cURL / Mailing Lists / curl-users / Single Mail

curl-users

curl avoiding encrypted data connection

From: Bill J Harvey <bharvey_at_csc.com>
Date: Thu, 13 May 2010 12:26:59 -0400

I'm trying to use the curl command line to encrypt the FTP control
connection to my zOS FTP server, but leave the data connection
unencrypted. My current attempt looks like:
curl -k -v -T /tmp/src-filename.txt --ftp-ssl-control -u uid:pwd
'ftp://ftp.hostname.com/directory/dest-filename.txt'
The way I'm reading the verbose output, the TLS control connection appears
to be properly negotiated, but the connection is ultimately rejected with
the message: "421 Open rejected due to insufficient resources." If I run
the command without --ftp-ssl-control, my file is transferred correctly,
so my userid & password are unlikely to be the problem.

I believe the FTP server is assuming the data connection is to be
encrypted, and won't allow that because of site-restrictions. In the
verbose output, I notice that curl appears to be using "AUTH SSL" to begin
the negotiations of the encrypted control connection. According to my
read of the description of the AUTH_TLS extension in the zOS FTP docs (
http://publib.boulder.ibm.com/infocenter/zos/v1r9/index.jsp?topic=/com.ibm.zos.r9.halz001/extns.htm
) I'm guessing that the FTP server is inferring an encrypted data
connection from the "AUTH SSL" and I should be forcing curl to use "AUTH
TLS" instead... I think I want the command line equivalent of setting
"CURLOPT_FTPSSLAUTH=CURLFTPAUTH_TLS". Does that sound right? Is it
possible to set that option via command line?

Thanks for the info!
Bill
-----------------------------------------
This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery.
NOTE: Regardless of content, this e-mail shall not operate to bind CSC to
any order or other contract unless pursuant to explicit written agreement
or government initiative expressly permitting the use of e-mail for such
purpose.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-05-13

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: curl avoiding encrypted data connection"
Previous message: Daniel Stenberg: "Re: NTLM Authentication"
Next in thread: Daniel Stenberg: "Re: curl avoiding encrypted data connection"
Reply: Daniel Stenberg: "Re: curl avoiding encrypted data connection"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]