From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Mon, 21 Oct 2013 22:35:04 +0000 (-0600)
Subject: Use dst address of the control connection as the src of the active data conn
X-Git-Tag: SQUID_3_5_0_1~117^2~33
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dfdfae937321a54c17ba63ec37cfc72079223692;p=thirdparty%2Fsquid.git

Use dst address of the control connection as the src of the active data conn
or some clients will refuse to accept Squid data connection.
---

diff --git a/src/client_side.cc b/src/client_side.cc
index b42c50d6fe..96a2f39fc7 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -5737,19 +5737,20 @@ FtpHandlePortRequest(ClientSocketContext *context, String &cmd, String &params)
     }
 
     FtpCloseDataConnection(context->getConn());
-    debugs(11, 3, "will actively connect to " << cltAddr);
 
     Comm::ConnectionPointer conn = new Comm::Connection();
     conn->remote = cltAddr;
 
-    // TODO: should we use getOutgoingAddress() here instead?
-    if (conn->remote.isIPv4())
-        conn->local.setIPv4();
-
+    // Use local IP address of the control connection as the source address
+    // of the active data connection, or some clients will refuse to accept.
+    conn->flags |= COMM_DOBIND;
+    conn->local = connState->clientConnection->local;
     // RFC 959 requires active FTP connections to originate from port 20
     // but that would preclude us from supporting concurrent transfers! (XXX?)
-    // conn->flags |= COMM_DOBIND;
-    // conn->local.port(20);
+    conn->local.port(0);
+
+    debugs(11, 3, "will actively connect from " << conn->local << " to " <<
+           conn->remote);
 
     context->getConn()->ftp.dataConn = conn;
     context->getConn()->ftp.uploadAvailSize = 0;