cURL / Mailing Lists / curl-users / Single Mail

curl-users

Explicit FTP upload with encrypted data channel block on STOR

From: Denis Sacchet <ouba_at_ouba.org>
Date: Sat, 22 Aug 2009 11:51:43 +0200

Hello,

On the server side I have a Pure-FTPD 1.22 server configured with -Y 3
(force tls for command and data channels).

On the client side, I made some upload tests with FileZilla 3.2.2.1 and
Curl 7.18.2. Please find attached the trace for both sessions.

Here is the command line I use with Curl to try to upload a file :

curl -v -T video ftp://<server>/htdocs/wp-content/uploads/2009/09/
--ftp-create-dirs --user <user>:<pass> --ftp-ssl-reqd -k --disable-epsv

It appears that everything on the command channel is working, and
nothing on the data channel. To verify that, I try :

curl -v ftp://<server>/htdocs/wp-content/uploads/2009/09/file --user
<user>:<pass> --ftp-ssl-reqd -k --disable-epsv

In both cases, it blocks on STOR and RETR command (which use data channel).

For options used on the command line, I put the -k because it is a self
signed certificate, I put --disable-epsv to be in the same case as with
filezilla (put without it is exactly the same thing), it works if I pass
pure-ftpd in -Y 2 mode (force tls only for command channel, clear data
channel).

Please help, I have no more idea !!!

Thanks in advance

Best regards

Denis Sacchet

-- 
Denis Sacchet aka. Ouba                     ("`-/")_.-'"``-._
                                             . . `; -._    )-;-,_`)
"Computers are like air conditionners       (v_,)'  _  )`-.\  ``-'
They stop working properly when you        _.- _..-_/ / ((.'
open Windows !!!"                        ((,.-'   ((,/

* About to connect() to <SERVER> port 21 (#0)
* Trying <IP>... connected
* Connected to <SERVER> (<IP>) port 21 (#0)
< 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
< 220-You are user number 1 of 3 allowed.
< 220-Local time is now 11:42. Server port: 21.
< 220-This is a private system - No anonymous login
< 220 You will be disconnected after 15 minutes of inactivity.
> AUTH SSL
< 500 This security scheme is not implemented
> AUTH TLS
< 234 AUTH TLS OK.
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS handshake, Unknown (4):
{ [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using AES256-SHA
* Server certificate:
* subject: /C=FR/ST=Lorraine/L=Ludres/O=Sacchet Delphine/OU=ZaaS/CN=*.zaas.fr
* start date: 2009-04-09 00:00:00 GMT
* expire date: 2010-04-13 23:59:59 GMT
* common name: *.zaas.fr (matched)
* issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global CA
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> USER <USER>
< 331 User <USER> OK. Password required
> PASS <PASS>
< 230-User <USER> has group access to: <GROUP>
< 230 OK. Current restricted directory is /
> PBSZ 0
< 200 PBSZ=0
> PROT P
< 200 Data protection level set to "private"
> PWD
< 257 "/" is your current location
* Entry path is '/'
> CWD htdocs
< 250 OK. Current directory is /htdocs
> CWD wp-content
< 250 OK. Current directory is /htdocs/wp-content
> CWD uploads
< 250 OK. Current directory is /htdocs/wp-content/uploads
> CWD 2009
< 250 OK. Current directory is /htdocs/wp-content/uploads/2009
> CWD 09
< 550 Can't change directory to 09: No such file or directory
> MKD 09
< 257 "09" : The directory was successfully created
> CWD 09
< 250 OK. Current directory is /htdocs/wp-content/uploads/2009/09
> PASV
* Connect data stream passively
< 227 Entering Passive Mode (<IP>,192,2)
* Trying <IP>... connected
* Connecting to <IP> (<IP>) port 49154
> TYPE I
< 200 TYPE is now 8-bit binary
> STOR video
^C

