[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] [cvs] regression: socket.timeout because of disabli
From: |
Kenneth Loafman |
Subject: |
Re: [Duplicity-talk] [cvs] regression: socket.timeout because of disabling passive FTP |
Date: |
Fri, 25 May 2007 12:53:35 -0500 |
User-agent: |
Thunderbird 1.5.0.10 (X11/20070306) |
dAniel hAhler wrote:
Hello,
in CVS there's self.ftp.set_pasv(False), which can cause socket
timeouts, if ftp-data is firewalled/rejected.
Actually, it was there to test out a problem I was having. I'll remove
it before the final release is made. If you want to check out the
latest formal release, you need to use the tag r0-4-2 in CVS.
Additionally, there seems to be code in ftpBackend.list to turn
passive mode off in some case (ftp error 425), but it does not get
reached - at least not in a reasonable amout of time and passive mode
would be off already anyway!
I think the best thing would be for the system to allow an initial
setting of passive vs active. In some cases active is required to get
into an FTP server behind a firewall. Passive will get you around some
problems of the client side firewall, maybe. If the remote side is
active-only, and your firewall is not handling NAT address change
correctly, you may not have any access.
I think this must get handled better - e.g. by turning passive mode
on, when there's a socket.timeout exception.
Yes, the final code will handle it better.
Apart from that: why should passive FTP get disabled at all?
Because a lot of times passive will not work at all, especially when
dealing with FTP sites run by a strict admin. Leaving port ranges open
for passive mode is a security risk.
...Ken