cURL / Mailing Lists / curl-library / Single Mail

curl-library

Problem with ftp + ssl

From: Jaromír Fulín <fulin_at_atal.cz>
Date: Tue, 09 Mar 2010 14:52:48 +0100

Hello everyone,

I have problem with a connection to ftps server. I am trying to use
libcurl in my project (MS Visual Studio under win XP). My very simply
source code downloads one file from ftp with using SSL. SSL is explicit
on ftp server. I read the manual and I have tried all possible
combinations of flags but it is not working still. I have no idea where
I have a bug or a problem. Could someone help me to solve my problem,
please? I am using libcurl ver. 7.20.0. on WinXP.

So my code:

//--------------------------------
struct FtpFile {
   const char *filename;
   FILE *stream;
};

static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, void
*stream)
{
   struct FtpFile *out=(struct FtpFile *)stream;
   if(out && !out->stream) {
     out->stream=fopen(out->filename, "wb");
     if(!out->stream)
       return -1; /* failure, can't open file to write */
   }
   return fwrite(buffer, size, nmemb, out->stream);
}

int main(void)
{
   CURL *curl;
   CURLcode res;

   struct FtpFile ftpfile = {"MyPokus2.txt", NULL};

   curl_global_init(CURL_GLOBAL_ALL);

   curl = curl_easy_init();
   if(curl)
   {
     curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite);

     curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ftpfile);

     curl_easy_setopt(curl, CURLOPT_URL, "ftp://192.168.2.201/test.txt");
     curl_easy_setopt(curl, CURLOPT_USE_SSL, CURLUSESSL_ALL);
     curl_easy_setopt(curl, CURLOPT_FTPSSLAUTH, CURLFTPAUTH_SSL);
     curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
     curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);

     curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);

     res = curl_easy_perform(curl);

     curl_easy_cleanup(curl);

     if(CURLE_OK != res) {
       /* we failed */
       fprintf(stderr, "curl told us %d\n", res);
     }
   }

   if(ftpfile.stream)
     fclose(ftpfile.stream); /* close the local file */

   curl_global_cleanup();

   _getch();
   return 0;
}
//-----------------------------------
After run this my program I get next output:

//------------------------------------
* About to connect() to 192.168.2.201 port 21 (#0)
* Trying 192.168.2.201... * connected
* Connected to 192.168.2.201 (192.168.2.201) port 21 (#0)
< 220 Welcome to Ubuntu FTP service on Atal test machine.
> AUTH SSL
< 234 Proceed with negotiation.
* Closing connection #0
* Failed initialization
curl told us 2
//---------------------------------

If I try same operation in command line with command "curl -k -o
c:\temp\test2.txt -u test:test --ssl ftp://192.168.2.201/test.txt" it
works fine and without problems. The file is downloaded OK. In console
there is report below:

//------------------------------------
* About to connect() to 192.168.2.201 port 21 (#0)
* Connected to 192.168.2.201 (192.168.2.201) port 21 (#0)
< 220 Welcome to Ubuntu FTP service on Atal test machine.
> AUTH SSL
< 234 Proceed with negotiation.
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Request CERT (13):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
} [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using DES-CBC3-SHA
* Server certificate:
* subject: CN=ubuntu
* start date: 2010-02-22 14:42:31 GMT
* expire date: 2020-02-20 14:42:31 GMT
* common name: ubuntu (does not match '192.168.2.201')
* issuer: CN=ubuntu
* SSL certificate verify result: self signed certificate (18),
continuing anyway.
> USER atal
< 331 Please specify the password.
> PASS atal
< 230 Login successful.
> PBSZ 0
< 200 PBSZ set to 0.
> PROT P
< 200 PROT now Private.
> PWD
< 257 "/"
* Entry path is '/'
> EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||15761|).
* Trying 192.168.2.201... connected
* Connecting to 192.168.2.201 (192.168.2.201) port 15761
> TYPE I
< 200 Switching to Binary mode.
> SIZE test.txt
< 213 3286
> RETR test.txt
< 150 Opening BINARY mode data connection for test.txt (3286 bytes).
* Doing the SSL/TLS handshake on the data stream
* SSL re-using session ID
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSL connection using DES-CBC3-SHA
* Server certificate:
* subject: CN=ubuntu
* start date: 2010-02-22 14:42:31 GMT
* expire date: 2020-02-20 14:42:31 GMT
* common name: ubuntu (does not match '192.168.2.201')
* issuer: CN=ubuntu
* SSL certificate verify result: self signed certificate (18),
continuing anyway.
* Maxdownload = -1
* Getting file with size: 3286
{ [data not shown]
* Remembering we are in dir ""
* SSLv3, TLS alert, Client hello (1):
} [data not shown]
< 226 File send OK.
> QUIT
< 221 Goodbye.
* Closing connection #0
//-------------------------------------

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-03-09