cURL / Mailing Lists / curl-users / Single Mail

curl-users

Problem using Ftp ssl through proxy.

From: Martijn ten Heuvel <pjottum_at_gmail.com>
Date: Thu, 5 Jan 2006 11:53:24 +0100

Hello,

I'm currently trying to use curl to an ftps server from within my
network, through our proxy-server. For tests sake, i've installed
filezilla server on my desktop.

I'm running a a hp-ux11.11 box, using curl version 7.15.0 from the
hp-ux software archive
(eg. http://hpux.its.tudelft.nl/)

Without the proxy, everything works fine.
Even to strange ports, the eventual production must connect to
something like 12345. For this test, I'm using 21.

The connection setup works, but after the set-up of the session and
issuing 'PASV', curl connects again - which results in this problem.

Any ideas what could be the problem here? Or am i trying something
that simply isn't possible?

thanks,
Martijn

/usr/local/bin/curl --user martijnh:moeilijk \
  --disable-epsv -v --ftp-ssl --cacert cert.crt \
  --proxy 172.27.1.234:80 --proxytunnel \
  -l ftp://its001wks119.its.company.com:21

* About to connect() to proxy 172.27.1.234 port 80
* Trying 172.27.1.234... connected
* Connected to 172.27.1.234 (172.27.1.234) port 80
* Establish HTTP proxy tunnel to its001wks119.its.company.com:21
* Server auth using Basic with user 'martijnh'
> CONNECT its001wks119.its.company.com:21 HTTP/1.0
> Host: its001wks119.its.company.com:21
> User-Agent: curl/7.15.0 (hppa2.0w-hp-hpux11.11) libcurl/7.15.0 OpenSSL/0.9.8a zlib/1.2.3 libidn/0.5.20
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
< Proxy-agent: BlueCoat-Security-Appliance
<
* Proxy replied OK to CONNECT request
< 220 kiekeboe
> AUTH SSL
< 234 Using authentication type SSL
* successfully set certificate verify locations:
* CAfile: cert.crt
  CApath: none
* SSLv2, Client hello (1):
SSLv3, TLS handshake, Server hello (2):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS handshake, Server finished (14):
SSLv3, TLS handshake, Client key exchange (16):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSLv3, TLS change cipher, Client hello (1):
SSLv3, TLS handshake, Finished (20):
SSL connection using AES256-SHA
* Server certificate:

/* snip self-generated-certificate */

* SSL certificate verify ok.
> USER martijnh
< 331 Password required for martijnh
> PASS moeilijk
< 230 Logged on
> PBSZ 0
< 200 PBSZ=0
> PROT P
< 200 Protection level set to P
> PWD
< 257 "/" is current directory.
* Entry path is '/'
> PASV
* Connect data stream passively
< 227 Entering Passive Mode (172,27,145,185,4,37)
* Trying 172.27.1.234... connected
* Connecting to 172.27.145.185 (172.27.1.234) port 80
* Establish HTTP proxy tunnel to 172.27.145.185:1061
* Server auth using Basic with user 'martijnh'
> CONNECT 172.27.145.185:1061 HTTP/1.0
> Host: 172.27.145.185:1061
> User-Agent: curl/7.15.0 (hppa2.0w-hp-hpux11.11) libcurl/7.15.0 OpenSSL/0.9.8a zlib/1.2.3 libidn/0.5.20
> Proxy-Connection: Keep-Alive
Received on 2006-01-05