cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: FTPS Protocol

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 12 Dec 2001 10:12:28 +0100 (MET)

On Wed, 12 Dec 2001 rajesh.bhatia_at_baypackets.com wrote:

 Please direct future mails in this subject to the mailing list. It allows
others to join in and help, to share their ideas, contribute their suggestions
and spread their wisdom. Keeping discussions on public mailing lists also
allows for others to learn from this (both current and future users thanks to
the web based archives of the mailing list), thus saving me from having to
repeat myself even more. Thanks for respecting this.

> I have a problem connecting with an FTPS Server( I down loaded this FTPS
> Server from a site
> ftp://ftp.uni-mainz.de/pub/software/security/ssl/SSLapps/ ). You have
> written in one of your mails in the mailing list dated 2001-11-01 that you
> can interoperate with this FTPS Server.

Did I really say that? I don't think I did, and if I did I must've been
halucinating badly. I have no idea if that particular server runs the FTPS
protocol the style that curl supports.

It might though.

Does the docs for that server state anywhere what they consider the "FTPS"
protocol to be? Do they state what it requires from a client to be able to
talk to it?

> The problem is that when I connect to the the FTP Server using curl
> (command : curl --user rbhatia:abc123 --url ftps://bpsun24/tmp ) it
> reports an error message

> curl: (35) SSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> protocol.

You mean immediately on the initial connect? Well, it seems to have a problem
with the 2-3 selection. Did you try to specify either -2 or -3 to force curl
into using a specific SSL protocol version?

Use -v and include as much of the output as possible (and that seems
suitable) for us to see.

> Curl works fine with a normal ftp server.

Plain ftp is easier to deal with, in many aspects.

> Also the given FTPS Server is able to connect to its own FTP Client.

Unfortunately, that doesn't help us very much unless you dig into their code
and check for the differences in how that connects and how curl connects.

> I have another question . As FTPS is not a standard protocol can curl be
> used to connect to a different implementation of FTPS Protocol.

That's really not a question that is possible to answer. FTPS is not a
standard protocol, no, but there really can't be that many different ways one
can possibly implement FTP with SSL (assuming that the S is for SSL). The
FTPS code in curl was added mostly for the fun of it, and because it was dead
easy to add and it required almost no extra code.

Curl handles FTPS with SSL for the control-connection and the data-connection
unencrypted. If the server requires/want SSL for the data transfer as well,
well then curl is gonna fail.

Again, adding source code to make curl support any such "dual-SSL" FTPS
server is not hard. It just takes for someone to take some time, study some
of the existing code and do some copy-n-paste programming.

-- 
    Daniel Stenberg -- curl groks URLs -- http://curl.haxx.se/
Received on 2001-12-12