Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
encrypt the control connection and use the data connection "plain".
This commit is contained in:
Daniel Stenberg
3
CHANGES
3
CHANGES
@@ -7,6 +7,9 @@
|
|||||||
Changelog
|
Changelog
|
||||||
|
|
||||||
Daniel (23 September 2006)
|
Daniel (23 September 2006)
|
||||||
|
- Mike Protts added --ftp-ssl-control to make curl use FTP-SSL, but only
|
||||||
|
encrypt the control connection and use the data connection "plain".
|
||||||
|
|
||||||
- Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
|
- Dmitriy Sergeyev provided a patch that made the SOCKS[45] code work better
|
||||||
as it now will read the full data sent from servers. The SOCKS-related code
|
as it now will read the full data sent from servers. The SOCKS-related code
|
||||||
was also moved to the new lib/socks.c source file.
|
was also moved to the new lib/socks.c source file.
|
||||||
|
|||||||
@@ -11,6 +11,7 @@ Curl and libcurl 7.16.0
|
|||||||
|
|
||||||
This release includes the following changes:
|
This release includes the following changes:
|
||||||
|
|
||||||
|
o (FTP) --ftp-ssl-control was added
|
||||||
o CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid added
|
o CURLOPT_SSL_SESSIONID_CACHE and --no-sessionid added
|
||||||
o CURLMOPT_PIPELINING added for enabling pipelined transfers
|
o CURLMOPT_PIPELINING added for enabling pipelined transfers
|
||||||
o multi handles now have a shared connection cache
|
o multi handles now have a shared connection cache
|
||||||
@@ -52,6 +53,7 @@ advice from friends like these:
|
|||||||
|
|
||||||
Domenico Andreoli, Armel Asselin, Gisle Vanem, Yang Tse, Andrew Biggs,
|
Domenico Andreoli, Armel Asselin, Gisle Vanem, Yang Tse, Andrew Biggs,
|
||||||
Peter Sylvester, David McCreedy, Dmitriy Sergeyev, Dmitry Rechkin,
|
Peter Sylvester, David McCreedy, Dmitriy Sergeyev, Dmitry Rechkin,
|
||||||
Jari Sundell, Ravi Pratap, Michele Bini, Jeff Pohlmeyer, Michael Wallner
|
Jari Sundell, Ravi Pratap, Michele Bini, Jeff Pohlmeyer, Michael Wallner,
|
||||||
|
Mike Protts
|
||||||
|
|
||||||
Thanks! (and sorry if I forgot to mention someone)
|
Thanks! (and sorry if I forgot to mention someone)
|
||||||
|
|||||||
13
docs/curl.1
13
docs/curl.1
@@ -412,9 +412,16 @@ This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
|
|||||||
If this option is used twice, the second will again use the server's suggested
|
If this option is used twice, the second will again use the server's suggested
|
||||||
address.
|
address.
|
||||||
.IP "--ftp-ssl"
|
.IP "--ftp-ssl"
|
||||||
(FTP) Try to use SSL/TLS for the FTP connection.
|
(FTP) Try to use SSL/TLS for the FTP connection. Reverts to a non-secure
|
||||||
Reverts to a non-secure connection if the server doesn't support SSL/TLS.
|
connection if the server doesn't support SSL/TLS. See also
|
||||||
(Added in 7.11.0)
|
\fI--ftp-ssl-control\fP and \fI--ftp-ssl-reqd\fP for different levels of
|
||||||
|
encryption required. (Added in 7.11.0)
|
||||||
|
|
||||||
|
If this option is used twice, the second will again disable this.
|
||||||
|
.IP "--ftp-ssl-control"
|
||||||
|
(FTP) Try SSL/TLS for the ftp login, clear for transfer. Allows secure
|
||||||
|
authentication, but non-encrypted data transfers for efficiency. Fails the
|
||||||
|
transfer if the server doesn't support SSL/TLS. (Added in 7.16.0)
|
||||||
|
|
||||||
If this option is used twice, the second will again disable this.
|
If this option is used twice, the second will again disable this.
