[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erick Lichtas updated NET-408:
--
Attachment: FTPSClientWithTLSResumption.zip
> problem connecting to ProFTPD with FTPES
>
>
> Key: NET-408
> URL: https://issues.apache.org/jira/browse/NET-408
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 2.2, 3.0
> Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
> 32bit, Kernel 2.6.16.46-0.12-default (config file attached)
> ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
> Java 1.5
>Reporter: Michael Voigt
>Priority: Major
> Attachments: BCFTPSClient.java, FTPSClientWithTLSResumption.zip,
> PTFTPSClient.java, ftpes.jpg, proftpd.conf
>
>
> I have a problem with the FTPClient connecting to a ProFTPD server.
> If the server uses the configuration option "TLSProtocol TLSv1", I
> cannot connect to it at all. I recieve the following error message:
> - javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
> On the server side I see in the log:
> unable to accept TLS connection: protocol error:
> - (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
> certificate unknown
> - TLS/TLS-C negotiation failed on control channel
> If the server uses the configuration option "TLSProtocol SSLv23", I
> can connect to it but I cant transfer any files. In the server log I
> see:
> - starting TLS negotiation on data connection
> - TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
> - client did not reuse SSL session, rejecting data connection (see
> TLSOption NoSessionReuseRequired)
> - unable to open data connection: TLS negotiation failed
> If I add the NoSessionReuseRequired parameter to the ProFTPD config
> everything works fine.
> Here is my code:
>FTPClient ftpClient = new FTPClient();
>ftpClient = new FTPSClient("TLS");
>// this throws an exception with TLSProtocol TLSv1
>ftpClient.connect(host, port);
>int reply = ftpClient.getReplyCode();
>if (!FTPReply.isPositiveCompletion(reply)) {
>ftpClient.disconnect();
>log.error("The FTP Server did not return a positive
> completion reply!");
>throw new
> FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
>}
>boolean loginSuccessful = ftpClient.login(userName, password);
>if (!loginSuccessful) {
>log.error("Login to the FTP Server failed! The
> credentials are not valid.");
>throw new
> FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
>}
>ftpClient.execPBSZ(0);
>ftpClient.execPROT("P");
>boolean success = ftpClient.storeFile(fileName, fis);
>if (!success) {
>// this is false if "NoSessionReuseRequired" is not set
>}
> Now my question is if it is generally possible to connect to a server
> with "TLSProtocol TLSv1" or "TLSProtocol SSLv23" without the
> "NoSessionReuseRequired" parameter? Could someone provide a piece of
> example code for this?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erick Lichtas updated NET-408:
--
Attachment: (was: FTPSClientWithTLSResumption.zip)
> problem connecting to ProFTPD with FTPES
>
>
> Key: NET-408
> URL: https://issues.apache.org/jira/browse/NET-408
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 2.2, 3.0
> Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
> 32bit, Kernel 2.6.16.46-0.12-default (config file attached)
> ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
> Java 1.5
>Reporter: Michael Voigt
>Priority: Major
> Attachments: BCFTPSClient.java, FTPSClientWithTLSResumption.zip,
> PTFTPSClient.java, ftpes.jpg, proftpd.conf
>
>
> I have a problem with the FTPClient connecting to a ProFTPD server.
> If the server uses the configuration option "TLSProtocol TLSv1", I
> cannot connect to it at all. I recieve the following error message:
> - javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
> On the server side I see in the log:
> unable to accept TLS connection: protocol error:
> - (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
> certificate unknown
> - TLS/TLS-C negotiation failed on control channel
> If the server uses the configuration option "TLSProtocol SSLv23", I
> can connect to it but I cant transfer any files. In the server log I
> see:
> - starting TLS negotiation on data connection
> - TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
> - client did not reuse SSL session, rejecting data connection (see
> TLSOption NoSessionReuseRequired)
> - unable to open data connection: TLS negotiation failed
> If I add the NoSessionReuseRequired parameter to the ProFTPD config
> everything works fine.
