curl-users
CURL FTPS with filezilla server problem
Date: Thu, 5 Jun 2008 18:05:17 +1000
Hi all,
I've tried to search for my problem in the mailing list but can not find
an exact solution, I've tried some of the suggested actions to similar
problems with no success. I can achieve my task with a windows FTP
client such as cuteFTP but I need to use a AIX method.
My requirements
To retrieve files under AIX from a windows filezilla server.
- must be using implicit connection
- command port on 990 and data port on 5000
The above requirements can not be changed as it is tightly controlled.
my command is:
curl -v --cacert /material/FTP/geodis.pem -u username:password
ftps://203.24.194.106:990/outbound/
and below is the log:
------------------------------------------------------------------------
------------------
* About to connect() to 203.24.194.106 port 990 (#0)
* Trying 203.24.194.106... connected
* Connected to 203.24.194.106 (203.24.194.106) port 990 (#0)
* successfully set certificate verify locations:
* CAfile: /material/FTP/geodis.pem
CApath: none
* SSLv2, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
* subject: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
Wilson/OU=IT/emailAddress=
* start date: 2008-06-05 05:17:54 GMT
* expire date: 2009-06-05 05:17:54 GMT
* common name: 203.24.194.106 (matched)
* issuer: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
Wilson/OU=IT/emailAddress=
* SSL certificate verify ok.
< 220 Geodis Secure FTP Server
> USER xxxxxxx
< 331 Password required for xxxxxxx
> PASS xxxxxxx
< 230 Logged on
> PBSZ 0
< 200 PBSZ=0
> PWD
< 257 "/" is current directory.
* Entry path is '/'
> CWD outbound
< 250 CWD successful. "/outbound" is current directory.
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||5000|)
* Trying 203.24.194.106... connected
* Connecting to 203.24.194.106 (203.24.194.106) port 5000
> TYPE A
< 200 Type set to A
> LIST
< 150 Connection accepted
* Doing the SSL/TLS handshake on the data stream
* successfully set certificate verify locations:
* CAfile: /material/FTP/geodis.pem
CApath: none
* SSLv2, Client hello (1):
* error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol
------------------------------------------------------------------------
------------------
So the log shows I can authenticate correctly but fails when setting up
the data port, from what I've read else where it suggests that the
server does not encrypt the data channel but CURL expect I to be
encrypted? I've also tried the suggested of switching on PROT P on their
server and the following is the log:
------------------------------------------------------------------------
-----------
* About to connect() to 203.24.194.106 port 990 (#0)
* Trying 203.24.194.106... connected
* Connected to 203.24.194.106 (203.24.194.106) port 990 (#0)
* successfully set certificate verify locations:
* CAfile: /material/FTP/geodis.pem
CApath: none
* SSLv2, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
* subject: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
Wilson/OU=IT/emailAddress=
* start date: 2008-06-05 05:17:54 GMT
* expire date: 2009-06-05 05:17:54 GMT
* common name: 203.24.194.106 (matched)
* issuer: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
Wilson/OU=IT/emailAddress=
* SSL certificate verify ok.
< 220 Geodis Secure FTP Server
> USER xxxxxxxx
< 331 Password required for xxxxxxxx
> PASS xxxxxxxx
< 230 Logged on
> PBSZ 0
< 200 PBSZ=0
> PWD
< 257 "/" is current directory.
* Entry path is '/'
> CWD outbound
< 250 CWD successful. "/outbound" is current directory.
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||5000|)
* Trying 203.24.194.106... connected
* Connecting to 203.24.194.106 (203.24.194.106) port 5000
> TYPE A
< 200 Type set to A
> LIST
< 550 PROT P required
* RETR response: 550
* Remembering we are in dir outbound/
* Connection #0 to host 203.24.194.106 left intact
curl: (19) RETR response: 550
> QUIT
< 221 Goodbye
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
------------------------------------------------------------------------
-----------
If any one can assist would be greatly appreciated
Regards,
JOHN ZHAO
System Administrator SAP
-----------------------------------------
This message and any attachments are confidential and intended
solely for the addressees. If you receive this message in error,
please delete it and immediately notify the sender. If the reader
of this message is not the intended recipient, you are hereby
notified that any unauthorized use, copying or dissemination is
prohibited. E-mails are susceptible to alteration. Neither LOREAL
nor any of its subsidiaries or affiliates shall be liable for the
message if altered, changed or falsified.
Received on 2008-06-05