cURL / Mailing Lists / curl-users / Single Mail

curl-users

unsubscribe

From: Arturas_main <arturas_at_defas.lt>
Date: Fri, 12 May 2006 16:43:54 +0300

Arturas Labanauskas
DEFAS, UAB
Adresas: Vilniaus 137a, 76353 Siauliai, Lietuva
tel. +370-41-439971
tel./faks. +370-41-431436
www.defas.lt

-----Original Message-----
From: curl-users-bounces_at_cool.haxx.se
[mailto:curl-users-bounces_at_cool.haxx.se]On Behalf Of Daniel Stenberg
Sent: Friday, May 12, 2006 1:10 AM
To: the curl tool
Subject: Re: SSL connect to Glub Tech server

On Thu, 11 May 2006, Neysan S. wrote:

> When I listed the directory, it was actually an accident. It happened
when
> I typed "-key" instead of "--key" and the result was that it showed the
> directory. Yes, I assume that means it made the complete stream, but the
> full file was not placed there.

So did you try the upload case and use -k with it?

> The only differences I see with the list is that it never seems to
recognize
> my --key.

You mean for your client certificate? I didn't see any such in the options
you
said you used.

> I don't seem to need one, as I can make the initial login just fine.

Right, the server doesn't seem to require a client cert.

> I tried making a key just to see if it would make a difference but aside
> from listing the dir, no other output.

Uh, you can't just make one up if the server requires one.

> There is this one thing that I just noticed at the top. This is the
> very first thing listed when I put in the "-key" switch:
> * Could not resolve host: c:\OpenSSL\CA.crt; No data record of requested
type
> * Closing connection #0
>
> curl: (6) Could not resolve host: c:\OpenSSL\CA.crt; No data record of
> requested type

Yes, but I bet you confused lots of options with -key (which is the
equivalent
of doing -k -e -y) and then add a file name?

Even so, "c:\OpenSSL\CA.crt" sounds like a cacert which is far from a key.

>> To me it seems as if the remote site doesn't support the SSL/TLS
>> negotiation on the data connection. If you ethereal this, can you see any
>> SSL/TSL negotiation at all taking place on the data connection?
>
> It looks like I stick my hand out and the server just stares at me
> nonchalantly.

...

> After it does the PASV command, I'm not so sure. I have the feeling that
it
> loses sight of what's happening during or right after the PASV.

And that's why I suggested the ethereal/capture approach since the server
clearly accepts the data connection but then it seems the server doesn't
wanna
play games anymore.

Of course, if you don't have access to this server yourself to check the
logs
etc, one feasable solution is that you get their software and run your own
"wrapper" around a similar FTP server version to see if you can repeat the
problem there and thus understand more about everything around it.

--
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2006-05-12