> Here is my code:
>FTPClient ftpClient = new FTPClient();
>ftpClient = new FTPSClient("TLS");
>// this throws an exception with TLSProtocol TLSv1
>ftpClient.connect(host, port);
>int reply = ftpClient.getReplyCode();
>if (!FTPReply.isPositiveCompletion(reply)) {
>ftpClient.disconnect();
>log.error("The FTP Server did not return a positive
> completion reply!");
>throw new
> FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
>}
>boolean loginSuccessful = ftpClient.login(userName, password);
>if (!loginSuccessful) {
>log.error("Login to the FTP Server failed! The
> credentials are not valid.");
>throw new
> FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
>}
>ftpClient.execPBSZ(0);
>ftpClient.execPROT("P");
>boolean success = ftpClient.storeFile(fileName, fis);
>if (!success) {
>// this is false if "NoSessionReuseRequired" is not set
>}
> Now my question is if it is generally possible to connect to a server
> with "TLSProtocol TLSv1" or "TLSProtocol SSLv23" without the
> "NoSessionReuseRequired" parameter? Could someone provide a piece of
> example code for this?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Erick Lichtas updated NET-408:
--
Attachment: FTPSClientWithTLSResumption.zip
Hi everyone,
I have adjusted the implementation of the FTPSClient to support TLS resumption
in a way that is friendly across all JVMs and security providers. I've
essentially implemented some custom SSL sockets and socket factories that use
the SSLEngine and SocketChannels directly for handling SSL encryption and
decryption. These SocketChannels and the encryption/decryption is encapsulated
in Input and Output streams so the changes to existing Commons NET code is
minimal. There's only a couple updates to the SocketClient and FTPSClient
classes in order to swap out the socket factories. I've also added a flag on
the FTPSClient to control whether or not to resume TLS sessions for data
connections.
I have a separate fork of version 3.3 that I've developed this on, but I've
applied the changes to the 3.6 version and ran a couple tests. See the changes
attached (FTPSClientWithTLSResumption.zip).
I've tested this against the Apache Mina FTP server project in addition to the
FileZilla server. TLS resumption is working as expected with FileZilla. I've
tested the changes for Explicit and Implicit SSL, Active and Passive data
connections, as well as clear command channel which is working as expected.
I'm hoping that the development team will adopt these changes so that they can
be utilized and tested by the entire community. If you have any questions,
please let me know.
> problem connecting to ProFTPD with FTPES
>
>
> Key: NET-408
> URL: https://issues.apache.org/jira/browse/NET-408
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
>Affects Versions: 2.2, 3.0
> Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
> 32bit, Kernel 2.6.16.46-0.12-default (config file attached)
> ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
> Java 1.5
>Reporter: Michael Voigt
> Attachments: BCFTPSClient.java, ftpes.jpg,
> FTPSClientWithTLSResumption.zip, proftpd.conf, PTFTPSClient.java
>
>
> I have a problem with the FTPClient connecting to a ProFTPD server.
> If the server uses the configuration option "TLSProtocol TLSv1", I
> cannot connect to it at all. I recieve the following error message:
> - javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
> On the server side I see in the log:
> unable to accept TLS connection: protocol error:
> - (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
> certificate unknown
> - TLS/TLS-C negotiation failed on control channel
> If the server uses the configuration option "TLSProtocol SSLv23", I
> can connect to it but I cant transfer any files. In the server log I
> see:
> - starting TLS negotiation on data connection
> - TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
> - client did not reuse SSL session, rejecting data connection (see
> TLSOption NoSessionReuseRequired)
> - unable to open data connection: TLS negotiation failed
> If I add the NoSessionReuseRequired parameter to the ProFTPD config
> everything works fine.
> Here is my code:
>FTPClient ftpClient = new FTPClient();
>ftpClient = new FTPSClient("TLS");
>// this throws an exception with TLSProtocol TLSv1
>ftpClient.connect(host, port);
>int reply = ftpClient.getReplyCode();
>if (!FTPReply.isPositiveCompletion(reply)) {
>ftpClient.disconnect();
>log.error("The FTP Server did not return a positive
> completion reply!");
>throw new
> FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
>}
>boolean loginSuccessful = ftpClient.login(userName, password);
>if (!loginSuccessful) {
>log.error("Login to the FTP Server failed! The
> credentials are not valid.");
>throw new
> FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
>}
>ftpClient.execPBSZ(0);
>ftpClient.execPROT("P");
>boolean success = ftpClient.storeFile(fileName, fis);
>if (!success) {
>// this is false if "NoSessionReuseRequired" is not set
>}
> Now my question is if it is generally possible to connect to a server
> with "TLSProtocol TLSv1" or "TLSProtocol SSLv23" without the
> "NoSessionReuseRequired" parameter? Could someone provide a piece of
> example code for this?
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bogdan Drozdowski updated NET-408:
--
Attachment: BCFTPSClient.java
This is the bouncycastle-based FTPSClient. Unfortunately, it doesn't work for
me (still session not reused error). Apparently, the notifySessionID doesn't
make the TlsClient use this session ID (or I'm doing something wrong).