|
||||||
.IP "--ftp-ssl-reqd"
|
.IP "--ftp-ssl-reqd"
|
||||||
|
|||||||
18
src/main.c
18
src/main.c
@@ -339,6 +339,7 @@ struct Configurable {
|
|||||||
size_t lastrecvsize;
|
size_t lastrecvsize;
|
||||||
bool ftp_ssl;
|
bool ftp_ssl;
|
||||||
bool ftp_ssl_reqd;
|
bool ftp_ssl_reqd;
|
||||||
|
bool ftp_ssl_control;
|
||||||
|
|
||||||
char *socksproxy; /* set to server string */
|
char *socksproxy; /* set to server string */
|
||||||
int socksver; /* set to CURLPROXY_SOCKS* define */
|
int socksver; /* set to CURLPROXY_SOCKS* define */
|
||||||
@@ -519,6 +520,7 @@ static void help(void)
|
|||||||
" --ftp-pasv Use PASV/EPSV instead of PORT (F)",
|
" --ftp-pasv Use PASV/EPSV instead of PORT (F)",
|
||||||
" --ftp-skip-pasv-ip Skip the IP address for PASV (F)\n"
|
" --ftp-skip-pasv-ip Skip the IP address for PASV (F)\n"
|
||||||
" --ftp-ssl Try SSL/TLS for the ftp transfer (F)",
|
" --ftp-ssl Try SSL/TLS for the ftp transfer (F)",
|
||||||
|
" --ftp-ssl-control Try SSL/TLS for the ftp login, clear for transfer (F)",
|
||||||
" --ftp-ssl-reqd Require SSL/TLS for the ftp transfer (F)",
|
" --ftp-ssl-reqd Require SSL/TLS for the ftp transfer (F)",
|
||||||
" -F/--form <name=content> Specify HTTP multipart POST data (H)",
|
" -F/--form <name=content> Specify HTTP multipart POST data (H)",
|
||||||
" --form-string <name=string> Specify HTTP multipart POST data (H)",
|
" --form-string <name=string> Specify HTTP multipart POST data (H)",
|
||||||
@@ -1351,6 +1353,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
|
|||||||
{"$u", "ftp-alternative-to-user", TRUE},
|
{"$u", "ftp-alternative-to-user", TRUE},
|
||||||
{"$v", "ftp-ssl-reqd", FALSE},
|
{"$v", "ftp-ssl-reqd", FALSE},
|
||||||
{"$w", "no-sessionid", FALSE},
|
{"$w", "no-sessionid", FALSE},
|
||||||
|
{"$x", "ftp-ssl-control", FALSE},
|
||||||
|
|
||||||
{"0", "http1.0", FALSE},
|
{"0", "http1.0", FALSE},
|
||||||
{"1", "tlsv1", FALSE},
|
{"1", "tlsv1", FALSE},
|
||||||
@@ -1801,6 +1804,9 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
|
|||||||
case 'w': /* --no-sessionid */
|
case 'w': /* --no-sessionid */
|
||||||
config->disable_sessionid ^= TRUE;
|
config->disable_sessionid ^= TRUE;
|
||||||
break;
|
break;
|
||||||
|
case 'x': /* --ftp-ssl-control */
|
||||||
|
config->ftp_ssl_control ^= TRUE;
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case '#': /* --progress-bar */
|
case '#': /* --progress-bar */
|
||||||
@@ -3991,14 +3997,18 @@ operate(struct Configurable *config, int argc, char *argv[])
|
|||||||
else
|
else
|
||||||
curl_easy_setopt(curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_WHATEVER);
|
curl_easy_setopt(curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_WHATEVER);
|
||||||
|
|
||||||
/* new in curl 7.11.0 */
|
|
||||||
if(config->ftp_ssl)
|
|
||||||
curl_easy_setopt(curl, CURLOPT_FTP_SSL, CURLFTPSSL_TRY);
|
|
||||||
|
|
||||||
/* new in curl 7.15.5 */
|
/* new in curl 7.15.5 */
|
||||||
if(config->ftp_ssl_reqd)
|
if(config->ftp_ssl_reqd)
|
||||||
curl_easy_setopt(curl, CURLOPT_FTP_SSL, CURLFTPSSL_ALL);
|
curl_easy_setopt(curl, CURLOPT_FTP_SSL, CURLFTPSSL_ALL);
|
||||||
|
|
||||||
|
/* new in curl 7.11.0 */
|
||||||
|
else if(config->ftp_ssl)
|
||||||
|
curl_easy_setopt(curl, CURLOPT_FTP_SSL, CURLFTPSSL_TRY);
|
||||||
|
|
||||||
|
/* new in curl 7.16.0 */
|
||||||
|
else if(config->ftp_ssl_control)
|
||||||
|
curl_easy_setopt(curl, CURLOPT_FTP_SSL, CURLFTPSSL_CONTROL);
|
||||||
|
|
||||||
/* new in curl 7.11.1, modified in 7.15.2 */
|
/* new in curl 7.11.1, modified in 7.15.2 */
|
||||||
if(config->socksproxy) {
|
if(config->socksproxy) {
|
||||||
curl_easy_setopt(curl, CURLOPT_PROXY, config->socksproxy);
|
curl_easy_setopt(curl, CURLOPT_PROXY, config->socksproxy);
|
||||||
|
|||||||
Reference in New Issue
Block a user