E|C|)$/; $data = DATA_PROT_PRIVATE unless $data =~ /^(C|S|E|P|)$/; $user = 'anonymous' unless $user; $pass = 'user@localhost' unless $pass; $encrypt_mode = ($encrypt_mode eq "S") ? 1 : 0; # The main copy of the log file ... my $log_file = "./t/test_ccc_new.txt"; # ----------------------------------------------------------- # End of user interaction ... # ----------------------------------------------------------- # This section initializes an unsupported feature to Net::FTPSSL. # Code is left here so that I can easily revisit it in the future if needed. # That's why option SSL_Advanced is commented out below but left uncommented # here. Do not use this feature unless you absolutely have no choice! my %advanced_hash = ( SSL_version => ($encrypt_mode ? "SSLv23" : "TLSv1"), Timeout => 99 ); # ----------------------------------------------------------- my %callback_hash; # Delete test files from previous run unlink ("./t/test_file_new.tar.gz", "./t/FTPSSL.pm_new.tst", $log_file); # So we can save the Debug trace in a file from this test. open (OLDERR, ">&STDERR"); open (STDERR, "> $log_file"); print STDERR "\nNet-FTPSSL Version: " . $Net::FTPSSL::VERSION . "\n\n"; # Leave SSL_Advanced commented out ... Unsupported feature ... my $ftp = Net::FTPSSL->new( $server, Port => $port, Encryption => $mode, DataProtLevel => $data, useSSL => $encrypt_mode, # SSL_Advanced => \%advanced_hash, PreserveTimestamp => 1, Debug => 1, Trace => 1, Croak => 1 ); isa_ok( $ftp, 'Net::FTPSSL', 'Net::FTPSSL object creation' ); ok( $ftp->login ($user, $pass), "Login to $server" ); $dir = $ftp->pwd() unless $dir; ok( $ftp->cwd( $dir ), "Changed the dir to $dir" ); my $pwd = $ftp->pwd(); ok( defined $pwd, "Getting the directory: ($pwd)" ); $dir = $pwd unless (defined $pwd); # Convert relative to absolute path. # Turning off croak now that our environment is correct! $ftp->set_croak (0); ok( $ftp->noop(), "Noop test" ); ok( $ftp->binary (), 'putting FTP in binry mode' ); ok( $ftp->put( './t/test_file.tar.gz' ), "puting a test binary file on $dir" ); my @lst = $ftp->list (); ok( scalar @lst != 0, 'list() command' ); print_result (\@lst); # ----------------------------------------------- # Now check out the CCC command ... # ----------------------------------------------- ok( $ftp->ccc (), "The CCC command" ); print STDERR "CCC Command completed!\n"; ok( $ftp->pwd (), "The PWD command" ); @lst = $ftp->list (); ok( scalar @lst != 0, 'list() command' ); print_result (\@lst); ok( $ftp->binary (), 'putting FTP back in binary mode' ); ok( $ftp->delete( 'test_file.tar.gz' ), "deleting the test bin file on $server" ); # ----------------------------------------- # End put/get/rename/delete section ... # ----------------------------------------- $ftp->quit(); # Restore STDERR now that the tests are done! open (STDERR, ">&OLDERR"); if (1 == 2) { print OLDERR "\n"; # Perl gives warning if not present! (Not executed) } } sub ask { my $question = shift; diag("\n$question ? "); my $answer = <STDIN>; chomp $answer; return $answer; } sub ask_yesno { my $question = shift; diag("\n$question ? [y/N]"); my $answer = <STDIN>; chomp $answer; return $answer =~ /^y(es)*$/i ? 1 : 0; } # Save the results from the list() & nlst() calls. # Remember that STDERR should be redirected to a log file by now. sub print_result { my $lst = shift; # Tell the max number of entries you may print out. # Just in case the list is huge! my $cnt = 5; my $max = scalar (@{$lst}); print STDERR "------------- Found $max file(s) -----------------\n"; foreach (@{$lst}) { if ($cnt <= 0) { print STDERR "...\n"; print STDERR "($lst->[-1])\n"; last; } print STDERR "($_)\n"; --$cnt; } print STDERR "-----------------------------------------------\n"; } # Testing out the call back functionality of v0.07 on ... sub callback_func { my $ftps_function_name = shift; my $data_ref = shift; # The data to/from the data channel. my $data_len_ref = shift; # The size of the data buffer. my $total_len = shift; # The number of bytes to date. my $callback_data_ref = shift; # The callback work space. if ( $ftps_function_name =~ m/:list$/ ) { ${$data_ref} =~ s/[a-z]/\U$&/g; # Convert to upper case! # Reformat #'s Ex: 1234567 into 1,234,567. while ( ${$data_ref} =~ s/(\d)(\d{3}\D)/$1,$2/ ) { } ${$data_len_ref} = length (${$data_ref}); # May have changed data length! } elsif ( $ftps_function_name =~ m/:nlst$/ ) { ${$data_ref} =~ s/[a-z]/\U$&/g; # Convert to upper case! ${$data_ref} =~ s/^/[0]: /gm; # Add a prefix per line. # Make the prefix unique per line ... my $cnt = ++$callback_data_ref->{counter}; while ( ${$data_ref} =~ s/\[0\]/[$cnt]/) { $cnt = ++$callback_data_ref->{counter}; } # Fix so counter is correct for next time called! --$callback_data_ref->{counter}; ${$data_len_ref} = length (${$data_ref}); # Changed length of data! } else { print STDERR " *** Unexpected callback for $ftps_function_name! ***\n"; } return (); } # Testing out the end call back functionality of v0.07 on ... sub end_callback_func { my $ftps_function_name = shift; my $total_len = shift; # The total number of bytes sent out my $callback_data_ref = shift; # The callback work space. my $tail; # Additional data channel data to provide ... if ( $ftps_function_name =~ m/:nlst$/ ) { my $cnt; my $sep = ""; $tail = ""; foreach ("Junker", "T-Bird", "Coup", "Model-T", "Horse & Buggy") { $cnt = ++$callback_data_ref->{counter}; $tail .= $sep . "[$cnt]: $_!"; $sep = "\n"; } # So the next nlst call will start counting all over again! delete ($callback_data_ref->{counter}); } return ( $tail ); } # vim:ft=perl: