cURL / Mailing Lists / curl-users / Single Mail

curl-users

RE: Problem using CURL behind a proxy using proxytunnel option, seemingly a bug has been introduced since version 2.27

From: <Yuri.VANHAEREN_at_ext.ec.europa.eu>
Date: Thu, 5 Sep 2013 13:16:38 +0000

If someone knows where to find a more recent version for Windows than 7.19 and less than 7.31 (actually less than 7.29 but I can't even find that version anymore), I'd appreciate it. I'd like to test with more Windows versions to be sure it really is working up until 7.27 .

________________________________
From: curl-users [mailto:curl-users-bounces_at_cool.haxx.se] On Behalf Of Yuri.VANHAEREN_at_ext.ec.europa.eu
Sent: Thursday, September 05, 2013 2:38 PM
To: curl-users_at_cool.haxx.se
Subject: Problem using CURL behind a proxy using proxytunnel option, seemingly a bug has been introduced since version 2.27

For our daily operations we need to exchange data with FTP servers on the internet. A lot of data in fact, which is why it must be automated. We automated this in the past using a coldfusion server but this solution has proven unstable which is why we are looking into other methods.
Currently I'm looking at "curl", "wget" and other command line FTP clients. The built-in windows ftp command line client would have been nice and simple. However the problem is the proxy used by the company network, the built-in Windows FTP.EXE<ftp://ftp.exe/> doesn't support proxies at all, curl and wget do but curl runs into a problem :

To illustrate the problem :
D:\smth>curl.exe ftp://upload-2.cdn.farm.net:21<ftp://upload-2.cdn.streamfarm.net/> --proxytunnel --config "credentials4ftp.txt" --config "credentials4proxy.txt" --disable-epsv -v -l
* About to connect() to proxy 158.169.9.13 port 8012 (#0)
* Trying 158.169.9.13...
* Connected to 158.169.9.13 (158.169.9.13) port 8012 (#0)
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:21
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:21 HTTP/1.1
> Host: upload-2.cdn.farm.net:21
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 1 of 700 allowed.
< 220-Local time is now 10:47. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> USER ftpuser
< 331 User ftpuser OK. Password required
> PASS ftppassword
< 230-User ftpuser has group access to: ftpgroup
< 230-This server supports FXP transfers
< 230 OK. Current restricted directory is /
> PWD
< 257 "/" is your current location
* Entry path is '/'
> PASV
* Connect data stream passively
< 227 Entering Passive Mode (195,123,248,70,233,112)
* Trying 158.169.9.13...
* Connecting to 195.122.138.70 (158.169.9.13) port 8012
* Establish HTTP proxy tunnel to 195.122.138.70:59760
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
* Send failure: Socket is not connected
* Failed sending CONNECT to proxy
* Failure sending ABOR command: Failed sending data to the peer
* Closing connection 0
curl: (55) Send failure: Socket is not connected

D:\Smth>
As you can see it doesn't succeed in setting up the connection for the data transfer.

However I can see that filezilla does manage to do pass through the proxy using the exact same commands (sorry about the dutch)

