cURL / Mailing Lists / curl-library / Single Mail


Re: FTPS problems

From: Gisle Vanem <>
Date: Tue, 2 Dec 2003 13:04:41 +0100

"Daniel Stenberg" <> said:

> curl issues a 'AUTH TSL' command (lib/ftp.c:487) and expects a 234 response
> for success. I guess we should try a 'AUTH SSL' with a 334 response as a
> backup plan if the TSL version fails. Can you see if that makes any
> difference?

I tried it and got much further. It passes the login, PASV and RETR:

> curl.exe -qvvk --trace-ascii - ftps://guest:***@

0000: 227 Entering Passive Mode (195,56,193,26,129,18)
== Info: About to connect() to port 33042
== Info: Connecting to ( port 33042
== Info: Connected the data stream with PASV!
=> Send header, 8 bytes (0x8)
0000: TYPE I
<= Recv header, 20 bytes (0x14)
0000: 200 Type set to I.
=> Send header, 14 bytes (0xe)
0000: SIZE .bashrc
<= Recv header, 10 bytes (0xa)
0000: 213 1263
=> Send header, 14 bytes (0xe)
0000: RETR .bashrc
<= Recv header, 69 bytes (0x45)
0000: 150 Opening BINARY mode data connection for '.bashrc' (1263 byte
0040: s).
== Info: Doing the SSL/TSL handshake on the data stream
== Info: successfully set certificate verify locations:
== Info: CAfile: G:/MingW32/src/inet/curl-7.11.0/lib/ca-bundle.crt
  CApath: none
== Info: SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol


I set 'conn->ssl[SECONDARYSOCKET].use = FALSE' so I don't know
why it's doing SSL/TLS here (btw. a few typos in ftp.c).

My patch attached. But I don't know if I broke the FIRSTSOCKET
SECONDARYSOCKET stuff. It looked a bit messy.

BTW. I normally use "--ftp-port -" in my _curlrc, but my FW can't
change the PORT args (obviously duh!). So how do I revert to PASV
w/o using no-config option '-q' ?.


This email is sponsored by: Giveback Program.
Does help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here:

  • application/octet-stream attachment: ftp.diff
Received on 2003-12-02