Archived Forum Post
Index of archived forum posts
Question:
Archived Forum PostQuestion:
I'm having this problem while trying to connect to a ftp server:
Architecture: Little Endian; 32-bit
Language: .NET 4.0
ImplicitSsl: 0
AuthTls: 1
AuthSsl: 0
Hostname: x.x.x.x
Port: 60300
IdleTimeoutMs: 60000
ConnectTimeout: 60
HeartbeatMs: 0
SOCKS5:
socksHostname: x.x.x.x
socksPort: 3185
socksUsername: username
ConnectTimeoutMs: 60000
calling ConnectSocket2
This is an IPV4 numeric address...
AddrInfoList:
AddrInfo:
ai_flags: 4
ai_family: 2
ai_socktype: 1
ai_protocol: 0
ai_addrlen: 16
ai_canonname: (NULL)
Connect using IPV4.
ipAddress1: x.x.x.x
myIP_3: x.x.x.x
myPort_3: 49178
connect successful.
SOCKS5 server selected username/password authentication.
initialStatus: 220
initialResponse: 220 ESMTP Exim 4.72
converting to secure connection...
ssl_protocol_3: default
ConvertToTLS:
clientHelloMajorMinorVersion: 3.1
buildClientHello:
majorVersion: 3
minorVersion: 1
numRandomBytes: 32
sessionIdSize: 0
numCipherSuites: 10
numCompressionMethods: 1
Received SSL 3.0 or TLS record...
m_contentType: 21
m_majorVersion: 3
m_minorVersion: 1
msgLen: 2
TlsRecord:
ContentType: 0x15
Protocol: TLS 1.0
PacketLen: 2
LengthMsb: 0x0
LengthLsb: 0x2
processTlsRecord:
ProcessTlsRecord:
ContentType: Alert
TlsAlert:
level: fatal
descrip: handshake failure
Closing connection in response to fatal error.
Failed to read incoming handshake messages. (1)
Client handshake failed.
Failed to convert channel to SSL/TLS
Failed to connect to FTP server.
Can someone please help me?
my properties are set like this:
SocksVersion = 5
Passive = true
RequireSslCertVerify = false
AuthTls = true
Just confirmed that this issue only happens with glftpd servers, with proftpd works fine. Anyway around this?
The LastErrorText shows that the server is responding to the SSL/TLS ClientHello with an "Alert" message that indicates it is not willing to proceed with the SSL/TLS negotiation (i.e. handshake). The only reason I can imagine is that it does not accept that the protocol is "TLS 1.0". Try setting the Ftp2.SslProtocol property equal to the string "SSL 3.0" to see if it solves the problem. If not, then it's probably necessary to get more information from the server-side to answer the question of Why it aborts the handshake.
Sorry, same error:
initialStatus: 220
initialResponse: 220 SSH-2.0-OpenSSH_3.4p1
converting to secure connection...
ssl_protocol_3: SSL 3.0
ConvertToTLS:
clientHelloMajorMinorVersion: 3.0
buildClientHello:
majorVersion: 3
minorVersion: 0
numRandomBytes: 32
sessionIdSize: 0
numCipherSuites: 10
numCompressionMethods: 1
Received SSL 3.0 or TLS record...
m_contentType: 21
m_majorVersion: 3
m_minorVersion: 0
msgLen: 2
TlsRecord:
ContentType: 0x15
Protocol: SSL 3.0
PacketLen: 2
LengthMsb: 0x0
LengthLsb: 0x2
processTlsRecord:
ProcessTlsRecord:
ContentType: Alert
TlsAlert:
level: fatal
descrip: handshake failure
Closing connection in response to fatal error.
Failed to read incoming handshake messages. (1)
Client handshake failed.
Failed to convert channel to SSL/TLS
Failed to connect to FTP server.
Well you guys should test to get more info. It can be downloaded here: http://www.glftpd.org/
The problem occurs with all the glftpd servers I tested
Is there any solution for this problem yet? I got the same when trying to login to a glftpd server with auth tls. Any other server work just fine.
Grtz Tukker
Notice the initial response from the server:
initialResponse: 220 SSH-2.0-OpenSSH_3.4p1
You're trying to speak "SSL/TLS" to an SSH server. SSH does not use SSL/TLS. To clarify:
"SFTP" is the Secure File Transfer Protocol over SSH. It is a protocol unrelated to the FTP protocol. The Chilkat SSH / SFTP component is used for "SFTP". SFTP is achieved by connecting to an SSH server at port 22.
On the other hand, the Chilkat FTP2 component is for FTP. FTP servers listen at port 21 (non-SSL/TLS) and port 990 (SSL). FTP over SSL (i.e. port 990) is called "FTPS".
The chilkat ftp2 component has same issue
Connect_Ftp2:
DllDate: Dec 12 2012
UnlockPrefix: xxxxxxxxxxx
Username: xxxxxxx:xxxxxxxx
Architecture: Little Endian; 32-bit
Language: .NET 4.0
VerboseLogging: 0
ProgressMonitoring:
enabled: no
heartbeatMs: 0
sendBufferSize: 65536
(leaveContext)
ImplicitSsl: 0
AuthTls: 1
AuthSsl: 0
Hostname: xxxxxxxxxx
Port: xxxxxxx
IdleTimeoutMs: 60000
ConnectTimeout: 60
HeartbeatMs: 0
ConnectTimeoutMs_1: 60000
calling ConnectSocket2
IPV6 enabled connect with NO heartbeat.
This is an IPV4 numeric address...
AddrInfoList:
AddrInfo:
ai_flags: 4
ai_family: 2
ai_socktype: 1
ai_protocol: 0
ai_addrlen: 16
ai_canonname: (NULL)
(leaveContext)
(leaveContext)
Connect using IPV4.
ipAddress1: xxxxxxxxxx
myIP_3: xxxxxxxx
myPort_3: xxxxx
connect successful (2)
Turning on TCP_NODELAY.
socketOptions:
SO_SNDBUF: 8192
SO_RCVBUF: 8192
TCP_NODELAY: 8193
(leaveContext)
readFtpControlChannelReply:
(leaveContext)
initialStatus: 220
initialResponse: 220 Welcome
converting to secure connection...
sentCommand: AUTH TLS
readFtpControlChannelReply:
(leaveContext)
receivedResponse: 234 AUTH TLS successful
ssl_protocol_3: SSL 3.0
ConvertToTls_4:
establishChannel2_1:
clientHandshake:
cacheClientCerts:
(leaveContext)
clientHelloMajorMinorVersion: 3.0
buildClientHello:
majorVersion: 3
minorVersion: 0
numRandomBytes: 32
sessionIdSize: 0
numCipherSuites: 10
numCompressionMethods: 1
(leaveContext)
readIncomingTls_serverHello:
readTlsRecord:
(leaveContext)
processTlsRecord:
processAlert:
TlsAlert:
level: fatal
descrip: handshake failure
(leaveContext)
Closing connection in response to fatal error.
(leaveContext)
(leaveContext)
(leaveContext)
Failed to read incoming handshake messages. (1)
(leaveContext)
Client handshake failed. (1)
connectionClosed: 0
(leaveContext)
(leaveContext)
Failed to convert channel to SSL/TLS
Failed to connect to FTP server.
Failed.
(leaveContext)
it's the openssl version used by chilkat that is outdated when i test it i see OpenSSL 1.0.1l 15 Jan 2015 and the last openssl version is 1.0.2d with some major fix
i don't know why since i installed openssl 1.0.2d, maybe python34, how to fix it ?