Status: Verbinden met upload-2.cdn.farm.net via proxy
Status: Verbinden met 158.169.9.13:8012...
Status: Verbinding met proxy aangemaakt, handschudden...
Antwoord: Proxy-antwoord: HTTP/1.1 200 Connection established
Status: Verbinding aangemaakt, welkomstbericht afwachten...
Antwoord: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Antwoord: 220-You are user number 1 of 700 allowed.
Antwoord: 220-Local time is now 10:28. Server port: 21.
Antwoord: 220-This is a private system - No anonymous login
Antwoord: 220-IPv6 connections are also welcome on this server.
Antwoord: 220 You will be disconnected after 15 minutes of inactivity.
Commando: USER ftpuser
Antwoord: 331 User ftpuser OK. Password required
Commando: PASS **************
Antwoord: 230-User ftpuser has group access to: kn
Antwoord: 230-This server supports FXP transfers
Antwoord: 230 OK. Current restricted directory is /
Commando: SYST
Antwoord: 215 UNIX Type: L8
Commando: FEAT
Antwoord: 211-Extensions supported:
Antwoord: EPRT
Antwoord: IDLE
Antwoord: MDTM
Antwoord: SIZE
Antwoord: REST STREAM
Antwoord: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Antwoord: MLSD
Antwoord: TVFS
Antwoord: ESTP
Antwoord: PASV
Antwoord: EPSV
Antwoord: SPSV
Antwoord: ESTA
Antwoord: AUTH TLS
Antwoord: PBSZ
Antwoord: PROT
Antwoord: 211 End.
Status: Verbonden
Status: Mappenlijst ophalen...
Commando: PWD
Antwoord: 257 "/" is your current location
Commando: TYPE I
Antwoord: 200 TYPE is now 8-bit binary
Commando: PASV
Antwoord: 227 Entering Passive Mode (195,123,248,70,222,116)
Commando: MLSD
Status: Verbinden met 158.169.9.13:8012...
Status: Verbinding met proxy aangemaakt, handschudden...
Antwoord: Proxy-antwoord: HTTP/1.1 200 Connection established
Antwoord: 150 Accepted data connection
Antwoord: 226-ASCII
Antwoord: 226-Options: -l
Antwoord: 226 4 matches total
Status: Mappenlijst succesvol ontvangen
In both cases the goal of the request is a simple directory listing.

As you can see filezilla is configured in an identical way to use the proxy : http1.1 and passive mode with a fixed proxy IP address.

Now, the good news is I think the solved the problem. I got the following reply from our helpdesk :

It is working with the following syntax… therefore it is not a proxy issue.
Have a nice day
EN secem…

~# curl --proxy "http://proxyuser:******@psbru-vip-ace.snmc.cec.eu.int:8012<http://vanhayu:******@psbru-vip-ace.snmc.cec.eu.int:8012/>" --ftp-pasv --proxytunnel 'ftp://ftpuser:ftppassword@upload-2.cdn.farm.net:21' -v
* About to connect() to proxy psbru-vip-ace.snmc.cec.eu.int port 8012 (#0)
* Trying 147.67.138.13... connected
* Connected to psbru-vip-ace.snmc.cec.eu.int (147.67.138.13) port 8012 (#0)
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:21
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:21 HTTP/1.1
> Host: upload-2.cdn.farm.net:21
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 1 of 700 allowed.
< 220-Local time is now 08:51. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> USER ftpuser
< 331 User ftpuser OK. Password required
> PASS ftppassword
< 230-User ftpuser has group access to: ftpgroup
< 230-This server supports FXP transfers
< 230 OK. Current restricted directory is /
> PWD
< 257 "/" is your current location
* Entry path is '/'
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||57352|)
* Trying 147.67.138.13... connected
* Connecting to upload-2.cdn.farm.net (147.67.138.13) port 8012
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:57352
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:57352 HTTP/1.1
> Host: upload-2.cdn.farm.net:57352
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
> TYPE A
< 200 TYPE is now ASCII
> LIST
< 150 Accepted data connection
* Maxdownload = -1
drwxrwxr-x 3 2427 ftpgroup 22 Jul 12 09:31 For_EP
drwxrwxr-x 3 2427 ftpgroup 27 May 13 12:25 For_EUCouncil
drwxrwxr-x 5 2427 ftpgroup 61 Feb 2 2012 From_Commission
drwxrwxr-x 9 2427 ftpgroup 112 Sep 4 06:19 To_Commission
* Remembering we are in dir ""
< 226-Options: -l
< 226 4 matches total
* Connection #0 to host psbru-vip-ace.snmc.cec.eu.int left intact
> QUIT
< 221-Goodbye. You uploaded 0 and downloaded 0 kbytes.
< 221 Logout.
* Closing connection #0
As you can see for the helpdesk it simply worked.

