Bug #62849 for Net-FTPSSL: Change to improve response handling.

Mon Nov 08 11:43:16 2010 tom [...] claimlynx.com - Ticket created

Subject:

Change to improve response handling.

I have attached a patch that is intended to improve the way that the FTPSSL module handles multi-line responses from the server. We recently turned on a multi-line login banner on our FTPS servers, which causes breakage in Net::FTPSSL (the login banner gets read as output for subsequent commands). The problem appears to be (I am not an expert) that the sysread call only gets a single line of text each time it is called. My solution is to continue calling sysread until we receive a line that is formatted as we expect, giving up after 10 lines. My solution works for our situation, but it could definitely be improved (read until no data returned or match found?). I have not seen any regression issues, but we use this module in a very limited scope (nagios connectivity check to our FTPS servers). The attached diff includes my changes to the module. There are some irrelevant versioning changes because I am tracking my changes in our local subversion. Distribution: Net-FTPSSL-0.04 Perl: v5.10.1 OS: FreeBSD 8.0-RELEASE-p2 FreeBSD 8.0-RELEASE-p2 #2

Subject:

ftpssl.diff

--- Net-FTPSSL-0.04/FTPSSL.pm 2005-10-23 09:37:12.000000000 -0500 +++ FTPSSL.pm 2010-11-08 09:55:16.000000000 -0600 @@ -2,7 +2,7 @@ # Author : kral <kral at paranici dot org> # Created : 01 March 2005 # Version : 0.04 -# Revision: $Id: FTPSSL.pm,v 1.24 2005/10/23 14:37:12 kral Exp $ +# Revision: $Id: FTPSSL.pm 268 2010-11-01 17:56:35Z tom $ package Net::FTPSSL; @@ -15,7 +15,7 @@ use Carp qw( carp croak ); use Errno qw/ EINTR /; -$VERSION = "0.04"; +$VERSION = "0.05"; @EXPORT = qw( IMP_CRYPT EXP_CRYPT ); use constant IMP_CRYPT => "I"; @@ -654,36 +654,31 @@ } sub response { - my $self = shift; - my ( $data, $code ); - - my $read = sysread( $self, $data, 4096); - unless( defined $read ) { - croak "Can't read on socket: $!"; + my $self = shift; + my ( $data, $code ); + my $ctr = 0; + while ( $ctr < 10 ) { + my $read = sysread( $self, $data, 8192); + unless( defined $read ) { + croak "Can't read on socket: $!"; + } + my @lines = split( "\015\012", $data ); + foreach my $line ( @lines ) { + $line =~ m/^(\d+)(\-?)(.*)$/s; + $code = $1; + print STDERR "<<< " . $line ."\n" if ref($self) eq "Net::FTPSSL" && ${*$self}{'debug'}; + + if ( ref($self) eq "Net::FTPSSL" ) { + ${*$self}{'last_ftp_msg'} = $line; + } + + if ( $2 ne '-') { + return substr( $code, 0, 1 ); + } + } + $ctr++; } - - my @lines = split( "\015\012", $data ); - - foreach my $line ( @lines ) { - -# $data = $self->getline(); -# $data =~ m/^(\d+)(\-?)(.*)$/s; - $line =~ m/^(\d+)(\-?)(.*)$/s; - - $code = $1; - print STDERR "<<< " . $line ."\n" - if ref($self) eq "Net::FTPSSL" && ${*$self}{'debug'}; - - if ( ref($self) eq "Net::FTPSSL" ) { - ${*$self}{'last_ftp_msg'} = $line; - } - - last if $2 ne '-'; - - } - - return substr( $code, 0, 1 ); - + croak "FAIL: Never found a valid FTP response.\n"; } sub last_message { @@ -699,7 +694,7 @@ Net::FTPSSL - A FTP over SSL/TLS class -=head1 VERSION 0.04 +=head1 VERSION 0.05 =head1 SYNOPSIS

Mon Nov 08 14:32:09 2010 CLEACH [...] cpan.org - Correspondence added

Hi Thomas, Thanks for using my Perl module. But as I was looking at your diff file, it looks like you were using a very, very old version of the module with many known issues besides the one you were encountering. It looks like you were using version 0.04 (which was a very buggy release) and Net::FTPSSL is currently at version 0.15 (With 0.16 due in the next few months or so with a couple of new features.) So my 1st suggestion to you is to go to http://search.cpan.org/~cleach/Net-FTPSSL-0.15/FTPSSL.pm to download the latest release and upgrade to v0.15 where your problem has most likely already been fixed and gain a whole bunch of new functionailty as well. You may also have to upgrade IO::Socket::SSL as well, since if your Net::FTPSSL is that old, this required module is probably way obsolte as well. (The minimum required version 1.08 which is still pretty old, so I'd suggest something like 1.31 or later if you need to upgrade.) Just as an FYI, if you read past the end of the response from the server, sysread() will hang waiting for the next stream of data from the server which will never arrive. Since the server is waiting on the next command to respond to. So your patch may cause connections to other FTPS servers to hang. (I'm not going to look at your patch too closely since I already resolved the issue you are describing.) If you are still having issues with Net::FTPSSL after the upgrade, please turn on logging so that I can see what's happening in the code (options to new(): Debug=>1, DebugLogFile=>'mylog.txt') Sending me the mylog.txt file generated would help a lot in determining what your problem is and how best to fix it. I'll probably close this ticket in a few days unless I hear you are still having issues after you upgrade these modules. Curtis

Mon Nov 08 14:32:10 2010 The RT System itself - Status changed from 'new' to 'open'

Mon Nov 08 14:50:17 2010 tom [...] claimlynx.com - Correspondence added

From:

tom [...] claimlynx.com

Curtis, Thank you for the response. It looks like this was a case of Google being dumb and me not paying attention. My Google searches turned up the CPAN page for version 0.04, which admittedly link to the latest version, but it's not readily apparent if you're scanning the page in a hurry. I think you can close this bug. I suspect that the newer version will indeed resolve our issues. Thank you,

Mon Nov 08 14:58:07 2010 CLEACH [...] cpan.org - Fixed in 0.05 added

Mon Nov 08 14:59:49 2010 CLEACH [...] cpan.org - Correspondence added

Thanks for letting me know. Good luck in upgrading. Please open a new ticket if you are still having issues. Curtis

Mon Nov 08 14:59:50 2010 CLEACH [...] cpan.org - Status changed from 'open' to 'resolved'