Opened 18 years ago

Closed 17 years ago

#7478 closed defect (fixed)

port command hangs connecting to ftp.gnupg.org; old curl library at fault

Reported by: dropbox4email@… Owned by: macports-tickets@…
Priority: Normal Milestone:
Component: ports Version: 1.2
Keywords: Cc: vincent-opdarw@…, markd@…, rajiv@…
Port:

Description

When installing gnupg, the install process hangs when it gets to:

---> Attempting to fetch gnupg-1.4.2.tar.bz2 from ftp://ftp.gnupg.org/gcrypt/gnupg/

There is no processor or network activity whatsoever at that point.

Manually editing the Portfile by deleting this URL and making the default the second URL listed (ftp://ftp.planetmirror.com/pub/gnupg/) worked. I was not able to determine what about the first URL makes the install unsuccessful.

Change History (16)

comment:1 Changed 18 years ago by blb@…

The file appears to be there, so since you are on 10.4, are you on 10.4.4 or 10.4.5? There was a curl issue which was fixed in the 2005-009 security update (and rolled into 10.4.4 and 10.4.5's combo update). Make sure you have that security update or 10.4.4/10.4.5 first.

comment:2 Changed 18 years ago by rajiv@…

gnupg 1.4.2 is vulnerable to a security issue. see bug #7700 for a request for gnupg 1.4.2.2.

comment:3 Changed 18 years ago by vincent-opdarw@…

port can't download gnupg 1.4.2.2 either, though the URL is correct:

prunille:~> sudo port -v upgrade gnupg ---> Fetching gnupg ---> gnupg-1.4.2.2.tar.bz2 doesn't seem to exist in /opt/local/var/db/dports/distfiles/gnupg ---> Attempting to fetch gnupg-1.4.2.2.tar.bz2 from ftp://ftp.gnupg.org/gcrypt/gnupg/ C prunille:~[130]> wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2 --01:02:00-- ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2

=> `gnupg-1.4.2.2.tar.bz2'

Resolving ftp.gnupg.org... 217.69.76.44 Connecting to ftp.gnupg.org|217.69.76.44|:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD /gcrypt/gnupg ... done. ==> PASV ... done. ==> RETR gnupg-1.4.2.2.tar.bz2 ... done.

[ <=> ] 3,034,652 773.01K/s

01:02:05 (673.93 KB/s) - `gnupg-1.4.2.2.tar.bz2' saved [3034652]

It also works with curl and Firefox. It seems that the "port" command fails to start the ftp download.

comment:4 Changed 18 years ago by vincent-opdarw@…

Cc: vincent-opdarw@… added

comment:5 Changed 18 years ago by rajiv@…

Cc: rajiv@… added

i am seeing this issue also. port connects to the ftp server. the server replies "220 Service ready for new user.\r\n" but then port never answers that and the connection stalls.

running ftp ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2 i see that ftp connects to the ftp server. the server replies "220 Service ready for new user.\r\n" then ftp says "USER anonymous" and the login continues and the download is successful.

looking at the connections to ftp.planetmirror.com (the second master site), the server replies "220 ProFTP Server (PlanetMirror FTP2) [203.16.234.85]".

so perhaps the extra \r\n that the gnupg.org server sends is confusing port?

comment:6 Changed 18 years ago by rajiv@…

looking deeper, this may to be a bug in curl (the program DP uses to fetch files).

mac:~ rajiv$ /usr/bin/curl -v -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2

  • About to connect() to ftp.gnupg.org port 21
  • Trying 217.69.76.44... * connected
  • Connected to ftp.gnupg.org (217.69.76.44) port 21

< [hang]

yet:

mac:~ rajiv$ wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2 --00:45:43-- ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2

=> `gnupg-1.4.2.2.tar.bz2.2'

Resolving ftp.gnupg.org... 217.69.76.44 Connecting to ftp.gnupg.org|217.69.76.44|:21... connected. Logging in as anonymous ... Logged in! ==> SYST ... done. ==> PWD ... done. ==> TYPE I ... done. ==> CWD /gcrypt/gnupg ... done. ==> PASV ... done. ==> RETR gnupg-1.4.2.2.tar.bz2 ... done.

[ <=> ] 1,269,896 119.89K/s

/usr/bin/curl -V included with os x 10.4.5 says: curl 7.13.1 (powerpc-apple-darwin8.0) libcurl/7.13.1 OpenSSL/0.9.7i zlib/1.2.3 Protocols: ftp gopher telnet dict ldap http file https ftps Features: IPv6 Largefile NTLM SSL libz

installing curl with darwinports and running /opt/local/bin/curl -V returns: curl 7.15.2 (powerpc-apple-darwin8.5.0) libcurl/7.15.2 OpenSSL/0.9.8a zlib/1.2.3 Protocols: tftp ftp telnet dict ldap http file https ftps Features: Largefile NTLM SSL libz

and then running /opt/local/bin/curl -v -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2 works:

graphite:~ rajiv$ /opt/local/bin/curl -v -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2

  • About to connect() to ftp.gnupg.org port 21
  • Trying 217.69.76.44... connected
  • Connected to ftp.gnupg.org (217.69.76.44) port 21

< 220 Service ready for new user.

USER anonymous

< 331 Send e-mail address as password.

PASS curl_by_daniel@…

< 230 User logged in, proceed.