I copy pasted the code :
> curl --proxy "http://proxyuser:******@psbru-vip-ace.snmc.cec.eu.int:8012<http://vanhayu:******@psbru-vip-ace.snmc.cec.eu.int:8012/>" --ftp-pasv --proxytunnel 'ftp://ftpuser:ftppassword@upload-2.cdn.farm.net:21' -v
* Protocol 'ftp not supported or disabled in libcurl
* Closing connection -1
curl: (1) Protocol 'ftp not supported or disabled in libcurl


so without the single quotes - which Windows doesn't understand properly :
> curl --proxy "http://proxyuser:*****@psbru-vip-ace.snmc.cec.eu.int:8012<http://vanhayu:*****@psbru-vip-ace.snmc.cec.eu.int:8012/>" --ftp-pasv --proxytunnel ftp://ftpuser:sub4ebsplu<ftp://14005ebs1:sub4ebsplu>s!@upload-2.cdn.farm.net:21<mailto:sub4ebsplus!@upload-2.cdn.streamfarm.net:21> -v
* About to connect() to proxy psbru-vip-ace.snmc.cec.eu.int port 8012 (#0)
* Trying 147.67.138.13...
* Connected to psbru-vip-ace.snmc.cec.eu.int (147.67.138.13) port 8012 (#0)
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:21
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:21 HTTP/1.1
> Host: upload-2.cdn.farm.net:21
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 1 of 700 allowed.
< 220-Local time is now 11:18. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> USER ftpuser
< 331 User ftpuser OK. Password required
> PASS ftppassword
< 230-User ftpuser has group access to: ftpgroup
< 230-This server supports FXP transfers
< 230 OK. Current restricted directory is /
> PWD
< 257 "/" is your current location
* Entry path is '/'
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||58841|)
* Trying 147.67.138.13...
* Connecting to upload-2.cdn.farm.net (147.67.138.13) port 8012
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:58841
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
* Send failure: Socket is not connected
* Failed sending CONNECT to proxy
* Failure sending ABOR command: Failed sending data to the peer
* Closing connection 0
curl: (55) Send failure: Socket is not connected


I tried it several times (since even with my own approach it "sometimes" works) and out of five times it gave me this once :
> curl --proxy "http://proxyuser:proxypassword@psbru-vip-ace.snmc.cec.eu.int:8012" --ftp-pasv --proxytunnel ftp://ftpuser:ftppassword@upload-2.cdn.farm.net:21 -v
* About to connect() to proxy psbru-vip-ace.snmc.cec.eu.int port 8012 (#0)
* Trying 147.67.138.13...
* Connected to psbru-vip-ace.snmc.cec.eu.int (147.67.138.13) port 8012 (#0)
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:21
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:21 HTTP/1.1
> Host: upload-2.cdn.farm.net:21
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.29.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 503 Service Unavailable
< Cache-Control: no-cache
< Pragma: no-cache
< Content-Type: text/html; charset=utf-8
< Proxy-Connection: close
< Connection: close
< Content-Length: 786
<
* Received HTTP code 503 from proxy after CONNECT
* Connection #0 to host psbru-vip-ace.snmc.cec.eu.int left intact
curl: (56) Received HTTP code 503 from proxy after CONNECT


The only difference I could see so far:
> User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6
> User-Agent: curl/7.27.0
> User-Agent: curl/7.29.0

