cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: FTPS help

From: Norbert Novotny <norbert.novotny_at_gmail.com>
Date: Fri, 19 Aug 2005 10:55:44 +0200

Hi Daniel,

I hope you have received the package. I had to use your direct address
as I am not sure if it would let me to send an e-mail from other not
register address (my server) to the group address

FYI, the FTPS server. admins are now in touch with the FTPS server
vendor to clarify the status of the problem. e.g. problem on the
client side or problem on the server side or both as a general
missunderstanding of RFC specs.

They did admitt the pasv-ip address, where server should be able to
provide other address the own.

Cheers,
 Norbert.

On 8/16/05, Daniel Stenberg <daniel-curl_at_haxx.se> wrote:
> On Tue, 16 Aug 2005, Norbert Novotny wrote:
>
> > This is fantastic!! I can't believe it, but you did it!
>
> Lovely!
>
> > The only thing, I had to comment out was the original SSL handshake
> > after the command was accapted by the server.
>
> Which command?
>
> > starting on line 3923 - in lib/ftp.c
>
> There's no such line in my file, my lib/ftp.c ends at line 3924!
>
> > If you are interested, I'll send you the complete diff between the original
> > (7.14.0) and this patched working version, with all changes in it.
>
> Please do, as it will answer to my questions above and clearly show me what
> works for you (including that pasv ignore thing).
>
> > Also, I have to mention it here, I am not a 100% convinced that the
> > developers of the FTP server side did comply 100% with RFC2228. This yet to
> > be investigated, by FTP server administrators. Reson, why I am filled with
> > scepticism here, is the fact that I had installed other FTPS client
> > recomanded by the vendor of the server side (C-Kermit 8.0) which had failed
> > exactly on the same spot.
>
> While that occurred to me too, I don't consider this fix a bad one. It should
> work on all RFC-compliant servers as well and it actually makes more sense to
> do the SSL-related connection stuff just after the TCP connection has been
> confirmed and not at an arbitrary later point like this.
>
> FTPS in general suffers from a long time with no standards and a long time
> with bad standards and a looong time with draft-murray-auth-ftp-ssl-NN (now at
> 16) so there's hardly any surprise that servers and clients are all confused
> on how to do things. I'm not 100% sure libcurl does things 100% correct even
> though I've done my best in attempting to.
>
> --
> Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
>
Received on 2005-08-19