Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: Unknown SSL protocol error

From: Winslow, Dave - OJA <Dave.Winslow_at_wisconsin.gov>
Date: Tue, 15 Aug 2006 12:52:29 -0500

Dan Stenberg wrote:

> Well clearly the server doesn't negotiate a proper SSL connection.
> Perhaps this is because curl sends AUTH SSL (and not AUTH TLS which
> it only sends if AUTH SSL fails). You could test my theory by setting
> CURLOPT_FTPSSLAUTH to CURLFTPAUTH_TLS.

Dan - I tried setting CURLOPT_FTPSSLAUTH to CURLFTPAUTH_TLS
in my script and instead of line 09 saying AUTH SSL it said AUTH TLS.
The rest of the output went exactly the same including the unknown
SSL protocol error after opening a data connection.

08 < 220 SSL X2 WS_FTP Server 5.0.4 (1799941883)
09 > AUTH TLS
10 < 234 SSL enabled and waiting for negotiation

53 < 150 Opening BINARY data connection for jimL.txt
54 * Doing the SSL/TLS handshake on the data stream
... lines omitted
59 * Unknown SSL protocol error in connection to
doaftp01.doa.state.wi.us:21

I also tried running this script on Windows XP but with a slightly older
version of pycurl and libcurl: here's information from version_info
  (2, '7.13.2', 462082, 'i386-pc-win32', 3740, 'OpenSSL/0.9.7g',
9465983,
  '1.2.2', ('ftp', 'gopher', 'telnet', 'dict', 'ldap', 'http', 'file',
  'https', 'ftps'), '1.2.2-20050411', 66050, '0.5.15')

The results were the same - Unknown SSL protocol error.

So, if I understand you then, you think that the WS_FTP Server (version
5.0.4) is not set up correctly?

Thanks for your help Dan

Dave

-----Original Message-----
From: curl-library-bounces_at_cool.haxx.se
[mailto:curl-library-bounces_at_cool.haxx.se] On Behalf Of Daniel Stenberg
Sent: Tuesday, August 15, 2006 11:58 AM
To: libcurl development
Cc: Wessel, Ken - OJA; Chawla, Yogesh - OJA; Lookabaugh, Jim - OJA
Subject: Re: Unknown SSL protocol error

On Tue, 15 Aug 2006, Winslow, Dave - OJA wrote:

> 08 < 220 SSL X2 WS_FTP Server 5.0.4 (1799941883)
> 09 > AUTH SSL
> 10 < 234 SSL enabled and waiting for negotiation

...

> 54 * Doing the SSL/TLS handshake on the data stream

> 59 * Unknown SSL protocol error in connection to
doaftp01.doa.state.wi.us:21

Well clearly the server doesn't negotiate a proper SSL connection.
Perhaps
this is because curl sends AUTH SSL (and not AUTH TLS which it only
sends if
AUTH SSL fails). You could test my theory by setting CURLOPT_FTPSSLAUTH
to
CURLFTPAUTH_TLS. 

-- 
  Commercial curl and libcurl Technical Support:
http://haxx.se/curl.html
Received on 2006-08-15