cURL
Haxx ad
libcurl

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-library Mailing List Archives

Re: forcing TLS FTP

From: Daniel Stenberg <daniel-curl_at_haxx.se>
Date: Sat, 2 Apr 2005 22:52:52 +0200 (CEST)

On Sat, 2 Apr 2005, Ivan Makale wrote:

> I'm trying SSL-TLS FTP with the curl library. Now I need to understand
> better if I can force TLS (for now only server authentication).

It depends slightly on what you mean with "force TLS" ?

> From the documentation, I understand that
>
> curl_easy_setopt(curl, CURLOPT_FTPSSLAUTH, CURLFTPAUTH_TLS);
>
> makes curl try first TLS and, if it fails, SSL in a second trial.

... as parameter to the AUTH function sent to the FTP server, yes. It does not
control the actual secure layer version (SSL or TLS) or anything.

> If I add the option
>
> curl_easy_setopt(curl, CURLOPT_SSLVERSION, 1);
>
> does it force TLS, disabling the SSL second trial? If not, are there any
> other ways to do it?

I recommend using CURL_SSLVERSION_TLSv1 instead of '1'.

But yes, that'll make OpenSSL assume and use TLSv1 when negotiating the secure
transport.

The "SSL second trial" is FTP-protocol oriented while CURLOPT_SSLVERSION is
SSL-protocol oriented, so CURLOPT_SSLVERSION does not disable "AUTH SSL" if
"AUTH TLS" fails.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Received on 2005-04-02

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET