curl-library
FTPS: curllib does not use PROT C
Date: Mon, 6 Mar 2006 13:57:49 +0100
I have problems using the option CURLOPT_FTP_SSL. I set the option to
CURLFTPSSL_CONTROL and noticed that data and control channel are
encrypted. So there is no difference between the options
CURLFTPSSL_CONTROL and CURLFTPSSL_ALL.
Both are using the FTP command "PROT P". Option CURLFTPSSL_CONTROL
should use "PROT C" and open an unencrypted data channel. I noticed the
problem while the CPU usage did increase dramaticaly on connections which
should encrpyt the control channel only (for password encryption).
Here is the example program I used:
#include <stdio.h>
#include <curl/curl.h>
#include <curl/types.h>
#include <curl/easy.h>
int main(void)
{
CURL *curl;
CURLcode res;
curl_global_init(CURL_GLOBAL_DEFAULT);
curl = curl_easy_init();
if(curl) {
/*
* Get curl 7.9.2 from sunet.se's FTP site. curl 7.9.2 is most
likely not
* present there by the time you read this, so you'd better replace
the
* URL with one that works!
*/
curl_easy_setopt(curl, CURLOPT_URL,
"ftp://10.0.0.100/");
/* Define our callback to get called when there's data to be written
*/
/* Set a pointer to our struct to pass to the callback */
/* Switch on full protocol/debug output */
curl_easy_setopt(curl, CURLOPT_VERBOSE, TRUE);
curl_easy_setopt(curl, CURLOPT_FTP_SSL, CURLFTPSSL_CONTROL);
curl_easy_setopt(curl, CURLOPT_FTPSSLAUTH,CURLFTPAUTH_TLS);
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE );
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, FALSE);
res = curl_easy_perform(curl);
/* always cleanup */
curl_easy_cleanup(curl);
if(CURLE_OK != res) {
/* we failed */
fprintf(stderr, "curl told us %d\n", res);
}
}
curl_global_cleanup();
return 0;
}
And here relevant part of the output:
> PBSZ 0
< 200 PBSZ 0 successful
> PROT P
< 200 Protection set to Private
> PWD
< 257 "/" is current directory.
* Entry path is '/'
> EPSV
I'm using libcurl 7.15.1 on AIX 5.3
Best regards
Peter Heuchert
Received on 2006-03-06