This project is read-only.

FTPS Server without a welcome message?

Jan 5, 2009 at 4:12 AM
Hi Alessandro,

Great work on this library!
Just today I went looking for a FTPS client library - only to find yours the same day posted. That's a first!

Anyway, to the point...
I'm using Xlight FTP Server.. for some reason, when SSL is enabled, it no longer prints a welcome message. Unfortunately, your FTPS library waits for a banner message - build 1811: FTPSClient.cs: line 415: bannerMessage = GetResponse().Message;.

Would it be possible to add a timeout if no banner message is received - permitting the client to continue on to ssl negotiation? As a reference, coreftp client waits 2.5 secs before sending the AUTHTLS command.

I'm still on visual studio 2005, so i can't test the change locally.. project won't import.
Please let me know your thoughts..
Thnx!


-Mark

Jan 6, 2009 at 2:23 AM
Mark,


I will test it against Xlight FTP. Could you provide a public url with anonymous auth to connect to for a test?

BTW, the banner message is simply the reply that needs to be sent from the server upon connection, as stated on the RFC 959 document. 

I will check it out and see if it's the case to shorten the timeout or put an option to disable waiting on the first reply.

Cheers,

Alessandro
Jan 6, 2009 at 4:15 AM
<style> BODY { FONT-SIZE: 0.75em; FONT-FAMILY: Verdana } #ThreadNotificationFooter { BORDER-TOP: #ccc 1px solid; COLOR: gray } #ThreadNotificationPostBody { MARGIN-BOTTOM: 2em } </style>
Hi Alessandro,
 
Thanks for the replies!
 
I'll setup a test ftp server a bit later tonight - mid-stream on a critical problem just now. Is there a block of public ip addresses you'll be testing from? I'm not a fan of leaving ftp open to the world.
 
fyi.. http://xlightftpd.com/forum/viewtopic.php?p=1933#1933. I agree with you on the ftp server's requirements - though, i'm not sure why xlight doesn't get it.. or what they will do (if anything) to fix it.
 
Thnx!
 
 
-Mark
Jan 6, 2009 at 5:33 PM
Mark,

I'm going to setup an XLight FTP server, to reproduce the problem with the banner message. I will let you know if a test on your server is still needed.

Cheers,

Alessandro
Jan 8, 2009 at 12:51 AM
Mark,

I just tried a setup with XLight FTP and everything works well, with the server answering as expected. There is only a problem with the CCC command. It seems that other clients have the same issue. I'm currently investigating.
To avoid it just set _-ssl ControlChannelRequested_

As for your connection error, I suspect that you are using an "Implicit" SSL connection in your XLight FTP configuration. Could you please confirm it?

The FTPS standard (RFC 2228) defines a so called "Explicit" connection. Implicit connections are currently deprecated by IETF for a number of reasons, but although there's no real standard behing this technology, it is implemented in a number of FTP servers.
I'm thinking about adding support for it, although I'd prefer to stick to the RFC.

Cheers,

Alessandro
Jan 8, 2009 at 2:25 AM
Hi Alessandro,

Wow.. that's what i get for working on this late night.
I have the server set for implicit, when it should have been explicit. Thought I had tested all options, but wasn't my best hour.
Sorry for wasting your time.
I think sticking with explicit is a wise move.
Your library works great!!
Thnx!


-Mark

Jan 8, 2009 at 7:25 PM
Mark,

I just release an 1.0.1 version of the FTPS client.

I added support for implicit FTPS connections, as they are widely used.

I also added an x509ClientCert parameter to the Connect(...) overload you were using (removing the x509ClientCertPath parameter, I know it's a breaking change, but at this stage it's still possible :-) ).
This way it is possible to get an X509 cert from any source e.g. a cert store and pass it to the Connect(...) method. maybe a specific overload for managing cert stores will be added in the future.

Cheers,

Alessandro