cURL / Mailing Lists / curl-users / Single Mail

curl-users

CURL FTPS with filezilla server problem

From: ZHAO John <JZHAO_at_au.loreal.com>
Date: Thu, 5 Jun 2008 18:05:17 +1000

Hi all, I've tried to search for my problem in the mailing list but can not find an exact solution, I've tried some of the suggested actions to similar problems with no success. I can achieve my task with a windows FTP client such as cuteFTP but I need to use a AIX method. My requirements To retrieve files under AIX from a windows filezilla server. - must be using implicit connection - command port on 990 and data port on 5000 The above requirements can not be changed as it is tightly controlled. my command is: curl -v --cacert /material/FTP/geodis.pem -u username:password ftps://203.24.194.106:990/outbound/ and below is the log: ------------------------------------------------------------------------ ------------------ * About to connect() to 203.24.194.106 port 990 (#0) * Trying 203.24.194.106... connected * Connected to 203.24.194.106 (203.24.194.106) port 990 (#0) * successfully set certificate verify locations: * CAfile: /material/FTP/geodis.pem CApath: none * SSLv2, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using AES256-SHA * Server certificate: * subject: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis Wilson/OU=IT/emailAddress= * start date: 2008-06-05 05:17:54 GMT * expire date: 2009-06-05 05:17:54 GMT * common name: 203.24.194.106 (matched) * issuer: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis Wilson/OU=IT/emailAddress= * SSL certificate verify ok. < 220 Geodis Secure FTP Server > USER xxxxxxx < 331 Password required for xxxxxxx > PASS xxxxxxx < 230 Logged on > PBSZ 0 < 200 PBSZ=0 > PWD < 257 "/" is current directory. * Entry path is '/' > CWD outbound < 250 CWD successful. "/outbound" is current directory. > EPSV * Connect data stream passively < 229 Entering Extended Passive Mode (|||5000|) * Trying 203.24.194.106... connected * Connecting to 203.24.194.106 (203.24.194.106) port 5000 > TYPE A < 200 Type set to A > LIST < 150 Connection accepted * Doing the SSL/TLS handshake on the data stream * successfully set certificate verify locations: * CAfile: /material/FTP/geodis.pem CApath: none * SSLv2, Client hello (1): * error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol * Closing connection #0 * SSLv3, TLS alert, Client hello (1): curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol ------------------------------------------------------------------------ ------------------ So the log shows I can authenticate correctly but fails when setting up the data port, from what I've read else where it suggests that the server does not encrypt the data channel but CURL expect I to be encrypted? I've also tried the suggested of switching on PROT P on their server and the following is the log: ------------------------------------------------------------------------ ----------- * About to connect() to 203.24.194.106 port 990 (#0) * Trying 203.24.194.106... connected * Connected to 203.24.194.106 (203.24.194.106) port 990 (#0) * successfully set certificate verify locations: * CAfile: /material/FTP/geodis.pem CApath: none * SSLv2, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using AES256-SHA * Server certificate: * subject: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis Wilson/OU=IT/emailAddress= * start date: 2008-06-05 05:17:54 GMT * expire date: 2009-06-05 05:17:54 GMT * common name: 203.24.194.106 (matched) * issuer: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis Wilson/OU=IT/emailAddress= * SSL certificate verify ok. < 220 Geodis Secure FTP Server > USER xxxxxxxx < 331 Password required for xxxxxxxx > PASS xxxxxxxx < 230 Logged on > PBSZ 0 < 200 PBSZ=0 > PWD < 257 "/" is current directory. * Entry path is '/' > CWD outbound < 250 CWD successful. "/outbound" is current directory. > EPSV * Connect data stream passively < 229 Entering Extended Passive Mode (|||5000|) * Trying 203.24.194.106... connected * Connecting to 203.24.194.106 (203.24.194.106) port 5000 > TYPE A < 200 Type set to A > LIST < 550 PROT P required * RETR response: 550 * Remembering we are in dir outbound/ * Connection #0 to host 203.24.194.106 left intact curl: (19) RETR response: 550 > QUIT < 221 Goodbye * Closing connection #0 * SSLv3, TLS alert, Client hello (1): ------------------------------------------------------------------------ ----------- If any one can assist would be greatly appreciated Regards, JOHN ZHAO System Administrator SAP ----------------------------------------- This message and any attachments are confidential and intended solely for the addressees. If you receive this message in error, please delete it and immediately notify the sender. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized use, copying or dissemination is prohibited. E-mails are susceptible to alteration. Neither LOREAL nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified.
Received on 2008-06-05