login about faq

I'm having this problem while trying to connect to a ftp server:

Architecture: Little Endian; 32-bit
Language: .NET 4.0
ImplicitSsl: 0
AuthTls: 1
AuthSsl: 0
Hostname: x.x.x.x
Port: 60300
IdleTimeoutMs: 60000
ConnectTimeout: 60
HeartbeatMs: 0
SOCKS5:
  socksHostname: x.x.x.x
  socksPort: 3185
  socksUsername: username
ConnectTimeoutMs: 60000
calling ConnectSocket2
This is an IPV4 numeric address...
AddrInfoList:
  AddrInfo:
    ai_flags: 4
    ai_family: 2
    ai_socktype: 1
    ai_protocol: 0
    ai_addrlen: 16
    ai_canonname: (NULL)
Connect using IPV4.
ipAddress1: x.x.x.x
myIP_3: x.x.x.x
myPort_3: 49178
connect successful.
SOCKS5 server selected username/password authentication.
initialStatus: 220
initialResponse: 220 ESMTP Exim 4.72
converting to secure connection...
ssl_protocol_3: default
ConvertToTLS:
  clientHelloMajorMinorVersion: 3.1
  buildClientHello:
    majorVersion: 3
    minorVersion: 1
    numRandomBytes: 32
    sessionIdSize: 0
    numCipherSuites: 10
    numCompressionMethods: 1
  Received SSL 3.0 or TLS record...
  m_contentType: 21
  m_majorVersion: 3
  m_minorVersion: 1
  msgLen: 2
  TlsRecord:
    ContentType: 0x15
    Protocol: TLS 1.0
    PacketLen: 2
    LengthMsb: 0x0
    LengthLsb: 0x2
  processTlsRecord:
    ProcessTlsRecord:
      ContentType: Alert
      TlsAlert:
        level: fatal
        descrip: handshake failure
      Closing connection in response to fatal error.
  Failed to read incoming handshake messages. (1)
  Client handshake failed.
Failed to convert channel to SSL/TLS
Failed to connect to FTP server.

Can someone please help me?
my properties are set like this: SocksVersion = 5 Passive = true RequireSslCertVerify = false AuthTls = true

Just confirmed that this issue only happens with glftpd servers, with proftpd works fine. Anyway around this?

asked Nov 11 '12 at 10:20

GustavoAR's gravatar image

GustavoAR
1112


The LastErrorText shows that the server is responding to the SSL/TLS ClientHello with an "Alert" message that indicates it is not willing to proceed with the SSL/TLS negotiation (i.e. handshake). The only reason I can imagine is that it does not accept that the protocol is "TLS 1.0". Try setting the Ftp2.SslProtocol property equal to the string "SSL 3.0" to see if it solves the problem. If not, then it's probably necessary to get more information from the server-side to answer the question of Why it aborts the handshake.

link

answered Nov 12 '12 at 09:28

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

Hi, SSL 3.0 didnt work. See log below...

(Nov 12 '12 at 09:43) GustavoAR

Sorry, same error:

initialStatus: 220
initialResponse: 220 SSH-2.0-OpenSSH_3.4p1
converting to secure connection...
ssl_protocol_3: SSL 3.0
ConvertToTLS:
  clientHelloMajorMinorVersion: 3.0
  buildClientHello:
    majorVersion: 3
    minorVersion: 0
    numRandomBytes: 32
    sessionIdSize: 0
    numCipherSuites: 10
    numCompressionMethods: 1
  Received SSL 3.0 or TLS record...
  m_contentType: 21
  m_majorVersion: 3
  m_minorVersion: 0
  msgLen: 2
  TlsRecord:
    ContentType: 0x15
    Protocol: SSL 3.0
    PacketLen: 2
    LengthMsb: 0x0
    LengthLsb: 0x2
  processTlsRecord:
    ProcessTlsRecord:
      ContentType: Alert
      TlsAlert:
        level: fatal
        descrip: handshake failure
      Closing connection in response to fatal error.
  Failed to read incoming handshake messages. (1)
  Client handshake failed.
Failed to convert channel to SSL/TLS
Failed to connect to FTP server.

Well you guys should test to get more info. It can be downloaded here: http://www.glftpd.org/ The problem occurs with all the glftpd servers I tested

link

answered Nov 12 '12 at 09:42

GustavoAR's gravatar image

GustavoAR
1112

edited Nov 12 '12 at 09:42

Is there any solution for this problem yet? I got the same when trying to login to a glftpd server with auth tls. Any other server work just fine.

