This project is read-only.

550 PROT P Required - FTP over SSL (Implicit)

Oct 16, 2009 at 10:20 AM

Hello,

FTP upload over SSL (Implicit) to FileZilla Server 0.9.33 beta failed with this message sent from server. When I checked FTPSClient class, PROT P is sent to server in Connect method in the following check

if (IsControlChannelEncrypted && !isImplicitSsl)
            {
                // Following line sends PROT P command
                SslDataChannelCheckExplicitEncryptionRequest();

                if ((sslSupportMode & ESSLSupportMode.ControlChannelRequested) != ESSLSupportMode.ControlChannelRequested)
                    SSlCtrlChannelCheckRevertToClearText();
            }

 

Now I am using Implicit FTPS. Following is what I provide to sslSupportMode parameter to Connect method of FTPSClient:

ESSLSupportMode supportMode = ESSLSupportMode.Implicit | ESSLSupportMode.DataChannelRequested;

However when I put breakpoint on

 if (IsControlChannelEncrypted && !isImplicitSsl)

 check in the code snippet on the top and forced the execution to go through

SslDataChannelCheckExplicitEncryptionRequest(); 

method (thus forcing PROT P to be sent) the upload was successful.

Is there anything I am missing?

Thanks

Oct 16, 2009 at 12:48 PM

Hello,

implicit FTPS is an older deprecated pre-standard format.  Please look here for details:

http://en.wikipedia.org/wiki/FTPS

PROT is an explicit FTPS command, which is implemented by Filezilla server on its implicit implementation.

"Implicit" means that an implementation should support FTP commands only, as the communication is transparently encrypted on some "well defined" ports (990/989), but not being ruled by a stardard, every server product chooses it's own way about how to support this.  

Please see e.g.: the following FileZilla ticket about this issue:

http://trac.filezilla-project.org/ticket/2581

Having said that, standards and real world are two different things. Probably I'll add a switch to support this "non standard behaviour on a non standard protocol implementation". :-)

 

Cheers,

Alessandro Pilotti

MVP / IIS

 

 

Oct 16, 2009 at 2:22 PM

You are right that PROT is not used over Implicit SSL FTP. What's interesting is that FileZilla has an option saying "Force PROT P to encrypt file transfers in SSL/TLS mode". When this is disabled, the Implicit SSL FTP communication times out! Looking forward to the switch to support this. Not sure whether the license allows one to make the change in the code and use it?

Thanks!

Oct 16, 2009 at 3:14 PM

Hi,

> Not sure whether the license allows one to make the change in the code and use it?

Of course! It's LGPL source code. The only real "limit" for commercial apps is that changes to the AlexFTPS sources need to be released under LGPL (please see the license for details).

 

Cheers,

Alessandro Pilotti

MVP / IIS

 

Oct 16, 2009 at 3:26 PM

Brilliant! Will go through the license. This API has is very helpful though it's a shame it shows on approximately 3rd page on Google when searching for FTP over SSL related stuff!