- Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume any

particular state for the control connection like it did before for implicit
  FTPS (libcurl assumed such control connections to be encrypted while some
  FTPS servers such as FileZilla assumes such connections to be clear
  mode). Use the CURLOPT_USE_SSL option to set your desired level.
This commit is contained in:
Daniel Stenberg 2008-12-09 15:02:37 +00:00
parent df7b1d8e64
commit 4b62cd3616
4 changed files with 16 additions and 35 deletions

View File

@ -6,6 +6,13 @@
Changelog
Daniel Stenberg (9 Dec 2008)
- Ken Hirsch simplified how libcurl does FTPS: now it doesn't assume any
particular state for the control connection like it did before for implicit
FTPS (libcurl assumed such control connections to be encrypted while some
FTPS servers such as FileZilla assumes such connections to be clear
mode). Use the CURLOPT_USE_SSL option to set your desired level.
Daniel Stenberg (8 Dec 2008)
- Fred Machado posted about a weird FTP problem on the curl-users list and when
researching it, it turned out he got a 550 response back from a SIZE command

View File

@ -26,6 +26,7 @@ This release includes the following bugfixes:
o curl_multi_remove_handle() when the handle was in use in a HTTP pipeline
o GSS authentication infinite loop problem
o 550 response from SIZE no longer treated as missing file
o ftps:// control connections now use explicit protection level
This release includes the following known bugs:
@ -36,6 +37,6 @@ advice from friends like these:
Yang Tse, Daniel Fandrich, Jim Meyering, Christian Krause, Andreas Wurf,
Markus Koetter, Josef Wolf, Vlad Grachov, Pawel Kierski, Igor Novoseltsev,
Fred Machado
Fred Machado, Ken Hirsch
Thanks! (and sorry if I forgot to mention someone)

View File

@ -2,14 +2,15 @@ To be addressed in 7.19.3 (planned release: January 2009)
=========================
193 - Fix zero-byte file transfers
- Nobody has actually started for real on this
196 - #2351653 "crash in ConnectionExists"
- Being worked on in the bug tracker
197 - IIS-bug in Digest
198 - implicit SSL with FileZilla server
199 - "Bug 2351645" adjustment of the patch Daniel S applied
- Suggested fix posted to list
200 - "afert redirect, the content length is not reset" by Shunlong Bai

View File

@ -150,9 +150,6 @@ static int ftp_getsock(struct connectdata *conn,
static CURLcode ftp_doing(struct connectdata *conn,
bool *dophase_done);
static CURLcode ftp_setup_connection(struct connectdata * conn);
#ifdef USE_SSL
static CURLcode ftps_setup_connection(struct connectdata * conn);
#endif
/* easy-to-use macro: */
#define FTPSENDF(x,y,z) if((result = Curl_ftpsendf(x,y,z)) != CURLE_OK) \
@ -189,7 +186,7 @@ const struct Curl_handler Curl_handler_ftp = {
const struct Curl_handler Curl_handler_ftps = {
"FTPS", /* scheme */
ftps_setup_connection, /* setup_connection */
ftp_setup_connection, /* setup_connection */
ftp_do, /* do_it */
ftp_done, /* done */
ftp_nextconnect, /* do_more */
@ -2683,24 +2680,9 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
break;
case FTP_PBSZ:
/* FIX: check response code */
/* For TLS, the data connection can have one of two security levels.
1) Clear (requested by 'PROT C')
2)Private (requested by 'PROT P')
*/
if(!conn->ssl[SECONDARYSOCKET].use) {
NBFTPSENDF(conn, "PROT %c",
data->set.ftp_ssl == CURLUSESSL_CONTROL ? 'C' : 'P');
state(conn, FTP_PROT);
}
else {
result = ftp_state_pwd(conn);
if(result)
return result;
}
NBFTPSENDF(conn, "PROT %c",
data->set.ftp_ssl == CURLUSESSL_CONTROL ? 'C' : 'P');
state(conn, FTP_PROT);
break;
@ -4179,14 +4161,4 @@ static CURLcode ftp_setup_connection(struct connectdata * conn)
return CURLE_OK;
}
#ifdef USE_SSL
static CURLcode ftps_setup_connection(struct connectdata * conn)
{
struct SessionHandle *data = conn->data;
conn->ssl[SECONDARYSOCKET].use = data->set.ftp_ssl != CURLUSESSL_CONTROL;
return ftp_setup_connection(conn);
}
#endif
#endif /* CURL_DISABLE_FTP */