and of course that the helpdesk is working in a *nix environment. So I did the same in an Ubuntu machine where I installed curl using apt-get.
~$ curl --proxy "http://proxyuser:proxypassword@psbru-vip-ace.snmc.cec.eu.int:8012<http://vanhayu:publ%7CW0rk@psbru-vip-ace.snmc.cec.eu.int:8012/>" --ftp-pasv --proxytunnel 'ftp://ftpuser:ftppassword@upload-2.cdn.farm.net:21' -v
* About to connect() to proxy psbru-vip-ace.snmc.cec.eu.int port 8012 (#0)
* Trying 147.67.138.13...
* connected
* Connected to psbru-vip-ace.snmc.cec.eu.int (147.67.138.13) port 8012 (#0)
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:21
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:21 HTTP/1.1
> Host: upload-2.cdn.farm.net:21
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.27.0
> Proxy-Connection: Keep-Alive
>
* Easy mode waiting response from proxy CONNECT
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
* FTP 0xb45f58 state change from STOP to WAIT220
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 2 of 700 allowed.
< 220-Local time is now 11:42. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> USER ftpuser
* FTP 0xb45f58 state change from WAIT220 to USER
< 331 User ftpuser OK. Password required
> PASS ftppassword
* FTP 0xb45f58 state change from USER to PASS
< 230-User ftpuser has group access to: ftpgroup
< 230-This server supports FXP transfers
< 230 OK. Current restricted directory is /
> PWD
* FTP 0xb45f58 state change from PASS to PWD
< 257 "/" is your current location
* Entry path is '/'
* FTP 0xb45f58 state change from PWD to STOP
* protocol connect phase DONE
* DO phase starts
> EPSV
* FTP 0xb45f58 state change from STOP to PASV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||58347|)
* Trying 147.67.138.13...
* connected
* Connecting to upload-2.cdn.farm.net (147.67.138.13) port 8012
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:58347
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:58347 HTTP/1.1
> Host: upload-2.cdn.farm.net:58347
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.27.0
> Proxy-Connection: Keep-Alive
>
* Easy mode waiting response from proxy CONNECT
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
* FTP 0xb45f58 state change from PASV to STOP
* DO phase is complete
> TYPE A
* FTP 0xb45f58 state change from STOP to LIST_TYPE
< 200 TYPE is now ASCII
> LIST
* FTP 0xb45f58 state change from LIST_TYPE to LIST
< 150 Accepted data connection
* Maxdownload = -1
* FTP 0xb45f58 state change from LIST to STOP
* DO-MORE phase ends with 0
drwxrwxr-x 3 2427 ftpgroup 22 Jul 12 09:31 For_EP
drwxrwxr-x 3 2427 ftpgroup 27 May 13 12:25 For_EUCouncil
drwxrwxr-x 5 2427 ftpgroup 61 Feb 2 2012 From_Commission
drwxrwxr-x 9 2427 ftpgroup 112 Sep 4 08:54 To_Commission
* nread <= 0, server closed connection, bailing
* Remembering we are in dir ""
< 226-Options: -l
< 226 4 matches total
* Connection #0 to host psbru-vip-ace.snmc.cec.eu.int left intact
> QUIT
* FTP 0xb45f58 state change from STOP to QUIT
< 221-Goodbye. You uploaded 0 and downloaded 0 kbytes.
< 221 Logout.
* FTP 0xb45f58 state change from QUIT to STOP
* Closing connection #0

Great, so it's working! But I need it to work under Windows, so I looked up an old version, Version 7.19.5 (18 May 2009) and extracted that on my Windows box.

D:\smth\cURL win32\Extracted\old 7.19.5\curl-7.19.5>curl --proxy "http://proxyuser:proxypassword@psbru-vip-ace.snmc.cec.eu.int:8012<http://vanhayu:publ%7CW0rk@psbru-vip-ace.snmc.cec.eu.int:8012/>" --ftp-pasv --proxytunnel ftp
://ftpuser:ftppassword_at_upload-2.cdn.farm.net:21 -v
* About to connect() to proxy psbru-vip-ace.snmc.cec.eu.int port 8012 (#0)
* Trying 147.67.138.13... connected
* Connected to psbru-vip-ace.snmc.cec.eu.int (147.67.138.13) port 8012 (#0)
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:21
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:21 HTTP/1.1
> Host: upload-2.cdn.farm.net:21
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.19.5 (i586-pc-mingw32msvc) libcurl/7.19.5 zlib/1.2.3
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 2 of 700 allowed.
< 220-Local time is now 12:23. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> USER ftpuser
< 331 User ftpuser OK. Password required
> PASS ftppassword
< 230-User ftpuser has group access to: ftpgroup
< 230-This server supports FXP transfers
< 230 OK. Current restricted directory is /
> PWD
< 257 "/" is your current location
* Entry path is '/'
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||59362|)
* Trying 147.67.138.13... connected
* Connecting to upload-2.cdn.farm.net (147.67.138.13) port 8012
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:59362
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:59362 HTTP/1.1
> Host: upload-2.cdn.farm.net:59362
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.19.5 (i586-pc-mingw32msvc) libcurl/7.19.5 zlib/1.2.3
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
> TYPE A
< 200 TYPE is now ASCII
> LIST
< 150 Accepted data connection
* Maxdownload = -1
drwxrwxr-x 3 2427 ftpgroup 22 Jul 12 09:31 For_EP
drwxrwxr-x 3 2427 ftpgroup 27 May 13 12:25 For_EUCouncil
drwxrwxr-x 5 2427 ftpgroup 61 Feb 2 2012 From_Commission
drwxrwxr-x 9 2427 ftpgroup 112 Sep 4 09:25 To_Commission
* Remembering we are in dir ""
< 226-Options: -l
< 226 4 matches total
* Connection #0 to host psbru-vip-ace.snmc.cec.eu.int left intact
> QUIT
< 221-Goodbye. You uploaded 0 and downloaded 0 kbytes.
< 221 Logout.
* Closing connection #0

