cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: FTPS help

From: Daniel Stenberg <daniel-curl_at_haxx.se>
Date: Tue, 16 Aug 2005 23:43:06 +0200 (CEST)

On Tue, 16 Aug 2005, Norbert Novotny wrote:

> This is fantastic!! I can't believe it, but you did it!

Lovely!

> The only thing, I had to comment out was the original SSL handshake
> after the command was accapted by the server.

Which command?

> starting on line 3923 - in lib/ftp.c

There's no such line in my file, my lib/ftp.c ends at line 3924!

> If you are interested, I'll send you the complete diff between the original
> (7.14.0) and this patched working version, with all changes in it.

Please do, as it will answer to my questions above and clearly show me what
works for you (including that pasv ignore thing).

> Also, I have to mention it here, I am not a 100% convinced that the
> developers of the FTP server side did comply 100% with RFC2228. This yet to
> be investigated, by FTP server administrators. Reson, why I am filled with
> scepticism here, is the fact that I had installed other FTPS client
> recomanded by the vendor of the server side (C-Kermit 8.0) which had failed
> exactly on the same spot.

While that occurred to me too, I don't consider this fix a bad one. It should
work on all RFC-compliant servers as well and it actually makes more sense to
do the SSL-related connection stuff just after the TCP connection has been
confirmed and not at an arbitrary later point like this.

FTPS in general suffers from a long time with no standards and a long time
with bad standards and a looong time with draft-murray-auth-ftp-ssl-NN (now at
16) so there's hardly any surprise that servers and clients are all confused
on how to do things. I'm not 100% sure libcurl does things 100% correct even
though I've done my best in attempting to.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2005-08-16