curl-users
how to specify SSL version 2 using curl_easy_setopt() ?
Date: Mon, 21 Apr 2014 19:21:15 -0400 (EDT)
Dear Curl'ers :
I may be mixing up some things here however I need to upload files to
an ftps site and I keep getting ye old error 35 CURLE_SSL_CONNECT_ERROR.
To be rather specific I get this from my code where I have a trace
function attached with CURLOPT_DEBUGFUNCTION to show me what is going
on in detail and I am not doing any CERT verify so therefore I have :
curl_easy_setopt ( curl, CURLOPT_SSL_VERIFYPEER, 0L );
So I am seeing this :
current time is Mon Apr 21 17:55:02 2014
START : 1398120902.122435835
== Info: Hostname was NOT found in DNS cache
== Info: Trying xxx.xxx.xxx.xxx...
== Info: Adding handle: conn: 0x100156d70
== Info: Adding handle: send: 0
== Info: Adding handle: recv: 0
== Info: Curl_addHandleToPipeline: length: 1
== Info: - Conn 0 (0x100156d70) send_pipe: 1, recv_pipe: 0
== Info: Connected to thatftps.server.com (xxx.xxx.xxx.xxx) port 21 (#0)
== Info: successfully set certificate verify locations:
== Info: CAfile: none
CApath: /usr/local/ssl/certs
== Info: SSLv3, TLS handshake, Client hello (1):
=> Send SSL data, 0000000512 bytes (0x00000200)
0000: ......_>.!....;pY._at_f..w...#n.}`1..M!......0.,.(.$.....".!.....k.
0040: j.9.8.....2...*.&.......=.5...................../.+.'.#.........
0080: ....g.@.3.2.....E.D.1.-.).%.......<./...A.......................
00c0: ............3........thatftps.server.com...........4.2..........
0100: ........................................... ....................
0140: ................................................................
0180: ................................................................
01c0: ................................................................
== Info: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol
== Info: Closing connection 0
curl_easy_perform() failed: SSL connect error
res = 35 (write_error = 0)
OKay, almost certainly a case of the wrong SSL options being used or
something similar.
I try to use the openssl command directly to see whats up and I get to
see that sslv3 won't work, however this will :
$ openssl s_client -debug -ssl2 -host thatftps.server.com -port 21
CONNECTED(00000004)
write to 0x1001ccdc0 [0x1001e8ab1] (48 bytes => 48 (0x30))
0000 - 80 2e 01 00 02 00 15 00-00 00 10 07 00 c0 05 00
................
0010 - 80 03 00 80 01 00 80 06-00 40 04 00 80 02 00 80
.........@......
0020 - 3d 97 94 35 03 f1 26 84-54 0e 8b 2a ec 01 26 e6
=..5..&.T..*..&.
read from 0x1001ccdc0 [0x1001e0a90] (2 bytes => 2 (0x2))
0000 - 32 32 22
read from 0x1001ccdc0 [0x1001e0a92] (12851 bytes => 18 (0x12))
0000 - 30 20 28 76 73 46 54 50-64 20 32 2e 30 2e 31 29 0 (vsFTPd
2.0.1)
0010 - 0d 0a ..
^C
Well that seems to tell me the remote end is a vsFTPd version 2.0.1
thing of some sort. It wants me to use sslv2 for some reason and I
don't know how to enforce that via curl_easy_setopt().
Or should I start thinking of using some other SSL lib or ??
Am open to suggestions.
Dennis
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-04-22