The code is a mess - some lines just commented-out, many now-useless methods
not removed, active-only mode supported. I didn't clean it up, because it
doesn't work anyway (for me). If you like it, you can use it. If it works for
you, let us know. Compile against bcprov-jdk16-XXX.jar.
problem connecting to ProFTPD with FTPES
Key: NET-408
URL: https://issues.apache.org/jira/browse/NET-408
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 2.2, 3.0
Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
32bit, Kernel 2.6.16.46-0.12-default (config file attached)
ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
Java 1.5
Reporter: Michael Voigt
Attachments: BCFTPSClient.java, ftpes.jpg, proftpd.conf
I have a problem with the FTPClient connecting to a ProFTPD server.
If the server uses the configuration option TLSProtocol TLSv1, I
cannot connect to it at all. I recieve the following error message:
- javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
On the server side I see in the log:
unable to accept TLS connection: protocol error:
- (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown
- TLS/TLS-C negotiation failed on control channel
If the server uses the configuration option TLSProtocol SSLv23, I
can connect to it but I cant transfer any files. In the server log I
see:
- starting TLS negotiation on data connection
- TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
- client did not reuse SSL session, rejecting data connection (see
TLSOption NoSessionReuseRequired)
- unable to open data connection: TLS negotiation failed
If I add the NoSessionReuseRequired parameter to the ProFTPD config
everything works fine.
Here is my code:
FTPClient ftpClient = new FTPClient();
ftpClient = new FTPSClient(TLS);
// this throws an exception with TLSProtocol TLSv1
ftpClient.connect(host, port);
int reply = ftpClient.getReplyCode();
if (!FTPReply.isPositiveCompletion(reply)) {
ftpClient.disconnect();
log.error(The FTP Server did not return a positive
completion reply!);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
}
boolean loginSuccessful = ftpClient.login(userName, password);
if (!loginSuccessful) {
log.error(Login to the FTP Server failed! The
credentials are not valid.);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
}
ftpClient.execPBSZ(0);
ftpClient.execPROT(P);
boolean success = ftpClient.storeFile(fileName, fis);
if (!success) {
// this is false if NoSessionReuseRequired is not set
}
Now my question is if it is generally possible to connect to a server
with TLSProtocol TLSv1 or TLSProtocol SSLv23 without the
NoSessionReuseRequired parameter? Could someone provide a piece of
example code for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bogdan Drozdowski updated NET-408:
--
Attachment: PTFTPSClient.java
The attached PTFTPSClient is the PureTLS-based FTPSClient. It uses the
host/port pair (whatever provided, just use unique for each control connection
and the control connection's host/port for data connections) to identify
connections.
It doesn't work for me (I get Not a PrintableString or IA5String exceptions),
but it may be my server's certificate's fault, so you may try it.
This code also is a mess - the host/port pairs (that identify sessions) are
hardcoded, some now-useless methods are not removed. It's more like some base
test code, to be rebuilt if works. If you like it, use it. If it works for you,
let us know.
problem connecting to ProFTPD with FTPES
Key: NET-408
URL: https://issues.apache.org/jira/browse/NET-408
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 2.2, 3.0
Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
32bit, Kernel 2.6.16.46-0.12-default (config file attached)
ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
Java 1.5
Reporter: Michael Voigt
Attachments: BCFTPSClient.java, PTFTPSClient.java, ftpes.jpg,
proftpd.conf
I have a problem with the FTPClient connecting to a ProFTPD server.
If the server uses the configuration option TLSProtocol TLSv1, I
cannot connect to it at all. I recieve the following error message:
- javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
On the server side I see in the log:
unable to accept TLS connection: protocol error:
- (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown
- TLS/TLS-C negotiation failed on control channel
If the server uses the configuration option TLSProtocol SSLv23, I
can connect to it but I cant transfer any files. In the server log I
see:
- starting TLS negotiation on data connection
- TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
- client did not reuse SSL session, rejecting data connection (see
TLSOption NoSessionReuseRequired)
- unable to open data connection: TLS negotiation failed
If I add the NoSessionReuseRequired parameter to the ProFTPD config
everything works fine.
