FS#79357 - [tnftp] 20230507-1 can't connect to public ftp servers because of its --with-socks build option.

Attached to Project: Arch Linux
Opened by Oleg (Oleg_NYC) - Saturday, 12 August 2023, 12:59 GMT
Last edited by T.J. Townsend (blakkheim) - Tuesday, 05 September 2023, 17:34 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Levente Polyak (anthraxx)
T.J. Townsend (blakkheim)
Architecture x86_64
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

The tnftp client package from the extra repository can't connect to public ftp servers because of its --with-socks build option. For example, "tnftp -a ftp.freebsd.org" produces the message "tnftp: Can't connect to `96.47.72.116:21': Network is unreachable".
This task depends upon

Closed by  T.J. Townsend (blakkheim)
Tuesday, 05 September 2023, 17:34 GMT
Reason for closing:  Fixed
Comment by loqs (loqs) - Saturday, 12 August 2023, 14:47 GMT
--with-socks appears to force all traffic through dante so you need dante to be running and properly configured. The --with-socks option also disables IPv6 support overriding the --enable-ipv6 option both of which are set in the PKGBUILD.
See also  FS#63434  and https://bbs.archlinux.org/viewtopic.php?id=287951
Comment by Oleg (Oleg_NYC) - Saturday, 12 August 2023, 15:52 GMT
But the person I interacted with on the forums implied that no matter how dante is configured, it still won't allow me to connect to some random public ftp server. Besides, there is no arch documentation that explains how to configure dante.
Comment by Toolybird (Toolybird) - Saturday, 12 August 2023, 23:09 GMT
I suspect this will be "Won't fix" due to inherent insecurity of FTP. Deferring to PM's better judgement.
Comment by T.J. Townsend (blakkheim) - Sunday, 13 August 2023, 01:06 GMT
The package appears kind of dysfunctional in its current state with dante involved. Removing it entirely seems reasonable to me.

anthraxx, any opinion on the attached diff to do so? The --enable-editcomplete and --enable-ipv6 flags are on by default according to the configure script.
   tnftp.diff (0.8 KiB)

Loading...