This project is read-only.

No luck in connecting to Implicit FTP, ask for help

Jun 23, 2010 at 7:20 AM

Hi Alex,

First many thanks for sharing your work as a component. It looks brilliant and I can't hold to try in my project. 

I am now connecting to a client's FTP site in Fliezilla. While I tried to connect to the site in command line:

ftps -h xxxxxx -U xxxxxx -port 6990 -ssl Implicit -l /

I got an error 'ERROR: The handshake failed due to an unexpected packet format.' 

It looks like I have login but can not get a proper response of the directory list. 

And then I tried in C# code:

        FTPSClient client = new FTPSClient();
        string strHost = "xxxx";        
int iPort = 6990;

        try        
{            
client.Connect(strHost, iPort, new NetworkCredential("xxxx","xxxx"), ESSLSupportMode.Implicit, new RemoteCertificateValidationCallback(ValidateTestServerCertificate), new X509Certificate(), 0, 0, 0, System.Threading.Timeout.Infinite);          
client.Close();        
}      
catch(Exception ex)      
{            
lblError.Text = ex.ToString().Replace("/r/n", "<br>");      
}

And I got an error message:

System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond xxx.xxx.xxx.xxx:990
at System.Net.Sockets.TcpClient..ctor(String hostname, Int32 port)
at AlexPilotti.FTPS.Client.FTPSClient.SetupCtrlConnection(String hostname, Int32 port, Encoding textEncoding)
at AlexPilotti.FTPS.Client.FTPSClient.Connect(String hostname, Int32 port, NetworkCredential credential, ESSLSupportMode sslSupportMode, RemoteCertificateValidationCallback userValidateServerCertificate, X509Certificate x509ClientCert, Int32 sslMinKeyExchangeAlgStrength, Int32 sslMinCipherAlgStrength, Int32 sslMinHashAlgStrength, Nullable`1 timeout)
at AlexPilotti.FTPS.Client.FTPSClient.Connect(String hostname, NetworkCredential credential, ESSLSupportMode sslSupportMode, RemoteCertificateValidationCallback userValidateServerCertificate)
at AlexPilotti.FTPS.Client.FTPSClient.Connect(String hostname, NetworkCredential credential, ESSLSupportMode sslSupportMode)

It looks like the code even can not connect the proper host/port. Also I am confused that the port has been changed from 6990 to 990 in the error message.

Could you give me any suggestion to go on?

 

Thanks and Regards,

Giggs

Jun 25, 2010 at 6:44 AM

After a few more struggling, I can connect to the server in the same code now but getting the error 'The handshake failed due to an unexpected packet format' when I get the directory list or download a file.

It made more sense to me since I got the same error via command line. I pasted the error stacks below. Any advice is welcomed. Thanks a lot. 

Cheers,

Giggs

 

System.IO.IOException: The handshake failed due to an unexpected packet format. at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) at AlexPilotti.FTPS.Client.FTPSClient.CreateSSlStream(Stream s, Boolean leaveInnerStreamOpen) at AlexPilotti.FTPS.Client.FTPSClient.GetDataStream() at AlexPilotti.FTPS.Client.FTPSClient.GetDataString() at AlexPilotti.FTPS.Client.FTPSClient.GetDirectoryListUnparsed(String remoteDirName) at AlexPilotti.FTPS.Client.FTPSClient.GetDirectoryList() at _Default.bntStart_Click(Object sender, EventArgs e) in e:\wwwroot\HogTransfer\Default.aspx.cs:line 49

Jul 16, 2010 at 7:35 PM
Hi Giggs, sorry for the late reply, I've been a bit on vacation lately :-) The error you are expecting are typical of SSL protocolo mismatchs, where a SSL/TLS connection is expected but some cleartext data is returned instead. Can you manage to connect using another client e.g.: FileZilla? Positing the connection log might be useful to resolve this issue. Cheers, Alessandro
Jul 19, 2010 at 12:34 AM

Hi Alex,

 

Many thanks for replying eventually. I hope you had a nice holiday. And I believe you are correct that there is some unexpected text in the data has to deal with. Unfortunately I cannot get the server log from the client and I have no idea which server is in use. I can only stick the log from the FileZilla on my end below:

 

Status: Connecting to ftp1.xxx.com:6990 ...

Status: Connected with ftp1.xxx.com:6990, negotiating SSL connection...

Status: SSL connection established. Waiting for welcome message...

Response: 220-xxx Secure ConnectionResponse: 220-Microsoft FTP Service

Response:    xxx FTP Server.Response: 220 For Authorized Use Only!

Command: USER Tradevent

Response: 331 Password required for xxx.

Command: PASS ********

Response: 230 User Tradevent logged in.

