FTP in passive mode

[Nicronics]

I don't know if someone else got this issue, but without passive mode, acme-challenge by FTP needs many retries to work. Whereas, when passive mode is activated, all works perfectly!

[tlhackque]

Passive mode is required to get through most firewalls, so this needs a fix.

Unfortunately, just adding to the ftp command "-p" won't work. ftp on my linux system doesn't have that option. You need to use the 'passive' subcommand. Windows has a registry key, but last I knew, the command line client doesn't support passive mode. Some third-party tools do (!).

If you want to stick with the ftp command, I'd suggest a FTP_OPTIONS variable and an FTP_COMMANDS variable. Then make the code look something like:

     ftp -n ${FTP_OPTIONS}<<- _EOF
			open $ftphost
			user $ftpuser $ftppass
                        ${FTP_COMMANDS}
			cd $ftpdirn
			lcd $fromdir
			put $fromfile
			_EOF

(Clients I can think of won't mind the blank line if FTP_COMMANDS is blank.)

I don't have the right environment to test this, but it seems like the right approach.

But there is a better approach: getssl relies on curl. And curl supports ftp. So why not switch to using curl for ftp transfers? Just use an ftp://URL for the remote.