Excellent! Problem solved! But this is an old version from 2009… what's going on here? I tried several times to make sure it wasn't a lucky shot – in one percent of my attempts with the first request and curl 7.29.0 it did work, but most of the time it didn't. So perhaps a newer version already fixed the bug? Let's try :

D:\smth\cURL win32\Extracted\curl-7.32.0-rtmp-ssh2-ssl-sspi-zlib-idn-static-bin-w32>curl --proxy "http://proxyuser:proxypassword@psbru-vip-ace.snmc.cec.eu.int:80<http://vanhayu:publ%7CW0rk@psbru-vip-ace.snmc.cec.eu.int/>
12" --ftp-pasv --proxytunnel ftp://ftpuser:ftppassword@upload-2.cdn.farm.net:21<ftp://14005ebs1:sub4ebsplus!@upload-2.cdn.streamfarm.net/> -v
* Rebuilt URL to: ftp://ftpuser:ftppassword@upload-2.cdn.farm.net:21/<ftp://14005ebs1:sub4ebsplus!@upload-2.cdn.streamfarm.net/>
* Adding handle: conn: 0xcbb6a0
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0xcbb6a0) send_pipe: 1, recv_pipe: 0
* About to connect() to proxy psbru-vip-ace.snmc.cec.eu.int port 8012 (#0)
* Trying 147.67.138.13...
* Connected to psbru-vip-ace.snmc.cec.eu.int (147.67.138.13) port 8012 (#0)
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:21
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
> CONNECT upload-2.cdn.farm.net:21 HTTP/1.1
> Host: upload-2.cdn.farm.net:21
> Proxy-Authorization: Basic dmFuaGF5dTpwdWJsfFcwcms=
> User-Agent: curl/7.32.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied OK to CONNECT request
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 4 of 700 allowed.
< 220-Local time is now 12:44. Server port: 21.
< 220-This is a private system - No anonymous login
< 220-IPv6 connections are also welcome on this server.
< 220 You will be disconnected after 15 minutes of inactivity.
> USER ftpuser
< 331 User ftpuser OK. Password required
> PASS ftppassword
< 230-User ftpuser has group access to: ftpgroup
< 230-This server supports FXP transfers
< 230 OK. Current restricted directory is /
> PWD
< 257 "/" is your current location
* Entry path is '/'
> EPSV
* Connect data stream passively
* ftp_perform ends with SECONDARY: 0
< 229 Entering Extended Passive Mode (|||59175|)
* Trying 147.67.138.13...
* Connecting to upload-2.cdn.farm.net (147.67.138.13) port 8012
* Establish HTTP proxy tunnel to upload-2.cdn.farm.net:59175
* Proxy auth using Basic with user 'proxyuser'
* Server auth using Basic with user 'ftpuser'
* Send failure: Socket is not connected
* Failed sending CONNECT to proxy
* Closing connection 0
curl: (55) Send failure: Socket is not connected

Sadly, no. So now I'm stuck with older versions to make things work here.

NB:Also note that I need the proxytunnel option as without it, file transfers work but I can't do things like use the create directory option. Vice versa, I can't do file transfers if I do use it - but I hope that by using an older version I can. I'm currently looking at more recent "old versions" for Win32 to try and see how high I can go before it bugs out.

Anyway, I'm assuming you will reach the same conclusion as me, that somewhere after version 2.27 and before 2.29 a change was made that breaks ftp behind http proxies. Perhaps there are some peculiar things about the proxy config here, but I hope you're already aware of the problem. Otherwise I think this counts as a new bug?

 Best regards,

Yuri VANHAEREN
PS: yes I read the netiquette, sorry about the HTML but without colours and indentation this is barely readable.
PS2: It's a different topic, but I would like to add I don't like the dotdot removal 'feature' – some of our webservices use multiple dots for other reasons then indicating paths and when we use URL rewriting, new curl mashes this up.

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2013-09-05