Command: SYST

Response: 215 Windows_NT

Command: FEAT

Response: 211-FEAT

Response: PBSZ

Response: PROT

Response:    SIZE

Response:    MDTM

Response: 211 END

Command: PBSZ 0

Response: 200 PBSZ

Command OK. Protection buffer size set to 0.

Command: PROT P

Response: 200 PROT

Command OK. Using Private data connection.

Status: Connected

Status: Retrieving directory listing...

Command: PWD

Response: 257 "/" is current directory.

Command: TYPE A

Response: 200 Type set to A.

Command: PASV

Response: 227 Entering Passive Mode (198,212,64,88,31,130).

Command: LIST

Response: 125 Data connection already open; Transfer starting.

Response: 226 Transfer complete.

Status: SSL connection established

 

Since I am not familiar with FTP protocol, I have no idea on where is the problem. Thank you in advance for any help from you. 

 

Cheers,

Giggs

Jul 20, 2010 at 11:18 AM
Edited Jul 20, 2010 at 11:20 AM

Hi Giggs, this note on a MS blog on iis.net forum states that implicit FTPS is valid on port 990 only:

http://blogs.iis.net/robert_mcmurray/archive/2008/11/10/ftp-clients-part-2-explicit-ftps-versus-implicit-ftps.aspx

Note: I'm guessing from the Filezilla log that you are connecting to a IIS 7.x FTPS server.

Your Filezilla log includes some explicit FTPS commands. A couple of tests you could do:

1) test the connection with explicit settings on the client

or

2) change port on your server to 990 (if possible) and keep the implicit settings on the client

Please note that implicit FTPS is not standard and should be avoided if possibile.

Cheers,

Alessandro Pilotti

[ MVP / IIS ]

 

Aug 19, 2010 at 3:18 AM
Edited Aug 19, 2010 at 3:19 AM
Hi Alex, Many thanks for replying. A little bit busy in the pass few weeks and I am back now. With regarding to your 2) suggestion i think it is impossible since the server belongs to the client and is sharing for multiple usage. But I am trying the 1). Could you give me some sample code to change the connection with explicit settings? Or the command? I cannot find 'explicit' in your ESSLSupportMode constant. Cheers, Giggs
Aug 19, 2010 at 10:27 AM

Hi Giggs,

all the other ESSLSupportMode enumerator values are related to explicit settings (except ClearText of course). Basically, "Implicit" FTPS is a non standard protocol which leads to some confusion, please see the home page of this project for some more details.

I'd start with ESSLSupportMode.All or, in case of firewall / configuration problems, ESSLSupportMode.CredentialsRequired. 

Please let me know if this works for you!

 

Cheers,

Alessandro Pilotti

[ MVP / IIS ]

 

 

 

 

 

 

Aug 23, 2010 at 3:02 AM

Hi Alex,

Many thanks for you advise. I have tried ESSLSupportMode.All and ESSLSupportMode.CredentialsRequired as below but still no luck for me. 

client.Connect(strHost, new NetworkCredential("xxxx", "xxxx"), ESSLSupportMode.CredentialsRequired);

The error message stack was:

AlexPilotti.FTPS.Common.FTPCommandException: 'AUTH TLS': command not understood
at AlexPilotti.FTPS.Client.FTPSClient.SslControlChannelCheckExplicitEncryptionRequest(ESSLSupportMode sslSupportMode)
at AlexPilotti.FTPS.Client.FTPSClient.Connect(String hostname, Int32 port, NetworkCredential credential, ESSLSupportMode sslSupportMode, RemoteCertificateValidationCallback userValidateServerCertificate, X509Certificate x509ClientCert, Int32 sslMinKeyExchangeAlgStrength, Int32 sslMinCipherAlgStrength, Int32 sslMinHashAlgStrength, Nullable`1 timeout)
at AlexPilotti.FTPS.Client.FTPSClient.Connect(String hostname, NetworkCredential credential, ESSLSupportMode sslSupportMode, RemoteCertificateValidationCallback userValidateServerCertificate)
at AlexPilotti.FTPS.Client.FTPSClient.Connect(String hostname, NetworkCredential credential, ESSLSupportMode sslSupportMode)
at _Default.bntStart_Click(Object sender, EventArgs e) in e:\wwwroot\HogTransfer\Default.aspx.cs:line 49

 

Cheers,

Giggs

 

Apr 8, 2013 at 7:11 AM
Giggs

All the other SFTP libraries that I have seen are way overpriced. This is a good one:
https://www.kellermansoftware.com/p-41-net-sftp-library.aspx
Apr 8, 2013 at 7:12 AM
All the other SFTP libraries that I have seen are way overpriced. This is a good one:
https://www.kellermansoftware.com/p-41-net-sftp-library.aspx