Added CURLOPT_FTPSSLAUTH
This commit is contained in:
		
							
								
								
									
										11
									
								
								CHANGES
									
									
									
									
									
								
							
							
						
						
									
										11
									
								
								CHANGES
									
									
									
									
									
								
							| @@ -7,6 +7,15 @@ | ||||
|                                   Changelog | ||||
|  | ||||
| Daniel (16 September 2004) | ||||
| - Daniel at touchtunes uses the FTP+SSL server "BSDFTPD-SSL from | ||||
|   http://bsdftpd-ssl.sc.ru/" which accordingly doesn't properly work with curl | ||||
|   when "AUTH SSL" is issued (although the server responds fine and everything) | ||||
|   but requires that curl issues "AUTH TLS" instead. See | ||||
|   http://curl.haxx.se/feedback/display.cgi?id=10951944937603&support=yes | ||||
|  | ||||
|   Introducing CURLOPT_FTPSSLAUTH that allows the application to select which | ||||
|   of the AUTH strings to attempt first. | ||||
|  | ||||
| - Anonymous filed bug report #1029478 which identified a bug when you 1) used | ||||
|   a URL without properly seperating the host name and the parameters with a | ||||
|   slash. 2) the URL had parameters to the right of a ? that contains a slash | ||||
| @@ -17,7 +26,7 @@ Daniel (16 September 2004) | ||||
|   Test case 187 was added to verify that this was fixed properly. | ||||
|  | ||||
| Daniel (11 September 2004) | ||||
| - Added parsedate.[ch] that contains a rewrite of the date parser currently | ||||
| - Added parsedate.c that contains a rewrite of the date parser currently | ||||
|   provided by getdate.y. The new one is MUCH smaller and will allow us to run | ||||
|   away from the yacc/bison jungle. It is also slightly lacking in features | ||||
|   compared to the old one, but it supports parsing of all date formats HTTP | ||||
|   | ||||
| @@ -10,6 +10,7 @@ Curl and libcurl 7.12.2 | ||||
|  | ||||
| This release includes the following changes: | ||||
|  | ||||
|  o added CURLOPT_FTPSSLAUTH | ||||
|  o curl_getdate() completely rewritten, which may affect curl -z use cases. | ||||
|  | ||||
| This release includes the following bugfixes: | ||||
| @@ -37,6 +38,6 @@ advice from friends like these: | ||||
|  | ||||
|  Casey O'Donnell, Roland Krikava, Alex, Alexander Krasnostavsky, Kjetil | ||||
|  Jacobsen, Ling Thio, Roman Koifman, Harshal Pradhan, Jonas Forsman, David | ||||
|  Tarendash | ||||
|  Tarendash, Daniel at touchtunes | ||||
|  | ||||
|         Thanks! (and sorry if I forgot to mention someone) | ||||
|   | ||||
| @@ -720,6 +720,18 @@ Require SSL for the control connection or fail with \fICURLE_FTP_SSL_FAILED\fP. | ||||
| .IP CURLFTPSSL_ALL | ||||
| Require SSL for all communication or fail with \fICURLE_FTP_SSL_FAILED\fP. | ||||
| .RE | ||||
| .IP CURLOPT_FTPSSLAUTH | ||||
| Pass a long using one of the values from below, to alter how libcurl issues | ||||
| \&"AUTH TLS" or "AUTH SSL" when FTP over SSL is activated (see | ||||
| \fICURLOPT_FTP_SSL\fP). | ||||
| .RS | ||||
| .IP CURLFTPAUTH_DEFAULT | ||||
| Allow libcurl to decide | ||||
| .IP CURLFTPAUTH_SSL | ||||
| Try "AUTH SSL" first, and only if that fails try "AUTH TLS" | ||||
| .IP CURLFTPAUTH_TLS | ||||
| Try "AUTH TLS" first, and only if that fails try "AUTH SSL" | ||||
| .RE | ||||
| .SH PROTOCOL OPTIONS | ||||
| .IP CURLOPT_TRANSFERTEXT | ||||
| A non-zero parameter tells the library to use ASCII mode for ftp transfers, | ||||
|   | ||||
| @@ -303,6 +303,7 @@ typedef enum { | ||||
|  | ||||
| #define CURL_ERROR_SIZE 256 | ||||
|  | ||||
| /* parameter for the CURLOPT_FTP_SSL option */ | ||||
| typedef enum { | ||||
|   CURLFTPSSL_NONE,    /* do not attempt to use SSL */ | ||||
|   CURLFTPSSL_TRY,     /* try using SSL, proceed anyway otherwise */ | ||||
| @@ -311,6 +312,14 @@ typedef enum { | ||||
|   CURLFTPSSL_LAST     /* not an option, never use */ | ||||
| } curl_ftpssl; | ||||
|  | ||||
| /* parameter for the CURLOPT_FTPSSLAUTH option */ | ||||
| typedef enum { | ||||
|   CURLFTPAUTH_DEFAULT, /* let libcurl decide */ | ||||
|   CURLFTPAUTH_SSL,     /* use "AUTH SSL" */ | ||||
|   CURLFTPAUTH_TLS,     /* use "AUTH TLS" */ | ||||
|   CURLFTPAUTH_LAST /* not an option, never use */ | ||||
| } curl_ftpauth; | ||||
|  | ||||
| /* long may be 32 or 64 bits, but we should never depend on anything else | ||||
|    but 32 */ | ||||
| #define CURLOPTTYPE_LONG          0 | ||||
| @@ -813,6 +822,18 @@ typedef enum { | ||||
|      of commands with this */ | ||||
|   CINIT(SOURCE_POSTQUOTE, OBJECTPOINT, 128), | ||||
|  | ||||
|   /* When FTP over SSL/TLS is selected (with CURLOPT_FTP_SSL), this option | ||||
|      can be used to change libcurl's default action which is to first try | ||||
|      "AUTH SSL" and then "AUTH TLS" in this order, and proceed when a OK | ||||
|      response has been received. | ||||
|  | ||||
|      Available parameters are: | ||||
|      CURLFTPAUTH_DEFAULT - let libcurl decide | ||||
|      CURLFTPAUTH_SSL     - try "AUTH SSL" first, then TLS | ||||
|      CURLFTPAUTH_TLS     - try "AUTH TLS" first, then SSL | ||||
|   */ | ||||
|   CINIT(FTPSSLAUTH, LONG, 129), | ||||
|  | ||||
|   CURLOPT_LASTENTRY /* the last unused */ | ||||
| } CURLoption; | ||||
|  | ||||
|   | ||||
							