Grtz Tukker

link

answered Jun 02 '13 at 15:34

Tukker's gravatar image

Tukker
1

Notice the initial response from the server:

initialResponse: 220 SSH-2.0-OpenSSH_3.4p1

You're trying to speak "SSL/TLS" to an SSH server. SSH does not use SSL/TLS. To clarify:

"SFTP" is the Secure File Transfer Protocol over SSH. It is a protocol unrelated to the FTP protocol. The Chilkat SSH / SFTP component is used for "SFTP". SFTP is achieved by connecting to an SSH server at port 22.

On the other hand, the Chilkat FTP2 component is for FTP. FTP servers listen at port 21 (non-SSL/TLS) and port 990 (SSL). FTP over SSL (i.e. port 990) is called "FTPS".

link

answered Jun 03 '13 at 13:56

chilkat's gravatar image

chilkat ♦♦
11.8k316358420

The chilkat ftp2 component has same issue

Connect_Ftp2:
DllDate: Dec 12 2012
UnlockPrefix: xxxxxxxxxxx
Username: xxxxxxx:xxxxxxxx
Architecture: Little Endian; 32-bit
Language: .NET 4.0
VerboseLogging: 0
ProgressMonitoring:
    enabled: no
    heartbeatMs: 0
    sendBufferSize: 65536
    (leaveContext)
ImplicitSsl: 0
AuthTls: 1
AuthSsl: 0
Hostname: xxxxxxxxxx
Port: xxxxxxx
IdleTimeoutMs: 60000
ConnectTimeout: 60
HeartbeatMs: 0
ConnectTimeoutMs_1: 60000
calling ConnectSocket2
IPV6 enabled connect with NO heartbeat.
This is an IPV4 numeric address...
AddrInfoList:
    AddrInfo:
        ai_flags: 4
        ai_family: 2
        ai_socktype: 1
        ai_protocol: 0
        ai_addrlen: 16
        ai_canonname: (NULL)
        (leaveContext)
    (leaveContext)
Connect using IPV4.
ipAddress1: xxxxxxxxxx
myIP_3: xxxxxxxx
myPort_3: xxxxx
connect successful (2)
Turning on TCP_NODELAY.
socketOptions:
    SO_SNDBUF: 8192
    SO_RCVBUF: 8192
    TCP_NODELAY: 8193
    (leaveContext)
readFtpControlChannelReply:
    (leaveContext)
initialStatus: 220
initialResponse: 220 Welcome
converting to secure connection...
sentCommand: AUTH TLS
readFtpControlChannelReply:
    (leaveContext)
receivedResponse: 234 AUTH TLS successful
ssl_protocol_3: SSL 3.0
ConvertToTls_4:
    establishChannel2_1:
        clientHandshake:
            cacheClientCerts:
                (leaveContext)
            clientHelloMajorMinorVersion: 3.0
            buildClientHello:
                majorVersion: 3
                minorVersion: 0
                numRandomBytes: 32
                sessionIdSize: 0
                numCipherSuites: 10
                numCompressionMethods: 1
                (leaveContext)
            readIncomingTls_serverHello:
                readTlsRecord:
                    (leaveContext)
                processTlsRecord:
                    processAlert:
                        TlsAlert:
                            level: fatal
                            descrip: handshake failure
                            (leaveContext)
                        Closing connection in response to fatal error.
                        (leaveContext)
                    (leaveContext)
                (leaveContext)
            Failed to read incoming handshake messages. (1)
            (leaveContext)
        Client handshake failed. (1)
        connectionClosed: 0
        (leaveContext)
    (leaveContext)
Failed to convert channel to SSL/TLS
Failed to connect to FTP server.
Failed.
(leaveContext)
link

answered Jun 05 '13 at 13:02

Tukker's gravatar image

Tukker
1

it's the openssl version used by chilkat that is outdated when i test it i see OpenSSL 1.0.1l 15 Jan 2015 and the last openssl version is 1.0.2d with some major fix

i don't know why since i installed openssl 1.0.2d, maybe python34, how to fix it ?

link

answered Jul 25 '15 at 15:35

margouye's gravatar image

margouye
11

edited Jul 25 '15 at 15:40

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×90
×62
×11
×6
×2

Asked: Nov 11 '12 at 10:20

Seen: 4,303 times

Last updated: Jul 25 '15 at 15:40

powered by OSQA