Here is my code:
FTPClient ftpClient = new FTPClient();
ftpClient = new FTPSClient(TLS);
// this throws an exception with TLSProtocol TLSv1
ftpClient.connect(host, port);
int reply = ftpClient.getReplyCode();
if (!FTPReply.isPositiveCompletion(reply)) {
ftpClient.disconnect();
log.error(The FTP Server did not return a positive
completion reply!);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
}
boolean loginSuccessful = ftpClient.login(userName, password);
if (!loginSuccessful) {
log.error(Login to the FTP Server failed! The
credentials are not valid.);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
}
ftpClient.execPBSZ(0);
ftpClient.execPROT(P);
boolean success = ftpClient.storeFile(fileName, fis);
if (!success) {
// this is false if NoSessionReuseRequired is not set
}
Now my question is if it is generally possible to connect to a server
with TLSProtocol TLSv1 or TLSProtocol SSLv23 without the
NoSessionReuseRequired parameter? Could someone provide a piece of
example code for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Voigt updated NET-408:
--
Attachment: ftpes.jpg
problem connecting to ProFTPD with FTPES
Key: NET-408
URL: https://issues.apache.org/jira/browse/NET-408
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 2.2, 3.0
Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
32bit, Kernel 2.6.16.46-0.12-default (config file attached)
ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
Java 1.5
Reporter: Michael Voigt
Attachments: ftpes.jpg, proftpd.conf
I have a problem with the FTPClient connecting to a ProFTPD server.
If the server uses the configuration option TLSProtocol TLSv1, I
cannot connect to it at all. I recieve the following error message:
- javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
On the server side I see in the log:
unable to accept TLS connection: protocol error:
- (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown
- TLS/TLS-C negotiation failed on control channel
If the server uses the configuration option TLSProtocol SSLv23, I
can connect to it but I cant transfer any files. In the server log I
see:
- starting TLS negotiation on data connection
- TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
- client did not reuse SSL session, rejecting data connection (see
TLSOption NoSessionReuseRequired)
- unable to open data connection: TLS negotiation failed
If I add the NoSessionReuseRequired parameter to the ProFTPD config
everything works fine.
Here is my code:
FTPClient ftpClient = new FTPClient();
ftpClient = new FTPSClient(TLS);
// this throws an exception with TLSProtocol TLSv1
ftpClient.connect(host, port);
int reply = ftpClient.getReplyCode();
if (!FTPReply.isPositiveCompletion(reply)) {
ftpClient.disconnect();
log.error(The FTP Server did not return a positive
completion reply!);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
}
boolean loginSuccessful = ftpClient.login(userName, password);
if (!loginSuccessful) {
log.error(Login to the FTP Server failed! The
credentials are not valid.);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
}
ftpClient.execPBSZ(0);
ftpClient.execPROT(P);
boolean success = ftpClient.storeFile(fileName, fis);
if (!success) {
// this is false if NoSessionReuseRequired is not set
}
Now my question is if it is generally possible to connect to a server
with TLSProtocol TLSv1 or TLSProtocol SSLv23 without the
NoSessionReuseRequired parameter? Could someone provide a piece of
example code for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Voigt updated NET-408:
--
Attachment: proftpd.conf
attached ProFTPD config file
problem connecting to ProFTPD with FTPES
Key: NET-408
URL: https://issues.apache.org/jira/browse/NET-408
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 2.2, 3.0
Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
32bit, Kernel 2.6.16.46-0.12-default (config file attached)
ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
Java 1.5
Reporter: Michael Voigt
Attachments: proftpd.conf
I have a problem with the FTPClient connecting to a ProFTPD server.
If the server uses the configuration option TLSProtocol TLSv1, I
cannot connect to it at all. I recieve the following error message:
- javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
On the server side I see in the log:
unable to accept TLS connection: protocol error:
- (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown
- TLS/TLS-C negotiation failed on control channel
If the server uses the configuration option TLSProtocol SSLv23, I
can connect to it but I cant transfer any files. In the server log I
see:
- starting TLS negotiation on data connection
- TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
- client did not reuse SSL session, rejecting data connection (see
TLSOption NoSessionReuseRequired)
- unable to open data connection: TLS negotiation failed
If I add the NoSessionReuseRequired parameter to the ProFTPD config
everything works fine.
Here is my code:
FTPClient ftpClient = new FTPClient();
ftpClient = new FTPSClient(TLS);
// this throws an exception with TLSProtocol TLSv1
ftpClient.connect(host, port);
int reply = ftpClient.getReplyCode();
if (!FTPReply.isPositiveCompletion(reply)) {
ftpClient.disconnect();
log.error(The FTP Server did not return a positive
completion reply!);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
}
boolean loginSuccessful = ftpClient.login(userName, password);
if (!loginSuccessful) {
log.error(Login to the FTP Server failed! The
credentials are not valid.);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
}
ftpClient.execPBSZ(0);
ftpClient.execPROT(P);
boolean success = ftpClient.storeFile(fileName, fis);
if (!success) {
// this is false if NoSessionReuseRequired is not set
}
Now my question is if it is generally possible to connect to a server
with TLSProtocol TLSv1 or TLSProtocol SSLv23 without the
NoSessionReuseRequired parameter? Could someone provide a piece of
example code for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Voigt updated NET-408:
--
Attachment: (was: proftpd.conf)
problem connecting to ProFTPD with FTPES
Key: NET-408
URL: https://issues.apache.org/jira/browse/NET-408
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 2.2, 3.0
Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
32bit, Kernel 2.6.16.46-0.12-default (config file attached)
ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
Java 1.5
Reporter: Michael Voigt
Attachments: proftpd.conf
I have a problem with the FTPClient connecting to a ProFTPD server.
