Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

All masquerade address tests fail with AssertionError: '127.0.0.1' != … with Python >= 3.9.3 #550

Open
sbraz opened this issue Apr 21, 2021 · 1 comment
Open

All masquerade address tests fail with AssertionError: '127.0.0.1' != … with Python >= 3.9.3 #550

sbraz opened this issue Apr 21, 2021 · 1 comment

Comments

@sbraz
Copy link
Contributor

sbraz commented Apr 21, 2021
edited
Loading

Hi,
I'm pretty sure the cause of this is:

bpo-43285: ftplib no longer trusts the IP address value returned from the server in response to the PASV command by default. This prevents a malicious FTP server from using the response to probe IPv4 address and port combinations on the client network. Code that requires the former vulnerable behavior may set a trust_server_pasv_ipv4_address attribute on their ftplib.FTP instances to True to re-enable it.

This fix was applied to:

  • 3.6.14
  • 3.7.11
  • 3.8.9
  • 3.9.3

It causes the following failures with Python 3.9.3 (no problem with 3.9.2):

FAILED pyftpdlib/test/test_functional.py::TestConfigurableOptions::test_masquerade_address - AssertionError: '127.0.0.1' != '256.256.256.256'
FAILED pyftpdlib/test/test_functional.py::TestConfigurableOptions::test_masquerade_address_map - AssertionError: '127.0.0.1' != '128.128.128.128'
FAILED pyftpdlib/test/test_functional_ssl.py::TestConfigurableOptions::test_masquerade_address - AssertionError: '127.0.0.1' != '256.256.256.256'
FAILED pyftpdlib/test/test_functional_ssl.py::TestConfigurableOptions::test_masquerade_address_map - AssertionError: '127.0.0.1' != '128.128.128.128'
FAILED pyftpdlib/test/test_functional_ssl.py::TestConfigurableOptionsTLSMixin::test_masquerade_address - AssertionError: '127.0.0.1' != '256.256.256.256'
FAILED pyftpdlib/test/test_functional_ssl.py::TestConfigurableOptionsTLSMixin::test_masquerade_address_map - AssertionError: '127.0.0.1' != '128.128.128.128'

Here's the exact error from the first one:

_________________________________________________________________________________ TestConfigurableOptions.test_masquerade_address _________________________________________________________________________________
                                                                                                                                                                                                                   
self = <pyftpdlib.test.test_functional.TestConfigurableOptions testMethod=test_masquerade_address>       
                                                                                                                                                                                                                   
    def test_masquerade_address(self):                                                                                                                                                                             
        # Test FTPHandler.masquerade_address attribute                                                                                                                                                             
        self.server = self.server_class()                                                                                                                                                                          
        self.server.handler.masquerade_address = "256.256.256.256"                                                                                                                                                 
        self.server.start()                                                                                                                                                                                        
        self.connect()                                                                                                                                                                                             
        host, port = self.client.makepasv()                                                                                                                                                                        
>       self.assertEqual(host, "256.256.256.256")                                                        
E       AssertionError: '127.0.0.1' != '256.256.256.256'
E       - 127.0.0.1                              
E       + 256.256.256.256
@Apteryks
Copy link

Reproduced with Python 3.9.9 on GNU Guix.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sbraz @Apteryks