Unknown SSL protocol error in a ftp upload with cURL

0
votes

I'm trying to upload a file with an explicit ftp over tls connection, using cURL in PHP. The authentication with the ftp server succeeds, but when i try to upload the file in passive mode, i receive the following error: "Unknown SSL protocol error in connection to server.domain.nl:21".

What can be the issue in this case? Could it be that the port for the passive upload is blocked by my provider? Can i change the port for the file upload?

My website provider doesn't support ftp_ssl_connect, so i cannot use that function.

Thx, Jack

FTP Log:

230 User logged in.
PBSZ 0
< 200 PBSZ command successful.
PROT P
< 200 PROT command successful.
PWD
< 257 "/" is current directory.
* Entry path is '/'
CWD avs
< 250 CWD command successful.
EPSV
* Connect data stream passively
< 229 Entering Extended Passive Mode (|||50075|)
* Trying x.x.x.x...
* Connecting to x.x.x.x (x.x.x.x) port 50075
TYPE I
< 200 Type set to I.
STOR 00191_2773.xml < 150 Opening BINARY mode data connection.
* Doing the SSL/TLS handshake on the data stream
* successfully set certificate verify locations:
* CAfile: c:\vevida\php54\cacert.pem
CApath: none
* SSL re-using session ID
* Unknown SSL protocol error in connection to server.domain.nl:21
* Closing connection 19

My code is:

$ch = curl_init() ;

    $stderr = fopen("d:\\www\\domein.nl\\www\\pdf\\temp\\curl.txt", "w"); 
    $fp = fopen($fileLocation191, 'r') ;

    //logging:
    curl_setopt($ch, CURLOPT_VERBOSE, TRUE) ;
    curl_setopt($ch, CURLOPT_STDERR, $stderr) ;

    curl_setopt($ch, CURLOPT_URL, 'ftp://user:[email protected]/avs/'.$remote_file191) ;  
    curl_setopt($ch, CURLOPT_UPLOAD, TRUE) ;
    curl_setopt($ch, CURLOPT_INFILE, $fp) ;
    curl_setopt($ch, CURLOPT_INFILESIZE, filesize($fileLocation191)) ;

    curl_setopt($ch, CURLOPT_PORT, 21) ;
    curl_setopt($ch, CURLOPT_USERPWD, 'user:pw');

    // SSL STUFF        
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false) ;
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false) ;
    curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1) ; 
    curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1') ;  
    curl_setopt($ch, CURLOPT_FTP_SSL, CURLOPT_FTPSSLAUTH) ; 
    curl_setopt($ch, CURLOPT_FTPSSLAUTH, CURLFTPAUTH_TLS) ;             
    // EINDE SSL 

    //curl_setopt($ch, CURLOPT_FTPPORT, '-') ; 
    curl_setopt($ch, CURLOPT_TIMEOUT, 30) ;
    curl_setopt($ch, CURLOPT_FTP_USE_EPSV, TRUE) ;
    curl_setopt($ch, CURLOPT_FTP_USE_PASV, TRUE) ;
    curl_setopt($ch, CURLOPT_FTP_USE_EPRT, FALSE) ;


    curl_exec ($ch) ;
1
phpsslcurlftp

1 Answers

0
votes

Could it be that the port for the passive upload is blocked by my provider?

It can be that the provider only allows few outgoing ports, but I doubt it. Ask the provider.

Can i change the port for the file upload?

No, this port is determined by the FTP server.

Some thing you should check:

  • Try it with plain FTP to find out if the problem is related to FTP over TLS.
  • Try it with a different FTP server.
  • Try to reach the server with a different program.

Apart from that:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false) ;
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false) ;

Why do you use TLS at all since you are disabling validation of the peer anyway? Or is this only for testing?