								
								
									
										21
									
								
								lib/ftp.c
									
									
									
									
									
								
							
							
						
						
									
										21
									
								
								lib/ftp.c
									
									
									
									
									
								
							| @@ -540,8 +540,27 @@ CURLcode Curl_ftp_connect(struct connectdata *conn) | ||||
|  | ||||
|   if(data->set.ftp_ssl && !conn->ssl[FIRSTSOCKET].use) { | ||||
|     /* we don't have a SSL/TLS connection, try a FTPS connection now */ | ||||
|     int start; | ||||
|     int trynext; | ||||
|     int count=0; | ||||
|  | ||||
|     for (try = 0; ftpauth[try]; try++) { | ||||
|     switch(data->set.ftpsslauth) { | ||||
|     case CURLFTPAUTH_DEFAULT: | ||||
|     case CURLFTPAUTH_SSL: | ||||
|       start = 0; | ||||
|       trynext = 1; | ||||
|       break; | ||||
|     case CURLFTPAUTH_TLS: | ||||
|       start = 1; | ||||
|       trynext = 0; | ||||
|       break; | ||||
|     default: | ||||
|       failf(data, "unsupported parameter to CURLOPT_FTPSSLAUTH: %d\n", | ||||
|             data->set.ftpsslauth); | ||||
|       return CURLE_FAILED_INIT; /* we don't know what to do */ | ||||
|     } | ||||
|  | ||||
|     for (try = start; ftpauth[count]; try=trynext, count++) { | ||||
|  | ||||
|       FTPSENDF(conn, "AUTH %s", ftpauth[try]); | ||||
|  | ||||
|   | ||||
| @@ -1338,6 +1338,13 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...) | ||||
|     data->set.ftp_ssl = (curl_ftpssl)va_arg(param, long); | ||||
|     break; | ||||
|  | ||||
|   case CURLOPT_FTPSSLAUTH: | ||||
|     /* | ||||
|      * Set a specific auth for FTP-SSL transfers. | ||||
|      */ | ||||
|     data->set.ftpsslauth = (curl_ftpauth)va_arg(param, long); | ||||
|     break; | ||||
|  | ||||
|   case CURLOPT_IPRESOLVE: | ||||
|     data->set.ip_version = va_arg(param, long); | ||||
|     break; | ||||
|   | ||||
| @@ -920,6 +920,7 @@ struct UserDefined { | ||||
|   bool ftp_use_epsv;     /* if EPSV is to be attempted or not */ | ||||
|   bool ftp_use_eprt;     /* if EPRT is to be attempted or not */ | ||||
|   curl_ftpssl ftp_ssl;   /* if AUTH TLS is to be attempted etc */ | ||||
|   curl_ftpauth ftpsslauth; /* what AUTH XXX to be attempted */ | ||||
|   bool no_signal;        /* do not use any signal/alarm handler */ | ||||
|   bool global_dns_cache; /* subject for future removal */ | ||||
|   bool tcp_nodelay;      /* whether to enable TCP_NODELAY or not */ | ||||
|   | ||||
		Reference in New Issue
	
	Block a user
	 Daniel Stenberg
					Daniel Stenberg