cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: ftps hangs

From: Robert Bednar <boborama_at_embarqmail.com>
Date: Fri, 4 Feb 2011 00:06:59 -0500

Thanks for the very well considered reply Daniel.

I agree that it's odd. I didn't expect curl would know the difference between an ftp file request and a directory list save for "known size" you pointed out.
I agree that timeout isn't a factor...the directory list comes back quickly.
by setting maximum connect times etc and having the process still hanging beyond the "time limit" implies to me that curl believes the transfer "completed" and that timeouts do not come into play.
Your comments perfectly agree with my "guesswork" based on observation.

I am able to pull an ftps directory list against my secure ftp server from my Redhat boxes. Thus I figure I can't blame the server.

Sorry about the version string errors. I was working only from memory at the time.
What SSL library do I build curl to use.... that's a very good question. I didn't personally configure any of these boxes/versions however...I have the answers via curl -V

Hangs on my Fedora Box
 curl 7.19.6 (i386-redhat-linux-gnu) libcurl/7.19.6 NSS/3.12.4.1 Beta zlib/1.2.3 libidn/0.6.14 libssh2/0.18
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
Features: GSS-Negotiate IDN IPv6 Largefile SSL libz
 
Hangs on my Fedora Box
curl 7.21.3 (x86_64-unknown-linux-gnu) libcurl/7.19.6 NSS/3.12.4.1 Beta zlib/1.2.3 libidn/0.6.14 libssh2/0.18
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
Features: GSS-Negotiate IDN IPv6 Largefile SSL libz
 
Runs just fine on my Redhat 9 System
curl 7.14.0 (i686-pc-linux-gnu) libcurl/7.14.0 OpenSSL/0.9.7c zlib/1.2.3
Protocols: ftp gopher telnet dict ldap http file https ftps
Features: Largefile NTLM SSL libz

I'm thinking the OpenSSL is the magic word here. It's being used by the system that works. I think you are right on target here.
I will have to study up on "building/configuring" curl to use OpenSSL (meaning I'm clueless how to do that...but I'll find out)
I can also work towards getting an "older build" of curl on the Fedora box...or get a newer build onto one of my Redhat boxes for testing.

I hope I haven't violated any list etiquette with top posting or something. Should I have placed this reply at the bottom of the email to support a more chronological view?
This isn't something I've had to address before, so please excuse my mailing list ignorance.

On Feb 3, 2011, at 8:07 AM, Daniel Stenberg wrote:

> On Thu, 3 Feb 2011, Robert Bednar wrote:
>
>> My troubleshooting has revealed that while I can RECEIVE a file via FTPS, I'm not able to return a simple directory LIST
>
> That's really odd. In curl's view, there really is very little difference between a file and a directory listing. A directory doesn't have a known size but a file generally does, that's about the only difference...
>
>> I moved my examples to the command line. I can see where the directory list DOES come back.... but them Curl hangs....and never returns to the shell with an exit code. I've tried various options to force different modes --disable-epsv or passive mode...connection time outs....maximum connect time etc. I tried listing very long directories that require several "packets" as seen in the trace log...and the entire directory listing comes through perfectly....and then hangs when Curl should be setting an exit code.
>
> It sounds as if the data connection doesn't get closed, or that the proper response header isn't received on the control connection.
>
> If it had been the other way around I could perhaps have guessed that the control connection timed out, but I assume a directory listing is generally rather quick...
>
>> Trace and Verbose isn't really helping. Everything looks fine....right up to the point where the listing has completed and it just hangs inexplicably.
>
> Hm. This seems to then imply that it is rather on SSL or TCP layer where the problem happens.
>
> Can you do directory ftps transfers using other tools against this server?
>
>> Why would changing the range by one byte cause the command to hang?
>
> Because libcurl doesn't get the final byte/shutdown/closure of the SSL/TCP connection? If you set a limited range, libcurl will by itself decided when to stop and terminate the data connection.
>
>> Strangely this problem seems to manifest itself on my Fedora 10 system. I've tried Curl 1.16.x -- Curl 1.19.x and now....a build of the most recent 1.21.3 all to no avail.
>
> They're all actually version 7.x.y (seven), not 1.x.y (one)...
>
> What SSL library do you build curl to use? (curl -V shows). A useful test would be to try a different one to see if the problem still is present or gets fixed, Also, Fedora 10 sounds a bit old so there's a small chance the lib you are using might've been fixed since the version you're using.
>
>> My other systems (Redhat 9 based) are running either curl 1.14 to 1.15 and do not experience the problem.
>
> So try build the same version from source on such a system and see if the problem appears or not!
>
> --
>
> / daniel.haxx.se
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-users
> FAQ: http://curl.haxx.se/docs/faq.html
> Etiquette: http://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-02-04