id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc,port 54069,gnupg: Fetch of IDEA code fails via FTP,michael-j-oconnor,ryandesign,"The change resulting from #53710 needs to be backed out or rethought. {{{ sudo port -N install gnupg +idea }}} fails, since the file idea.c.gz cannot be fetched via FTP. This can be readily seen with curl -v: {{{ $ curl -v ftp://ftp.gnupg.dk/pub/contrib-dk/idea.c.gz * Trying 82.180.28.130... * TCP_NODELAY set * Connected to ftp.gnupg.dk (82.180.28.130) port 21 (#0) < 220 pi FTP server (Version wu-2.6.2(1) Mon Apr 30 20:10:54 UTC 2012) ready. > USER anonymous < 331 Guest login ok, send your complete e-mail address as password. > PASS ftp@example.com < 230-The response 'ftp@example.com' is not valid < 230-Next time please use your e-mail address as your password < 230- for example: joe@macportzzz.org < 230-Welcome, archive user anonymous@macportzzz.org ! < 230- < 230-The local time is: Mon May 1 01:29:15 2017 < 230- < 230-This is an experimental FTP server. If have any unusual problems, < 230-please report them via e-mail to . < 230- < 230-If you do have problems, please try using a dash (-) as the first < 230-character of your password -- this will turn off the continuation < 230-messages that may be confusing your FTP client. < 230- < 230 Guest login ok, access restrictions apply. > PWD < 257 ""/"" is current directory. * Entry path is '/' > CWD pub * ftp_perform ends with SECONDARY: 0 < 250-Please read the file README < 250- it was last modified on Sun Apr 30 04:25:12 2017 - 1 day ago < 250-Please read the file README~ < 250- it was last modified on Sun Apr 30 04:25:12 2017 - 1 day ago < 250 CWD command successful. > CWD contrib-dk < 250 CWD command successful. > EPSV * Connect data stream passively < 500 'EPSV': command not understood. * Failed EPSV attempt. Disabling EPSV > PASV < 227 Entering Passive Mode (192,168,0,3,87,244) * Trying 192.168.0.3... * TCP_NODELAY set * Connecting to 192.168.0.3 (192.168.0.3) port 22516 * Connection failed * connect to 192.168.0.3 port 21 failed: Operation timed out * Failed to connect to ftp.gnupg.dk port 21: Operation timed out * Closing connection 0 curl: (7) Failed to connect to ftp.gnupg.dk port 21: Operation timed out }}} MacPorts FTP fetch operation uses PASV ftp, and ftp.gnupg.dk returns a bogus/private IP address in its PASV response. This is not uncommon, and command-line curl even has an option to deal with it: {{{ --ftp-skip-pasv-ip (FTP) Tell curl to not use the IP address the server suggests in its response to curl's PASV command when curl connects the data connection. Instead curl will re-use the same IP address it already uses for the control connection. }}} Many browser implementations may do the same thing, if not fall back to PORT FTP (which works with this site). However, neither seems to be readily configurable with MacPorts FTP fetch implementation. I'm writing this to show that this is NOT a ""firewall issue"" (at least at the downloading end), since there were concerns in #53710 about that. Based on the HTTP redirect, the file can be downloaded from: https://gnupg.dk/pub/contrib-dk/idea.c.gz I'd suggest that as an alternative. Either that, or ship the file so the gnupg.dk site is not a single point of failure. ",defect,closed,Normal,,ports,,fixed,,ionic,gnupg