curl-users
Re: CURL FTPS with filezilla server problem
Date: Fri, 6 Jun 2008 08:34:20 +0100
John,
To have the file saved there are two options, first is to simply pipe the output to a file:
curl ...... ftps://SERVER/FILE > myfilename
or to specify in the command:
curl ...... -o myfilename ftps://SERVER/FILE
Regards
Mike
On Fri, Jun 06, 2008 at 02:55:05PM +1000, ZHAO John wrote:
> Thank you, that worked ok, but my command downloads the content of the
> file and not the file it self which is strange as the format is what the
> examples had to download a file.
>
> Regards,
>
> John Zhao
>
>
>
> -----Original Message-----
> From: curl-users-bounces_at_cool.haxx.se
> [mailto:curl-users-bounces_at_cool.haxx.se] On Behalf Of mikep_at_proatria.com
> Sent: Thursday, 5 June 2008 8:06 PM
> To: the curl tool
> Subject: Re: CURL FTPS with filezilla server problem
>
> John,
>
> There are two settings that change the encryption after authentication:
> --ftp-ssl-control will use encryption on the control channel but not the
> data channel.
>
> --ftp-ssl-ccc will turn off encryption on bot control and data channels
> after authentication.
>
> Regards
> Mike
>
> On Thu, Jun 05, 2008 at 06:05:17PM +1000, ZHAO John wrote:
> > Hi all,
> >
> > I've tried to search for my problem in the mailing list but can not
> find
> > an exact solution, I've tried some of the suggested actions to similar
> > problems with no success. I can achieve my task with a windows FTP
> > client such as cuteFTP but I need to use a AIX method.
> >
> >
> >
> > My requirements
> >
> >
> >
> > To retrieve files under AIX from a windows filezilla server.
> >
> > - must be using implicit connection
> >
> > - command port on 990 and data port on 5000
> >
> > The above requirements can not be changed as it is tightly controlled.
> >
> >
> >
> > my command is:
> >
> > curl -v --cacert /material/FTP/geodis.pem -u username:password
> > ftps://203.24.194.106:990/outbound/
> >
> >
> >
> > and below is the log:
> >
> >
> ------------------------------------------------------------------------
> > ------------------
> >
> > * About to connect() to 203.24.194.106 port 990 (#0)
> >
> > * Trying 203.24.194.106... connected
> >
> > * Connected to 203.24.194.106 (203.24.194.106) port 990 (#0)
> >
> > * successfully set certificate verify locations:
> >
> > * CAfile: /material/FTP/geodis.pem
> >
> > CApath: none
> >
> > * SSLv2, Client hello (1):
> >
> > * SSLv3, TLS handshake, Server hello (2):
> >
> > * SSLv3, TLS handshake, CERT (11):
> >
> > * SSLv3, TLS handshake, Server finished (14):
> >
> > * SSLv3, TLS handshake, Client key exchange (16):
> >
> > * SSLv3, TLS change cipher, Client hello (1):
> >
> > * SSLv3, TLS handshake, Finished (20):
> >
> > * SSLv3, TLS change cipher, Client hello (1):
> >
> > * SSLv3, TLS handshake, Finished (20):
> >
> > * SSL connection using AES256-SHA
> >
> > * Server certificate:
> >
> > * subject: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
> > Wilson/OU=IT/emailAddress=
> >
> > * start date: 2008-06-05 05:17:54 GMT
> >
> > * expire date: 2009-06-05 05:17:54 GMT
> >
> > * common name: 203.24.194.106 (matched)
> >
> > * issuer: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
> > Wilson/OU=IT/emailAddress=
> >
> > * SSL certificate verify ok.
> >
> > < 220 Geodis Secure FTP Server
> >
> > > USER xxxxxxx
> >
> > < 331 Password required for xxxxxxx
> >
> > > PASS xxxxxxx
> >
> > < 230 Logged on
> >
> > > PBSZ 0
> >
> > < 200 PBSZ=0
> >
> > > PWD
> >
> > < 257 "/" is current directory.
> >
> > * Entry path is '/'
> >
> > > CWD outbound
> >
> > < 250 CWD successful. "/outbound" is current directory.