PWD

< 257 "/" is current directory.

  • Entry path is '/'

    CWD gcrypt

< 250-This directory is used as FTP site for GNU crypto software and < 250-related stuff. [etc...]

so the newer version of curl fixed the problem, at least when running on the commadn line. so then i tired replacing /usr/bin/curl with a symlink to /opt/local/bin/curl but that did not help when running port. is port somehow using an older libcurl?

comment:7 Changed 18 years ago by vincent-opdarw@…

(In reply to comment #4)

so perhaps the extra \r\n that the gnupg.org server sends is confusing port?

I don't see an extra (?) \r\n here. Lines just end with \r\n. This is standard in text-based network protocols.

(In reply to comment #5)

this may to be a bug in curl (the program DP uses to fetch files).

I've tried with both /opt/local/bin/curl and /usr/bin/curl and ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2 can be downloaded without any problem here. But...

prunille:~> otool -L /usr/bin/curl /usr/bin/curl:

/opt/local/lib/libcurl.3.dylib (compatibility version 4.0.0, current version 4.0.0)

[...]

Perhaps DP uses the wrong version of the curl library.

comment:8 Changed 18 years ago by rajiv@…

(In reply to comment #6)

so perhaps the extra \r\n that the gnupg.org server sends is confusing port?

I don't see an extra (?) \r\n here. Lines just end with \r\n. This is standard in text-based network protocols.

sorry i should have noted that i was watching the packets with ethereal on my gateway machine. that gnupg.org ftp server sends different characters than other ftp servers i looked at.

comment:9 Changed 18 years ago by markd@…

Cc: markd@… added
Owner: changed from darwinports-bugs@… to waqar@…

Waqar, looks like this never got assigned to you. I suppose your fix for http://bugzilla.opendarwin.org/show_bug.cgi?id=7700 also allows this to be closed, but I thought I'd assign it to you anyway since you might not be aware of it.

comment:10 Changed 18 years ago by rajiv@…

(In reply to comment #8)

Waqar, looks like this never got assigned to you. I suppose your fix for http://bugzilla.opendarwin.org/show_bug.cgi?id=7700 also allows this to be closed, but I thought I'd assign it to you anyway since you might not be aware of it.

the fix for bug #7700 does not fix this bug. this bug describes a problem with downloading gnupg that is still occurring even with the new 1.4.2.2. the problem also does not seem to be gnupg-specific. please assign this bug to the maintainer of the port program itself.

(In reply to comment #6)

I've tried with both /opt/local/bin/curl and /usr/bin/curl and ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2 can be downloaded without any problem here. But...

prunille:~> otool -L /usr/bin/curl /usr/bin/curl:

/opt/local/lib/libcurl.3.dylib (compatibility version 4.0.0, current

version 4.0.0) [...]

Perhaps DP uses the wrong version of the curl library.

on my machine i'm seeing:

mac:~ rajiv$ otool -L /usr/bin/curl /usr/bin/curl:

/usr/lib/libcurl.3.dylib (compatibility version 4.0.0, current version 4.0.0)

...

how did you get your apple-supplied /usr/bin/curl to use the curl library installed by DP ?

comment:11 Changed 18 years ago by vincent-opdarw@…

(In reply to comment #9)

how did you get your apple-supplied /usr/bin/curl to use the curl library installed by DP ?

/usr/bin/curl was a symlink. It seems I added it in the past, when DP was using the /usr/bin/curl command. I've fixed that, and now have the download problem with /usr/bin/curl.

BTW, why doesn't DP use the curl library from /opt/local/lib when it exists, since it has always been more reliable than Apple's one?

comment:12 Changed 18 years ago by rajiv@…

Cc: darwinports-bugs@… added

please reassign to base component and change the summary to "port command hangs connecting to ftp.gnupg.org; old curl library at fault". thanks.

comment:13 Changed 18 years ago by markd@…

Owner: changed from waqar@… to darwinports-bugs@…
Summary: Darwinports cannot download gnupg-1.4.2.tar.bz2 from default FTP location.port command hangs connecting to ftp.gnupg.org; old curl library at fault

Reassigning to darwinports-bugs and changing summarry.

comment:14 Changed 18 years ago by rajiv@…

i just upgraded curl to 7.15.3_0+darwin_8 and now the port command seems to work fine in fetching gnupg sources. looks like DP will have to use (explicitly install) the new library instead of relying on the version included with os x.

comment:15 Changed 18 years ago by rajiv@…

but oddly, the command line curl binary still hangs:

mac:~ rajiv$ curl -V curl 7.15.3 (powerpc-apple-darwin8.5.0) libcurl/7.15.3 OpenSSL/0.9.8a zlib/1.2.3 Protocols: tftp ftp telnet dict ldap http file https ftps Features: Largefile NTLM SSL libz mac:~ rajiv$ /opt/local/bin/curl -v -O ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.2.2.tar.bz2

  • About to connect() to ftp.gnupg.org port 21
  • Trying 217.69.76.44... connected
  • Connected to ftp.gnupg.org (217.69.76.44) port 21

[hang]

comment:16 Changed 17 years ago by markd@…

Cc: markd@… added; darwinports-bugs@… markd@… removed
Resolution: fixed
Status: newclosed

It seems to be fine now so I'll close this.

Note: See TracTickets for help on using tickets.