headers
Daniel Stenberg | 1 Nov 2002 08:29
Picon
Favicon
Gravatar

Re: Extent of SSL support in libcurl?

On Thu, 31 Oct 2002, Dave Halbakken wrote:

> I just noticed this in the 7.10 TODO document:
>
> "* Add FTPS support with SSL for the data connection too.  This should
> be made according to the specs written in
> draft-murray-auth-ftp-ssl-08.txt, "Securing FTP with TLS""
>
> Does this mean libcurl's data connection when using SSL is all in the clear?

It means that when you use 'FTPS' with curl, it only uses SSL for the first,
the control, connection. FTPS is not a name of any standard protocol and the
approach curl currently supports is a rather quick hack to make it work with
a ftps server that offerered exactly this mode of operation.

I know this is rather limited and the TODO item was added there since most
(or at least many) people who want a full and secure FTP server connection
want a full implementation.

> I also noticed that the current version of that ftp-ssl draft is
> draft-murray-auth-ftp-ssl-10.txt. In that draft, the use of AUTH TLS is
> recommended over the now-deprecated implicit SSL.

TLSv1 is basicly SSLv3, they're very similar. In curl terms we often talk
about SSL as a general term and it often means "SSL or TLS". The OpenSSL
library supports SSLv2, SSLv3 and TLSv1 fine.

> Does anyone know whether there is support in libcurl for AUTH TLS?

I know that there is none. I would of course like to see it added.
(Continue reading)

Permalink | Reply | 1 comment |
headers
cml932atom | 1 Nov 2002 17:09

OT: grep options [Was: Re: Segmentation fault in curl_easy_cleanup() [AIX]]

On Tue, Oct 22, 2002 at 06:55:32PM -0700, Soren Spies wrote:
>
> nice; does the 'grep' on your system support -A, -B, or -C (which
> provide context after, before, and around, respectively)?

As with all things compared to GNU, IBM/AIX grep is inferior.

$ grep -h
Usage: grep [-E|-F] [-c|-l|-q] [-insvxbhwy] [-p[parasep]] -e pattern_list...
        [-f pattern_file...] [file...]
Usage: grep [-E|-F] [-c|-l|-q] [-insvxbhwy] [-p[parasep]] [-e pattern_list...]
        -f pattern_file... [file...]
Usage: grep [-E|-F] [-c|-l|-q] [-insvxbhwy] [-p[parasep]] pattern_list [file...]

-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
Permalink | Reply | 0 comments |
headers
Tor Arntsen | 1 Nov 2002 16:43
Picon
Favicon

Re: OT: grep options [Was: Re: Segmentation fault in curl_easy_cleanup() [AIX]]

On Nov 1, 16:36, cml932atom <at> sulusea.org wrote:
>On Tue, Oct 22, 2002 at 06:55:32PM -0700, Soren Spies wrote:
>>
>> nice; does the 'grep' on your system support -A, -B, or -C (which
>> provide context after, before, and around, respectively)?
>
>As with all things compared to GNU, IBM/AIX grep is inferior.
>
>$ grep -h
>Usage: grep [-E|-F] [-c|-l|-q] [-insvxbhwy] [-p[parasep]] -e pattern_list...
[...]

Very true.  But these days AIX at least comes with a companion CD called

"AIX Toolbox for Linux Applications for POWER Systems
 Featuring GNU Software"

It helps a lot to install it.  Nice penguin on the label too.
You can find all the .rpm's (and installp on at least AIX 5.x understands
.rpms now) on ftp.software.ibm.com
Put /opt/freeware/bin in the PATH.

We tell our AIX customers to install this CD, and they seem happy to
comply :-)

-Tor

-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
(Continue reading)

Permalink | Reply | 0 comments |
headers
Dave Halbakken | 1 Nov 2002 18:55

Re: Extent of SSL support in libcurl?

Daniel Stenberg wrote:

> I'm prepared to join in and help if anyone wants to see this implemented. I
> don't think I'll go ahead and implement it on my own at this point in time.
> 

Thanks for all your answers, Daniel. I'd love to say I'll jump in and 
help. I don't feel qualified at this point, though. I plan to read all 
the FTP security-related specs, including RFC 2228, RFC 2246, 
draft-murray-auth-ftp-ssl-10.txt, which I believe are the significant 
ones. Once I've done that, I should have a better perspective.

Dave Halbakken

-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm 
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
Permalink | Reply | 0 comments |
headers
Avery Fay | 1 Nov 2002 20:20
Favicon

Re: [PATCH] Re: libcurl memleak


#if 0'ing out that bit of code seems to break something else. When I set
CURLOPT_INTERFACE to another IP, all connections fail whereas before when
the leaking code was there they all succeeded. Below is a sample backtrace
(note that a low number of threads just cause all connections to fail and a
high number of threads cause all connections to fail + crash):

Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/local/lib/libcurl.so.2...done.
Loaded symbols for /usr/local/lib/libcurl.so.2
Reading symbols from /lib/libpthread.so.0...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /usr/lib/i686/libssl.so.0.9.6...done.
Loaded symbols for /usr/lib/i686/libssl.so.0.9.6
Reading symbols from /usr/lib/i686/libcrypto.so.0.9.6...done.
Loaded symbols for /usr/lib/i686/libcrypto.so.0.9.6
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
#0  0x4003103d in Curl_connecthost (conn=0x8096788, remotehost=0x84b7180,
    port=80, sockconn=0x8096a24, addr=0xb71ff664, connected=0xb71ff717 "")
    at connect.c:600
600     for(rc=-1, aliasindex=0;
(gdb) bt
#0  0x4003103d in Curl_connecthost (conn=0x8096788, remotehost=0x84b7180,
    port=80, sockconn=0x8096a24, addr=0xb71ff664, connected=0xb71ff717 "")
    at connect.c:600
(Continue reading)

Permalink | Reply | 752 comments |
headers
Alejandro Escalante | 1 Nov 2002 22:58
Picon
Favicon

FTP: Automatic cd to user directory

I'd like to pose a question for experienced FTP users, though, not directly related to libcurl.