> >
> > > EPSV
> >
> > * Connect data stream passively
> >
> > < 229 Entering Extended Passive Mode (|||5000|)
> >
> > * Trying 203.24.194.106... connected
> >
> > * Connecting to 203.24.194.106 (203.24.194.106) port 5000
> >
> > > TYPE A
> >
> > < 200 Type set to A
> >
> > > LIST
> >
> > < 150 Connection accepted
> >
> > * Doing the SSL/TLS handshake on the data stream
> >
> > * successfully set certificate verify locations:
> >
> > * CAfile: /material/FTP/geodis.pem
> >
> > CApath: none
> >
> > * SSLv2, Client hello (1):
> >
> > * error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
> >
> > * Closing connection #0
> >
> > * SSLv3, TLS alert, Client hello (1):
> >
> > curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> > protocol
> >
> >
> ------------------------------------------------------------------------
> > ------------------
> >
> >
> >
> > So the log shows I can authenticate correctly but fails when setting
> up
> > the data port, from what I've read else where it suggests that the
> > server does not encrypt the data channel but CURL expect I to be
> > encrypted? I've also tried the suggested of switching on PROT P on
> their
> > server and the following is the log:
> >
> >
> >
> >
> ------------------------------------------------------------------------
> > -----------
> >
> >
> >
> > * About to connect() to 203.24.194.106 port 990 (#0)
> >
> > * Trying 203.24.194.106... connected
> >
> > * Connected to 203.24.194.106 (203.24.194.106) port 990 (#0)
> >
> > * successfully set certificate verify locations:
> >
> > * CAfile: /material/FTP/geodis.pem
> >
> > CApath: none
> >
> > * SSLv2, Client hello (1):
> >
> > * SSLv3, TLS handshake, Server hello (2):
> >
> > * SSLv3, TLS handshake, CERT (11):
> >
> > * SSLv3, TLS handshake, Server finished (14):
> >
> > * SSLv3, TLS handshake, Client key exchange (16):
> >
> > * SSLv3, TLS change cipher, Client hello (1):
> >
> > * SSLv3, TLS handshake, Finished (20):
> >
> > * SSLv3, TLS change cipher, Client hello (1):
> >
> > * SSLv3, TLS handshake, Finished (20):
> >
> > * SSL connection using AES256-SHA
> >
> > * Server certificate:
> >
> > * subject: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
> > Wilson/OU=IT/emailAddress=
> >
> > * start date: 2008-06-05 05:17:54 GMT
> >
> > * expire date: 2009-06-05 05:17:54 GMT
> >
> > * common name: 203.24.194.106 (matched)
> >
> > * issuer: /CN=203.24.194.106/C=AU/ST=NSW/L=Sydney/O=GEodis
> > Wilson/OU=IT/emailAddress=
> >
> > * SSL certificate verify ok.
> >
> > < 220 Geodis Secure FTP Server
> >
> > > USER xxxxxxxx
> >
> > < 331 Password required for xxxxxxxx
> >
> > > PASS xxxxxxxx
> >
> > < 230 Logged on
> >
> > > PBSZ 0
> >
> > < 200 PBSZ=0
> >
> > > PWD
> >
> > < 257 "/" is current directory.
> >
> > * Entry path is '/'
> >
> > > CWD outbound
> >
> > < 250 CWD successful. "/outbound" is current directory.
> >
> > > EPSV
> >
> > * Connect data stream passively
> >
> > < 229 Entering Extended Passive Mode (|||5000|)
> >
> > * Trying 203.24.194.106... connected
> >
> > * Connecting to 203.24.194.106 (203.24.194.106) port 5000
> >
> > > TYPE A
> >
> > < 200 Type set to A
> >
> > > LIST
> >
> > < 550 PROT P required
> >
> > * RETR response: 550
> >
> > * Remembering we are in dir outbound/
> >
> > * Connection #0 to host 203.24.194.106 left intact
> >
> > curl: (19) RETR response: 550
> >
> > > QUIT
> >
> > < 221 Goodbye
> >
> > * Closing connection #0
> >
> > * SSLv3, TLS alert, Client hello (1):
> >
> >
> ------------------------------------------------------------------------
> > -----------
> >
> >
> >
> > If any one can assist would be greatly appreciated
> >
> >
> >
> >
> >
> > Regards,
> >
> >
> >
> > JOHN ZHAO
> >
> > System Administrator SAP
> >
> >
> >
> >
> >
> > -----------------------------------------
> > This message and any attachments are confidential and intended
> > solely for the addressees. If you receive this message in error,
> > please delete it and immediately notify the sender. If the reader
> > of this message is not the intended recipient, you are hereby
> > notified that any unauthorized use, copying or dissemination is
> > prohibited. E-mails are susceptible to alteration. Neither LOREAL
> > nor any of its subsidiaries or affiliates shall be liable for the
> > message if altered, changed or falsified.
> --
> Regards
>
> Mike Protts
> Senior Technical Consultant
> Pro:Atria Ltd
> +44(0) 870 7656453
-- Regards Mike Protts Senior Technical Consultant Pro:Atria Ltd +44(0) 870 7656453Received on 2008-06-06