If the server uses the configuration option TLSProtocol TLSv1, I
cannot connect to it at all. I recieve the following error message:
- javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
On the server side I see in the log:
unable to accept TLS connection: protocol error:
- (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown
- TLS/TLS-C negotiation failed on control channel
If the server uses the configuration option TLSProtocol SSLv23, I
can connect to it but I cant transfer any files. In the server log I
see:
- starting TLS negotiation on data connection
- TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
- client did not reuse SSL session, rejecting data connection (see
TLSOption NoSessionReuseRequired)
- unable to open data connection: TLS negotiation failed
If I add the NoSessionReuseRequired parameter to the ProFTPD config
everything works fine.
Here is my code:
FTPClient ftpClient = new FTPClient();
ftpClient = new FTPSClient(TLS);
// this throws an exception with TLSProtocol TLSv1
ftpClient.connect(host, port);
int reply = ftpClient.getReplyCode();
if (!FTPReply.isPositiveCompletion(reply)) {
ftpClient.disconnect();
log.error(The FTP Server did not return a positive
completion reply!);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
}
boolean loginSuccessful = ftpClient.login(userName, password);
if (!loginSuccessful) {
log.error(Login to the FTP Server failed! The
credentials are not valid.);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
}
ftpClient.execPBSZ(0);
ftpClient.execPROT(P);
boolean success = ftpClient.storeFile(fileName, fis);
if (!success) {
// this is false if NoSessionReuseRequired is not set
}
Now my question is if it is generally possible to connect to a server
with TLSProtocol TLSv1 or TLSProtocol SSLv23 without the
NoSessionReuseRequired parameter? Could someone provide a piece of
example code for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-408) problem connecting to ProFTPD with FTPES
[
https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Michael Voigt updated NET-408:
--
Attachment: proftpd.conf
attached proFTPD file
problem connecting to ProFTPD with FTPES
Key: NET-408
URL: https://issues.apache.org/jira/browse/NET-408
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 2.2, 3.0
Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1
32bit, Kernel 2.6.16.46-0.12-default (config file attached)
ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
Java 1.5
Reporter: Michael Voigt
Attachments: proftpd.conf
I have a problem with the FTPClient connecting to a ProFTPD server.
If the server uses the configuration option TLSProtocol TLSv1, I
cannot connect to it at all. I recieve the following error message:
- javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
On the server side I see in the log:
unable to accept TLS connection: protocol error:
- (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown
- TLS/TLS-C negotiation failed on control channel
If the server uses the configuration option TLSProtocol SSLv23, I
can connect to it but I cant transfer any files. In the server log I
see:
- starting TLS negotiation on data connection
- TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
- client did not reuse SSL session, rejecting data connection (see
TLSOption NoSessionReuseRequired)
- unable to open data connection: TLS negotiation failed
If I add the NoSessionReuseRequired parameter to the ProFTPD config
everything works fine.
Here is my code:
FTPClient ftpClient = new FTPClient();
ftpClient = new FTPSClient(TLS);
// this throws an exception with TLSProtocol TLSv1
ftpClient.connect(host, port);
int reply = ftpClient.getReplyCode();
if (!FTPReply.isPositiveCompletion(reply)) {
ftpClient.disconnect();
log.error(The FTP Server did not return a positive
completion reply!);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION);
}
boolean loginSuccessful = ftpClient.login(userName, password);
if (!loginSuccessful) {
log.error(Login to the FTP Server failed! The
credentials are not valid.);
throw new
FtpTransferException(ECCUtils.ERROR_FTP_LOGIN);
}
ftpClient.execPBSZ(0);
ftpClient.execPROT(P);
boolean success = ftpClient.storeFile(fileName, fis);
if (!success) {
// this is false if NoSessionReuseRequired is not set
}
Now my question is if it is generally possible to connect to a server
with TLSProtocol TLSv1 or TLSProtocol SSLv23 without the
NoSessionReuseRequired parameter? Could someone provide a piece of
example code for this?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