Seems like Microsoft FTP servers does an automatic change of directory at logon to a directory below the root that has the same name as the login name, if this directory exists. I'd like to know of this is the case on all FTP servers, and if this behavior can be disabled, leaving the user at the root of the hierarchy.

This has caused me some trouble with a project I've been developing with curl, since URLs are expressed in the form ftp://server/directory, if the server cd's me to another directory depending the user, this is is a problem.

Thank you in advance for any info.

Alex


Do You Yahoo!?
Yahoo! Net: La mejor conexión a internet y 25MB extra a tu correo por $100 al mes.
Permalink | Reply | 2 comments |
headers
lupusdacicus | 2 Nov 2002 11:15
Picon
Favicon

libcurl (perl) and windows

 
 
Is there anyone out there who has some experience with installing and using libcurl (perl interface) under windows ? I am using the free Active state Perl, the Nmake compiler.
 
I modified Makefile.pl to look for the perl exe and it goes fine.
 
When I do (n)make it says:
 

cl -c -I -nologo -O1 -MD -DNDEBUG -DWIN32 -D_CONSOLE -DNO_STRICT -DHAVE_DES_FCRYPT -DPERL_IMPLICIT_CONTEXT -DPERL_IMPLICIT_SYS -DPERL_MSVCRT_READFIX -O1 -MD -DNDEBUG -DVERSION=\"1.35\" -DXS_VERSION=\"1.35\" -IC:\Perl\lib\CORE -DHAVE_INTERNAL_VARS easy.c

 

I am trying to use the libww modules to modify the HTTP headers and play with cookies, but I am not having much luck. From my experience, I have been more profiecient with curl/libcurl and I would appreciate any insight on this matter.

 

Thank you,

Nick.

 
Permalink | Reply | 7 comments |
headers
Daniel Stenberg | 4 Nov 2002 07:44
Picon
Favicon
Gravatar

Re: FTP: Automatic cd to user directory

On Fri, 1 Nov 2002, Alejandro Escalante wrote:

> I'd like to pose a question for experienced FTP users, though, not directly
> related to libcurl.
>
> Seems like Microsoft FTP servers does an automatic change of directory at
> logon to a directory below the root that has the same name as the login
> name, if this directory exists. I'd like to know of this is the case on all
> FTP servers, and if this behavior can be disabled, leaving the user at the
> root of the hierarchy.
>
> This has caused me some trouble with a project I've been developing with
> curl, since URLs are expressed in the form ftp://server/directory, if the
> server cd's me to another directory depending the user, this is is a
> problem.

This is very common indeed. I'd so far to say that almost every single FTP
server out there will behave like this.

Of course, the FTP URLs you use are normally adjusted to this (as they login
anonymously) and if you truly want a file relative the actual file system
root, you specify the file like:

	ftp://server//directory

With double slashes, as this would then refer to '/directory' and not
'directory' within the user's home dir.

--

-- 
 Daniel Stenberg -- curl, cURL, Curl, CURL. Groks URLs.

-------------------------------------------------------
This SF.net email is sponsored by: ApacheCon, November 18-21 in
Las Vegas (supported by COMDEX), the only Apache event to be
fully supported by the ASF. http://www.apachecon.com
Permalink | Reply | 1 comment |
headers
Guido Reina | 4 Nov 2002 16:40

libcurl + MFC as a static library?

Hi there,
 
I have developped a MFC program under Visual C++ 6.0 (I use libcurl 7.10.1) and everything works fine. The problem arises when I change the configuration to use MFC as a static library, in this case libcurl crashes (the call stack shows: curl_easy_perform (line 245) -> Curl_perform (line 1491) -> Transfer (line 1168) -> Curl_readwrite (line 883) -> fread -> error unhandled exception (Access Violation)). What I am doing wrong?
 
Thanks in advance,

Guido.
Permalink | Reply | 1 comment |
headers
Daniel Stenberg | 4 Nov 2002 16:54
Picon
Favicon
Gravatar

Re: [PATCH] Re: libcurl memleak

On Fri, 1 Nov 2002, Avery Fay wrote:

> #if 0'ing out that bit of code seems to break something else. When I set
> CURLOPT_INTERFACE to another IP, all connections fail whereas before when
> the leaking code was there they all succeeded. Below is a sample backtrace
> (note that a low number of threads just cause all connections to fail and a
> high number of threads cause all connections to fail + crash):

*ump*

Ok, browsing the code for the CURLOPT_INTERFACE local-bind stuff reveals that
we resolve the IP and there we clear all "outdated" cache entries first, so
when we continue to use the same struct after the local-bind, it has been
free()ed already... :-O

Having identified the error unfortunatately doesn't mean I've yet thought out
a fix. I'm thinking of finally adding some kind of method to mark DNS cache
entries as 'in use' to prevent things like this.

--

-- 
 Daniel Stenberg -- curl, cURL, Curl, CURL. Groks URLs.

-------------------------------------------------------
This SF.net email is sponsored by: ApacheCon, November 18-21 in
Las Vegas (supported by COMDEX), the only Apache event to be
fully supported by the ASF. http://www.apachecon.com
Permalink | Reply | 0 comments |

Gmane