From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Tue, 27 Aug 2013 16:47:55 +0000 (-0600)
Subject: Use more portable 227 (PASV) response format.
X-Git-Tag: SQUID_3_5_0_1~117^2~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7c293fc7fb992e937ea2f6fafaabb6a02e94f319;p=thirdparty%2Fsquid.git

Use more portable 227 (PASV) response format.

RFC1123 says that "The format of the 227 reply to a PASV command is not well
standardized". Evidently, we should not use "227 =a,b,c,d,p1,p2" or
"227 Entering Passive Mode. A1,A2,A3,A4,a1,a2" formats. Some nf_ct_ftp
versions block responses that use those alternative syntax rules!
---

diff --git a/src/client_side.cc b/src/client_side.cc
index 30d84f205d..9063f80b69 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -5208,7 +5208,12 @@ FtpHandlePasvReply(ClientSocketContext *context, const HttpReply *reply, StoreIO
     // local port number and hope that traffic will be redirected to us.
     MemBuf mb;
     mb.init();
-    mb.Printf("227 =%s,%i,%i\r\n", addr, static_cast<int>(port >> 8),
+
+    // Do not use "227 =a,b,c,d,p1,p2" format or omit parens: some nf_ct_ftp
+    // versions block responses that use those alternative syntax rules!
+    mb.Printf("227 Entering Passive Mode (%s,%i,%i).\n",
+              addr,
+              static_cast<int>(port / 256),
               static_cast<int>(port % 256));
 
     debugs(11, 3, Raw("writing", mb.buf, mb.size));