Satut: Résolution de l'adresse de <SERVER>
Statut: Connexion à <IP>:21...
Statut: Connexion établie, attente du message d'accueil...
Réponse: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Réponse: 220-You are user number 1 of 3 allowed.
Réponse: 220-Local time is now 11:44. Server port: 21.
Réponse: 220-This is a private system - No anonymous login
Réponse: 220 You will be disconnected after 15 minutes of inactivity.
Commande: AUTH TLS
Réponse: 234 AUTH TLS OK.
Statut: Initialisation TLS...
Statut: Vérification du certificat...
Commande: USER <USER>
Statut: Connexion TLS/SSL établie.
Réponse: 331 User <USER> OK. Password required
Commande: PASS ********************
Réponse: 230-User <USER> has group access to: <GROUP>
Réponse: 230 OK. Current restricted directory is /
Commande: OPTS UTF8 ON
Réponse: 200 OK, UTF-8 enabled
Commande: PBSZ 0
Réponse: 200 PBSZ=0
Commande: PROT P
Réponse: 200 Data protection level set to "private"
Statut: Connecté
Statut: Récupération du contenu du dossier...
Commande: PWD
Réponse: 257 "/" is your current location
Statut: Succès de la lecture du contenu du dossier
Statut: Récupération du contenu du dossier...
Commande: CWD htdocs
Réponse: 250 OK. Current directory is /htdocs
Commande: PWD
Réponse: 257 "/htdocs" is your current location
Commande: TYPE I
Réponse: 200 TYPE is now 8-bit binary
Commande: PASV
Réponse: 227 Entering Passive Mode (<IP>,192,1)
Commande: LIST
Réponse: 150 Accepted data connection
Réponse: 226-ASCII
Réponse: 226-Options: -l
Réponse: 226 27 matches total
Statut: Succès de la lecture du contenu du dossier
Statut: Récupération du contenu du dossier...
Commande: CWD wp-content
Réponse: 250 OK. Current directory is /htdocs/wp-content
Commande: PWD
Réponse: 257 "/htdocs/wp-content" is your current location
Commande: PASV
Réponse: 227 Entering Passive Mode (<IP>,192,3)
Commande: LIST
Réponse: 150 Accepted data connection
Réponse: 226-ASCII
Réponse: 226-Options: -l
Réponse: 226 7 matches total
Statut: Succès de la lecture du contenu du dossier
Statut: Récupération du contenu du dossier...
Commande: CWD uploads
Réponse: 250 OK. Current directory is /htdocs/wp-content/uploads
Commande: PWD
Réponse: 257 "/htdocs/wp-content/uploads" is your current location
Commande: PASV
Réponse: 227 Entering Passive Mode (<IP>,192,5)
Commande: LIST
Réponse: 150 Accepted data connection
Réponse: 226-ASCII
Réponse: 226-Options: -l
Réponse: 226 3 matches total
Statut: Succès de la lecture du contenu du dossier
Statut: Récupération du contenu du dossier...
Commande: CWD 2009
Réponse: 250 OK. Current directory is /htdocs/wp-content/uploads/2009
Commande: PWD
Réponse: 257 "/htdocs/wp-content/uploads/2009" is your current location
Statut: Succès de la lecture du contenu du dossier
Statut: Récupération du contenu du dossier...
Commande: CWD 09
Réponse: 250 OK. Current directory is /htdocs/wp-content/uploads/2009/09
Commande: PWD
Réponse: 257 "/htdocs/wp-content/uploads/2009/09" is your current location
Statut: Succès de la lecture du contenu du dossier
Statut: Résolution de l'adresse de <SERVER>
Statut: Connexion à <IP>:21...
Statut: Connexion établie, attente du message d'accueil...
Réponse: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
Réponse: 220-You are user number 2 of 3 allowed.
Réponse: 220-Local time is now 11:44. Server port: 21.
Réponse: 220-This is a private system - No anonymous login
Réponse: 220 You will be disconnected after 15 minutes of inactivity.
Commande: AUTH TLS
Réponse: 234 AUTH TLS OK.
Statut: Initialisation TLS...
Statut: Vérification du certificat...
Commande: USER <USER>
Statut: Connexion TLS/SSL établie.
Réponse: 331 User <USER> OK. Password required
Commande: PASS ********************
Réponse: 230-User <USER> has group access to: <GROUP>
Réponse: 230 OK. Current restricted directory is /
Commande: OPTS UTF8 ON
Réponse: 200 OK, UTF-8 enabled
Commande: PBSZ 0
Réponse: 200 PBSZ=0
Commande: PROT P
Réponse: 200 Data protection level set to "private"
Statut: Connecté
Statut: Démarrage de l'envoi de /home/maison/datas/documents/Blog/Koyaba/Article 211/20090806-lezoo-001.jpg
Commande: CWD /htdocs/wp-content/uploads/2009/09
Réponse: 250 OK. Current directory is /htdocs/wp-content/uploads/2009/09
Commande: TYPE I
Réponse: 200 TYPE is now 8-bit binary
Commande: PASV
Réponse: 227 Entering Passive Mode (<IP>,192,3)
Commande: STOR 20090806-lezoo-001.jpg
Réponse: 150 Accepted data connection
Réponse: 226-File successfully transferred
Réponse: 226 2.875 seconds (measured here), 106.12 Kbytes per second
Statut: Transfert de fichier réussi
Statut: Récupération du contenu du dossier...
Commande: PASV
Réponse: 227 Entering Passive Mode (<IP>,192,3)
Commande: LIST
Réponse: 150 Accepted data connection
Réponse: 226-ASCII
Réponse: 226-Options: -l
Réponse: 226 1 matches total
Statut: Succès de la lecture du contenu du dossier

-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-08-22

This message: [ Message body ]
Next message: Lars Nilsson: "Re: Problem in curl_multi_perform while storing html content into Mysql database"
Previous message: Hemachandran: "Problem in curl_multi_perform while storing html content into Mysql database"
Next in thread: Daniel Stenberg: "Re: Explicit FTP upload with encrypted data channel block on STOR"
Reply: Daniel Stenberg: "Re: Explicit FTP upload with encrypted data channel block on STOR"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]