cURL / Mailing Lists / curl-library / Single Mail

curl-library

Unknown SSL protocol error

From: Winslow, Dave - OJA <Dave.Winslow_at_wisconsin.gov>
Date: Tue, 15 Aug 2006 09:35:28 -0500

On 4-19-2004, Grant Sheppard reported problems using Curl to connect to a WS_FTP 4.0.2 server
using SSL (http://curl.haxx.se/mail/archive-2004-04/0037.html)

I'm having similar problems trying to connect to a WS_FTP 5.0.4 server. I searched but could
not determine if Grant's problem was ever resolved.

Here's the output of a python script that attempts to upload a file to a WS_FTP server using SSL
and x509 certificates - everything appears to go well until the data connnection is established
(line 53) and then I get what I think Grant got - Unknown SSL protocol error.

01 Uploading file /home/winsld/pycurl/pycurl-7.15.4.2/examples/file_upload_ftp.py to url
02 ftp://doaftp01.doa.state.wi.us/gateway/pointerUpload/data/jimL.txt
03 * About to connect() to doaftp01.doa.state.wi.us port 21
04 * Trying 165.189.88.181... * connected
05 * Connected to doaftp01.doa.state.wi.us (165.189.88.181) port 21
06 < 220-SSL X2 WS_FTP Server 5.0.4 (1799941883)
07 < 220-WARNING: ACCESS IS RESTRICTED TO AUTHORIZED USERS ONLY.
08 < 220 SSL X2 WS_FTP Server 5.0.4 (1799941883)
09 > AUTH SSL
10 < 234 SSL enabled and waiting for negotiation
11 * successfully set certificate verify locations:
12 * CAfile: /home/winsld/certs/server01.pem
13 CApath: none
14 * SSL connection using DHE-RSA-AES128-SHA
15 * Server certificate:
16 * subject: blah blah ...
17
18 * start date: 2004-07-01 16:26:05 GMT
19 * expire date: 2014-07-01 22:26:04 GMT
20 * issuer: blah blah ...
21
22 * SSL certificate verify ok.
23 > USER xxxxxxxxxx
24 < 331 Password required
25 > PASS xxxxxxxxxx
26 < 230-user logged in
27 < 230-ALL ACCESS TO THIS SYSTEM IS RECORDED AND MONITORED.
28 < 230 user logged in
29 > PBSZ 0
30 < 200 PBSZ=0
31 > PROT P
32 < 200 PRIVATE data channel protection level set
33 > PWD
34 < 257 "/users/gov/wisconsin/lacrosse/wijis" is current directory
35 * Entry path is '/users/gov/wisconsin/lacrosse/wijis'
36 > CWD gateway
37 < 250 CWD successful
38 > CWD pointerUpload
39 < 250 CWD successful
40 > CWD data
41 < 250 CWD successful
42 > EPSV
43 * Connect data stream passively
44 < 500 illegal command
45 * disabling EPSV usage
46 > PASV
47 < 227 Entering Passive Mode (165,189,88,181,99,216).
48 * Trying 165.189.88.181... * connected
49 * Connecting to 165.189.88.181 (165.189.88.181) port 25560
50 > TYPE I
51 < 200 Type set to IMAGE.
52 > STOR jimL.txt
53 < 150 Opening BINARY data connection for jimL.txt
54 * Doing the SSL/TLS handshake on the data stream
55 * successfully set certificate verify locations:
56 * CAfile: /home/winsld/certs/server01.pem
57 CApath: none
58 * SSL re-using session ID
59 * Unknown SSL protocol error in connection to doaftp01.doa.state.wi.us:21
60 * Remembering we are in dir gateway/pointerUpload/data/
61 * Uploaded unaligned file size (0 out of 3191 bytes)
62 * Connection #0 to host doaftp01.doa.state.wi.us left intact
63 Traceback (most recent call last):
64 File "file_upload_ftp.py", line 93, in ?
65 curl.perform()
66 pycurl.error: (35, 'Unknown SSL protocol error in connection to doaftp01.doa.state.wi.us:21 ')
67 * Closing connection #0

Here is my PYTHON script:

import os, sys
import pycurl

# Class which holds a file reference and the read callback
class FileReader:
    def __init__(self, fp):
        self.fp = fp
    def read_callback(self, size):
        return self.fp.read(size)
    def debug_callback(self, debug_type, debug_msg):
        print "debug(%d): %s" % (debug_type, debug_msg)

def usage():
  print "Usage: %s <url> <file to upload> <DOA (1 if to DOA and 0 if not>" % sys.argv[0]
  raise SystemExit

# Check commandline arguments
try:
  url = sys.argv[1]
  file = sys.argv[2]
  doa = int(sys.argv[3])
except ValueError: usage()
except IndexError: usage()

if doa:
  userpass = 'xxxxxxxxxx:xxxxxxxxxx'
else:
  userpass = 'xxxxxxxxxx:xxxxxxxxxx'

# Initialize pycurl
curl = pycurl.Curl()
curl.setopt(pycurl.URL, url)
curl.setopt(pycurl.USERPWD, userpass)
curl.setopt(pycurl.UPLOAD, 1)
curl.setopt(pycurl.VERBOSE, 1)

curl.setopt(pycurl.READFUNCTION, FileReader(open(file, 'rb')).read_callback)

# Set size of file to be uploaded.
curl.setopt(pycurl.INFILESIZE, os.path.getsize(file))

# FTP via SSL related stuff for DOA
if doa:
  curl.setopt(pycurl.FTP_SSL, pycurl.FTPSSL_ALL)
  curl.setopt(pycurl.FTPSSLAUTH, pycurl.FTPAUTH_DEFAULT)
  curl.setopt(pycurl.SSL_VERIFYPEER, 1)
  curl.setopt(pycurl.SSLCERT, '/home/winsld/certs/wijis.crt')
  curl.setopt(pycurl.CAINFO, '/home/winsld/certs/server01.pem')
  curl.setopt(pycurl.SSLKEY,'/home/winsld/certs/wijis.key')
  curl.setopt(pycurl.SSLKEYPASSWD,'!!JustA_at_ert!!')
  curl.setopt(pycurl.SSL_VERIFYHOST, 0)
  curl.setopt(pycurl.SSLVERSION, pycurl.SSLVERSION_SSLv3)

# Start transfer
print 'Uploading file %s to url %s' % (file, url)
curl.perform()
curl.close()

I am using:

curl 7.15.4 (i686-suse-linux) libcurl/7.15.4 OpenSSL/0.9.7g zlib/1.2.3 libidn/0.5.9
Protocols: tftp ftp telnet dict ldap http file https ftps
Features: IDN IPv6 Largefile NTLM SSL libz

on SUSE Linux

and pycurl version 7.15.4.2.

Any ideas would be great!

Dave
Received on 2006-08-15