by Kent Bowling [kentamanos at msn dot com] posted on 2004/06/04 |
|
I'm attempting to automate a secure FTP upload, and I've been trying the FtpClient example from your Security Library (v1.0.13.701). I've tried it on the IPSwitch FTP server using AUTH SSL and it works great. When I try it on the server I'm trying to hit, it throws an exception. The only real difference I can see between the two is the version of WS_FTP Server they're both running. IPSwitch runs their latest and greatest (5.0.0) while the client I'm attempting to contact uses 4.0.0. Is there a known issue while communicating with a 4.0.0 server?
The exception is thrown while it's trying to issue the USER command. By the way, the server in question currently allows non secure connections as well, so when I pick option "1" (normal FTP) it works fine.
Here's the output I get (the actual server is replaced by X's, but if it's needed, I can talk to someone about it):
This test class shows how to log on to an FTP server over a secure connection.
Please enter the URL of the document you wish to download: [only ftp://]
[for instance: ftp://anonymous:pass@ftp.ipswitch.com:21/ ]
ftp://XXXXXXXXXXXXXXX:21
Please enter the connection method you wish to use:
[1] Normal unsecure connection
[2] SSL connection using the AUTH command
Your choice: 2
220 XXXXXXXXXXXXX X2 WS_FTP Server 4.0.0 (2493556683)
AUTH TLS
234 SSL enabled and waiting for negotiation
The certificate of the FTP server:
CERTIFICATE:
Format: X509
Name: XXXXXXXXXXXXXXXXXXX
Issuing CA: XXXXXXXXXXXXXXXXXXXX
Key Algorithm: 1.2.840.113549.1.1.4
Serial Number: 00
Key Alogrithm Parameters: 0500
Public Key: 308...full key omitted...001
Org.Mentalis.Security.SecurityException: An error occurs while communicating wit
h the remote host. ---> Org.Mentalis.Security.Ssl.Shared.SslException: The other
side has sent a failure alert.
at Org.Mentalis.Security.Ssl.Shared.HandshakeLayer.ProcessAlert(RecordMessage
message) in C:\dotnetplayground\mentalis\securityLibrary\seclib\Security\Ssl\Sh
ared\HandshakeLayer.cs:line 251
at Org.Mentalis.Security.Ssl.Shared.HandshakeLayer.ProcessMessages(RecordMess
age message) in C:\dotnetplayground\mentalis\securityLibrary\seclib\Security\Ssl
\Shared\HandshakeLayer.cs:line 141
at Org.Mentalis.Security.Ssl.Shared.RecordLayer.ProcessBytes(Byte[] buffer, I
nt32 offset, Int32 size) in c:\dotnetplayground\mentalis\securitylibrary\seclib\
security\ssl\shared\recordlayer.cs:line 374
at Org.Mentalis.Security.Ssl.Shared.SocketController.OnReceive(IAsyncResult a
r) in c:\dotnetplayground\mentalis\securitylibrary\seclib\security\ssl\shared\so
cketcontroller.cs:line 88
--- End of inner exception stack trace ---
at Org.Mentalis.Security.Ssl.SecureSocket.EndSend(IAsyncResult asyncResult) i
n c:\dotnetplayground\mentalis\securitylibrary\seclib\security\ssl\securesocket.
cs:line 380
at Org.Mentalis.Security.Ssl.SecureSocket.Send(Byte[] buffer, Int32 offset, I
nt32 size, SocketFlags socketFlags) in c:\dotnetplayground\mentalis\securitylibr
ary\seclib\security\ssl\securesocket.cs:line 326
at FtpClient.SendCommand(String command) in c:\dotnetplayground\mentalis\secu
ritylibrary\samples\ssl\ftpclient\ftpclient.cs:line 137
at FtpClient.DownloadFile(Url url, Int32 choice) in c:\dotnetplayground\menta
lis\securitylibrary\samples\ssl\ftpclient\ftpclient.cs:line 106
at FtpClient.Start() in c:\dotnetplayground\mentalis\securitylibrary\samples\
ssl\ftpclient\ftpclient.cs:line 91
at FtpClient.Main(String[] args) in c:\dotnetplayground\mentalis\securitylibr
ary\samples\ssl\ftpclient\ftpclient.cs:line 48
Any feedback would be greatly appreciated. I'm behind a NAT if that matters, but my understanding is if non secure works, the network configuration should work the same. |
by Pieter Philippaerts [Pieter at mentalis dot org] posted on 2004/06/04 |
|
A BadRecordMac is an error that you should only receive when someone has tampered with the data [but this is obviously not the case].
I can't recreate the problem here (I'm using an evaluation version of WS_FTP Server, and the only other WS_FTP server I know of is at ftp.ipswitch.com). Do you happen to know an FTP server I can access that exhibits the problem you describe? (if you do not wish to post the IP address on this public forum, you can always email me) |
by David [david at thera dot com dot br] posted on 2005/12/06 |
|
I am facing the same problem. I created a TCP server based in the WebServer example. My client is writen in openssl, but when the client try to make a handshake, sametimes the seclib throws the SslException "The other side has sent a failure alert". I am with the latest version of the seclib |