cURL / Mailing Lists / curl-library / Single Mail

curl-library

Curl hangs after SSL cert verify

From: Darrell Bircsak <dbircsak_at_cogentsystems.com>
Date: Thu, 9 Jun 2005 18:41:16 -0700

I am connecting to my FTPS AUTH SSL server like this:

    curl_easy_setopt(curl_handle, CURLOPT_VERBOSE, 1);
    curl_easy_setopt(curl_handle, CURLOPT_URL, "ftp://localhost");
    curl_easy_setopt(curl_handle, CURLOPT_FTP_SSL, CURLFTPSSL_TRY);
    curl_easy_setopt(curl_handle,CURLOPT_SSL_VERIFYPEER,0);
    curl_easy_setopt(curl_handle, CURLOPT_SSL_VERIFYHOST, 0);
    res = curl_easy_perform(curl_handle);

And I get this as a result: (Note this is my modified debug output)

TEXT Size 40 About to connect() to localhost port 21
TEXT Size 22 Trying 127.0.0.1... TEXT Size 10 connected
TEXT Size 43 Connected to localhost (127.0.0.1) port 21
HEADER_IN Size 42 <220- FTPshell Server Service (Version 3) 220>
HEADER_IN Size 7 <220>
HEADER_OUT Size 10 <AUTH SSL>
HEADER_IN Size 58 <234 AUTH command accepted. Setting up SSL/TLS connection>
TEXT Size 47 successfully set certificate verify locations:
TEXT Size 49 CAfile: ftps_sslcert_200569.pem
  CApath: none
TEXT Size 26 SSLv2, Client hello (1):
SSL_DATA_OUT Size 130 <☺♥☺>
TEXT Size 41 SSLv3, TLS handshake, Server hello (2):
SSL_DATA_IN Size 74 <☻>
TEXT Size 34 SSLv3, TLS handshake, CERT (11):
SSL_DATA_IN Size 596 <♂>
TEXT Size 45 SSLv3, TLS handshake, Server finished (14):
SSL_DATA_IN Size 4 <♫>
TEXT Size 49 SSLv3, TLS handshake, Client key exchange (16):
SSL_DATA_OUT Size 134 <►>
TEXT Size 45 SSLv3, TLS change cipher, Client hello (1):
SSL_DATA_OUT Size 1 <☺>
TEXT Size 38 SSLv3, TLS handshake, Finished (20):
SSL_DATA_OUT Size 16 <¶>
TEXT Size 45 SSLv3, TLS change cipher, Client hello (1):
SSL_DATA_IN Size 1 <☺>
TEXT Size 38 SSLv3, TLS handshake, Finished (20):
SSL_DATA_IN Size 16 <¶>
TEXT Size 32 SSL connection using AES256-SHA
TEXT Size 20 Server certificate:
TEXT Size 73 subject: /C=US/ST=CA/L=Sunnyvale/O=My Company/OU=My Group/CN=localhost
TEXT Size 38 start date: 2005-06-10 01:10:35 GMT
TEXT Size 39 expire date: 2006-06-10 01:10:35 GMT
TEXT Size 72 issuer: /C=US/ST=CA/L=Sunnyvale/O=My Company/OU=My Group/CN=localhost

TEXT Size 71 SSL certificate verify result: error number 1 (18), continuing anyway.

<<hangs here>>

If I add:

    curl_easy_setopt(curl_handle, CURLOPT_CAINFO, "ftps_sslcert_200569.pem");

..and copy the .pem file from the server directory to my CurlProject directory I get:

* SSL certificate verify ok.

..but it still hangs. (If I add CURLOPT_FTP_RESPONSE_TIMEOUT it will disconnect after a certain amount of time.) But CURL seems to be waiting for something to be sent from the server ????

I am able to connect to this server with FileZilla or WS_FTP.

So first question: Why am I hanging indefinately after getting SSL Certificate verified??
Another question: Am I able to make CURL download the certificate somehow?

Thank you for your help, anyone!!

Darrell
Cogent Systems
Received on 2005-06-10