moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

Added CURLOPT_FTPSSLAUTH

This commit is contained in:
Daniel Stenberg 2004-09-16 21:45:16 +00:00
parent 25bf23105d
commit 6a06667cc0
7 changed files with 73 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGES
View File

@ -7,6 +7,15 @@
Changelog Changelog
Daniel (16 September 2004) Daniel (16 September 2004)
- Daniel at touchtunes uses the FTP+SSL server "BSDFTPD-SSL from
http://bsdftpd-ssl.sc.ru/" which accordingly doesn't properly work with curl
when "AUTH SSL" is issued (although the server responds fine and everything)
but requires that curl issues "AUTH TLS" instead. See
http://curl.haxx.se/feedback/display.cgi?id=10951944937603&support=yes
Introducing CURLOPT_FTPSSLAUTH that allows the application to select which
of the AUTH strings to attempt first.
- Anonymous filed bug report #1029478 which identified a bug when you 1) used - Anonymous filed bug report #1029478 which identified a bug when you 1) used
a URL without properly seperating the host name and the parameters with a a URL without properly seperating the host name and the parameters with a
slash. 2) the URL had parameters to the right of a ? that contains a slash slash. 2) the URL had parameters to the right of a ? that contains a slash
@ -17,7 +26,7 @@ Daniel (16 September 2004)
Test case 187 was added to verify that this was fixed properly. Test case 187 was added to verify that this was fixed properly.
Daniel (11 September 2004) Daniel (11 September 2004)
- Added parsedate.[ch] that contains a rewrite of the date parser currently - Added parsedate.c that contains a rewrite of the date parser currently
provided by getdate.y. The new one is MUCH smaller and will allow us to run provided by getdate.y. The new one is MUCH smaller and will allow us to run
away from the yacc/bison jungle. It is also slightly lacking in features away from the yacc/bison jungle. It is also slightly lacking in features
compared to the old one, but it supports parsing of all date formats HTTP compared to the old one, but it supports parsing of all date formats HTTP

3
RELEASE-NOTES
View File

@ -10,6 +10,7 @@ Curl and libcurl 7.12.2
This release includes the following changes: This release includes the following changes:
o added CURLOPT_FTPSSLAUTH
o curl_getdate() completely rewritten, which may affect curl -z use cases. o curl_getdate() completely rewritten, which may affect curl -z use cases.
This release includes the following bugfixes: This release includes the following bugfixes:
@ -37,6 +38,6 @@ advice from friends like these:
Casey O'Donnell, Roland Krikava, Alex, Alexander Krasnostavsky, Kjetil Casey O'Donnell, Roland Krikava, Alex, Alexander Krasnostavsky, Kjetil
Jacobsen, Ling Thio, Roman Koifman, Harshal Pradhan, Jonas Forsman, David Jacobsen, Ling Thio, Roman Koifman, Harshal Pradhan, Jonas Forsman, David
Tarendash Tarendash, Daniel at touchtunes
Thanks! (and sorry if I forgot to mention someone) Thanks! (and sorry if I forgot to mention someone)

12
docs/libcurl/curl_easy_setopt.3
View File

@ -720,6 +720,18 @@ Require SSL for the control connection or fail with \fICURLE_FTP_SSL_FAILED\fP.
.IP CURLFTPSSL_ALL .IP CURLFTPSSL_ALL
Require SSL for all communication or fail with \fICURLE_FTP_SSL_FAILED\fP. Require SSL for all communication or fail with \fICURLE_FTP_SSL_FAILED\fP.
.RE .RE
.IP CURLOPT_FTPSSLAUTH
Pass a long using one of the values from below, to alter how libcurl issues
\&"AUTH TLS" or "AUTH SSL" when FTP over SSL is activated (see
\fICURLOPT_FTP_SSL\fP).
.RS
.IP CURLFTPAUTH_DEFAULT
Allow libcurl to decide
.IP CURLFTPAUTH_SSL
Try "AUTH SSL" first, and only if that fails try "AUTH TLS"
.IP CURLFTPAUTH_TLS
Try "AUTH TLS" first, and only if that fails try "AUTH SSL"
.RE
.SH PROTOCOL OPTIONS .SH PROTOCOL OPTIONS
.IP CURLOPT_TRANSFERTEXT .IP CURLOPT_TRANSFERTEXT
A non-zero parameter tells the library to use ASCII mode for ftp transfers, A non-zero parameter tells the library to use ASCII mode for ftp transfers,

