Commit 6a06667c authored by Daniel Stenberg's avatar Daniel Stenberg
Browse files

Added CURLOPT_FTPSSLAUTH

parent 25bf2310
Loading
Loading
Loading
Loading
+10 −1
Original line number Diff line number Diff line
@@ -7,6 +7,15 @@
                                  Changelog

Daniel (16 September 2004)
- Daniel at touchtunes uses the FTP+SSL server "BSDFTPD-SSL from
  http://bsdftpd-ssl.sc.ru/" which accordingly doesn't properly work with curl
  when "AUTH SSL" is issued (although the server responds fine and everything)
  but requires that curl issues "AUTH TLS" instead. See
  http://curl.haxx.se/feedback/display.cgi?id=10951944937603&support=yes

  Introducing CURLOPT_FTPSSLAUTH that allows the application to select which
  of the AUTH strings to attempt first.

- Anonymous filed bug report #1029478 which identified a bug when you 1) used
  a URL without properly seperating the host name and the parameters with a
  slash. 2) the URL had parameters to the right of a ? that contains a slash
@@ -17,7 +26,7 @@ Daniel (16 September 2004)
  Test case 187 was added to verify that this was fixed properly.

Daniel (11 September 2004)
- Added parsedate.[ch] that contains a rewrite of the date parser currently
- Added parsedate.c that contains a rewrite of the date parser currently
  provided by getdate.y. The new one is MUCH smaller and will allow us to run
  away from the yacc/bison jungle. It is also slightly lacking in features
  compared to the old one, but it supports parsing of all date formats HTTP
+2 −1
Original line number Diff line number Diff line
@@ -10,6 +10,7 @@ Curl and libcurl 7.12.2

This release includes the following changes:

 o added CURLOPT_FTPSSLAUTH
 o curl_getdate() completely rewritten, which may affect curl -z use cases.

This release includes the following bugfixes:
@@ -37,6 +38,6 @@ advice from friends like these:

 Casey O'Donnell, Roland Krikava, Alex, Alexander Krasnostavsky, Kjetil
 Jacobsen, Ling Thio, Roman Koifman, Harshal Pradhan, Jonas Forsman, David
 Tarendash
 Tarendash, Daniel at touchtunes

        Thanks! (and sorry if I forgot to mention someone)
+12 −0
Original line number Diff line number Diff line
@@ -720,6 +720,18 @@ Require SSL for the control connection or fail with \fICURLE_FTP_SSL_FAILED\fP.
.IP CURLFTPSSL_ALL
Require SSL for all communication or fail with \fICURLE_FTP_SSL_FAILED\fP.
.RE
.IP CURLOPT_FTPSSLAUTH
Pass a long using one of the values from below, to alter how libcurl issues
\&"AUTH TLS" or "AUTH SSL" when FTP over SSL is activated (see
\fICURLOPT_FTP_SSL\fP).
.RS
.IP CURLFTPAUTH_DEFAULT
Allow libcurl to decide
.IP CURLFTPAUTH_SSL
Try "AUTH SSL" first, and only if that fails try "AUTH TLS"
.IP CURLFTPAUTH_TLS
Try "AUTH TLS" first, and only if that fails try "AUTH SSL"
.RE
.SH PROTOCOL OPTIONS
.IP CURLOPT_TRANSFERTEXT
A non-zero parameter tells the library to use ASCII mode for ftp transfers,
+21 −0
Original line number Diff line number Diff line
@@ -303,6 +303,7 @@ typedef enum {

#define CURL_ERROR_SIZE 256

/* parameter for the CURLOPT_FTP_SSL option */
typedef enum {
  CURLFTPSSL_NONE,    /* do not attempt to use SSL */
  CURLFTPSSL_TRY,     /* try using SSL, proceed anyway otherwise */
@@ -311,6 +312,14 @@ typedef enum {
  CURLFTPSSL_LAST     /* not an option, never use */
} curl_ftpssl;

/* parameter for the CURLOPT_FTPSSLAUTH option */
typedef enum {
  CURLFTPAUTH_DEFAULT, /* let libcurl decide */
  CURLFTPAUTH_SSL,     /* use "AUTH SSL" */
  CURLFTPAUTH_TLS,     /* use "AUTH TLS" */
  CURLFTPAUTH_LAST /* not an option, never use */
} curl_ftpauth;

/* long may be 32 or 64 bits, but we should never depend on anything else
   but 32 */
#define CURLOPTTYPE_LONG          0
@@ -813,6 +822,18 @@ typedef enum {
     of commands with this */
  CINIT(SOURCE_POSTQUOTE, OBJECTPOINT, 128),

  /* When FTP over SSL/TLS is selected (with CURLOPT_FTP_SSL), this option
     can be used to change libcurl's default action which is to first try
     "AUTH SSL" and then "AUTH TLS" in this order, and proceed when a OK
     response has been received.

     Available parameters are:
     CURLFTPAUTH_DEFAULT - let libcurl decide
     CURLFTPAUTH_SSL     - try "AUTH SSL" first, then TLS
     CURLFTPAUTH_TLS     - try "AUTH TLS" first, then SSL
  */
  CINIT(FTPSSLAUTH, LONG, 129),

  CURLOPT_LASTENTRY /* the last unused */
} CURLoption;

+20 −1
Original line number Diff line number Diff line
@@ -540,8 +540,27 @@ CURLcode Curl_ftp_connect(struct connectdata *conn)

  if(data->set.ftp_ssl && !conn->ssl[FIRSTSOCKET].use) {
    /* we don't have a SSL/TLS connection, try a FTPS connection now */
    int start;
    int trynext;
    int count=0;

    switch(data->set.ftpsslauth) {
    case CURLFTPAUTH_DEFAULT:
    case CURLFTPAUTH_SSL:
      start = 0;
      trynext = 1;
      break;
    case CURLFTPAUTH_TLS:
      start = 1;
      trynext = 0;
      break;
    default:
      failf(data, "unsupported parameter to CURLOPT_FTPSSLAUTH: %d\n",
            data->set.ftpsslauth);
      return CURLE_FAILED_INIT; /* we don't know what to do */
    }

    for (try = 0; ftpauth[try]; try++) {
    for (try = start; ftpauth[count]; try=trynext, count++) {

      FTPSENDF(conn, "AUTH %s", ftpauth[try]);

Loading