On Thu, 11 May 2006, Neysan S. wrote:

> I need to connect to a server running FTPS with the Glub Tech SSL wrapper on
> it.

I googled it and I find it funny that they claim it is "fully RFC 2228
compliant" when the "securting FTP with TLS" spec is RFC4217...

It might also explain why their server doesn't act the way we want, this curl
speaks FTPS the RFC4217 way.

> I can make the connection, list the directory, and even goes so far as to
> place an empty file on the server.

That is very interesting news since both directory listing and putting an
empty file on the server connects the data stream.

> However, that is as far as it goes. I time out when it tries to do the STOR
> operation.

Doesn't "place an empty file on the server" imply a STOR as well?

> tried changing some lines that I saw in a message on this list from Daniel
> Stenberg back in Aug. 2005 (subject: FTPS help). This code did not seem to
> do the trick

I believe the approach used in 7.15.3 to be the "correct" FTPS way and all
previous different attempts wrong.

> --disable-epsv -v -Q "prot p" --ftp-ssl -u xxx:xxx ftp://xx.xx.xx:991

Why the -Q?

> * Connect data stream passively
> < 227 Entering Passive Mode (xx,xx,xx,xx,210,80)
> * Trying xx.xx.xx.xx... connected
> * Connecting to xx.xx.xx.xx (xx.xx.xx.xx) port 53840
> * Doing the SSL/TLS handshake on the data stream
> * successfully set certificate verify locations:
> * CAfile: C:\stuffing\curl-7.15.3test2\curl-7.15.3\src\curl-ca-bundle.crt
> CApath: none
> * SSL re-using session ID
> * SSLv3, TLS handshake, Client hello (1):
> SSL connection timeout

I assume it took some time before this line line was reported?

To me it seems as if the remote site doesn't support the SSL/TLS negotiation
on the data connection. If you ethereal this, can you see any SSL/TSL
negotiation at all taking place on the data connection?

If you compare what happens when you just list a directory, can you detect any
differences?

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html