21
include/curl/curl.h
View File

@ -303,6 +303,7 @@ typedef enum {
#define CURL_ERROR_SIZE 256 #define CURL_ERROR_SIZE 256
/* parameter for the CURLOPT_FTP_SSL option */
typedef enum { typedef enum {
CURLFTPSSL_NONE, /* do not attempt to use SSL */ CURLFTPSSL_NONE, /* do not attempt to use SSL */
CURLFTPSSL_TRY, /* try using SSL, proceed anyway otherwise */ CURLFTPSSL_TRY, /* try using SSL, proceed anyway otherwise */
@ -311,6 +312,14 @@ typedef enum {
CURLFTPSSL_LAST /* not an option, never use */ CURLFTPSSL_LAST /* not an option, never use */
} curl_ftpssl; } curl_ftpssl;
/* parameter for the CURLOPT_FTPSSLAUTH option */
typedef enum {
CURLFTPAUTH_DEFAULT, /* let libcurl decide */
CURLFTPAUTH_SSL, /* use "AUTH SSL" */
CURLFTPAUTH_TLS, /* use "AUTH TLS" */
CURLFTPAUTH_LAST /* not an option, never use */
} curl_ftpauth;
/* long may be 32 or 64 bits, but we should never depend on anything else /* long may be 32 or 64 bits, but we should never depend on anything else
but 32 */ but 32 */
#define CURLOPTTYPE_LONG 0 #define CURLOPTTYPE_LONG 0
@ -813,6 +822,18 @@ typedef enum {
of commands with this */ of commands with this */
CINIT(SOURCE_POSTQUOTE, OBJECTPOINT, 128), CINIT(SOURCE_POSTQUOTE, OBJECTPOINT, 128),
/* When FTP over SSL/TLS is selected (with CURLOPT_FTP_SSL), this option
can be used to change libcurl's default action which is to first try
"AUTH SSL" and then "AUTH TLS" in this order, and proceed when a OK
response has been received.
Available parameters are:
CURLFTPAUTH_DEFAULT - let libcurl decide
CURLFTPAUTH_SSL - try "AUTH SSL" first, then TLS
CURLFTPAUTH_TLS - try "AUTH TLS" first, then SSL
*/
CINIT(FTPSSLAUTH, LONG, 129),
CURLOPT_LASTENTRY /* the last unused */ CURLOPT_LASTENTRY /* the last unused */
} CURLoption; } CURLoption;

21
lib/ftp.c
View File

@ -540,8 +540,27 @@ CURLcode Curl_ftp_connect(struct connectdata *conn)
if(data->set.ftp_ssl && !conn->ssl[FIRSTSOCKET].use) { if(data->set.ftp_ssl && !conn->ssl[FIRSTSOCKET].use) {
/* we don't have a SSL/TLS connection, try a FTPS connection now */ /* we don't have a SSL/TLS connection, try a FTPS connection now */
int start;
int trynext;
int count=0;
for (try = 0; ftpauth[try]; try++) { switch(data->set.ftpsslauth) {
case CURLFTPAUTH_DEFAULT:
case CURLFTPAUTH_SSL:
start = 0;
trynext = 1;
break;
case CURLFTPAUTH_TLS:
start = 1;
trynext = 0;
break;
default:
failf(data, "unsupported parameter to CURLOPT_FTPSSLAUTH: %d\n",
data->set.ftpsslauth);
return CURLE_FAILED_INIT; /* we don't know what to do */
}
for (try = start; ftpauth[count]; try=trynext, count++) {
FTPSENDF(conn, "AUTH %s", ftpauth[try]); FTPSENDF(conn, "AUTH %s", ftpauth[try]);

7
lib/url.c
View File

@ -1338,6 +1338,13 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...)
data->set.ftp_ssl = (curl_ftpssl)va_arg(param, long); data->set.ftp_ssl = (curl_ftpssl)va_arg(param, long);
break; break;
case CURLOPT_FTPSSLAUTH:
/*
* Set a specific auth for FTP-SSL transfers.
*/
data->set.ftpsslauth = (curl_ftpauth)va_arg(param, long);
break;
case CURLOPT_IPRESOLVE: case CURLOPT_IPRESOLVE:
data->set.ip_version = va_arg(param, long); data->set.ip_version = va_arg(param, long);
break; break;

1
lib/urldata.h
View File

@ -920,6 +920,7 @@ struct UserDefined {
bool ftp_use_epsv; /* if EPSV is to be attempted or not */ bool ftp_use_epsv; /* if EPSV is to be attempted or not */
bool ftp_use_eprt; /* if EPRT is to be attempted or not */ bool ftp_use_eprt; /* if EPRT is to be attempted or not */
curl_ftpssl ftp_ssl; /* if AUTH TLS is to be attempted etc */ curl_ftpssl ftp_ssl; /* if AUTH TLS is to be attempted etc */
curl_ftpauth ftpsslauth; /* what AUTH XXX to be attempted */
bool no_signal; /* do not use any signal/alarm handler */ bool no_signal; /* do not use any signal/alarm handler */
bool global_dns_cache; /* subject for future removal */ bool global_dns_cache; /* subject for future removal */
bool tcp_nodelay; /* whether to enable TCP_NODELAY or not */ bool tcp_nodelay; /* whether to enable TCP_NODELAY or not */