FTP SSL login Handshake problem

0 votes
asked Oct 3, 2011 by crayco (120 points)
edited Oct 19, 2011

Hi!

I'm using ftp ssl trial package (RebexFtpSslCf-Trial-3.0.4086.0-DotNetCF2.0.exe). The ftpserver is Filezilla 0.9.39. I'm developping with Visual Studio 2008 CF 3.5 and Windows Mobile 6 SDK.

I can connect to my ftp server fine until I enable SSL. It seems that the handshake is never completed and the connection is closed because of login timeout. I've tested the same ftps connection with my android phone and my pc with success.

He're my code


            TlsParameters tlsparam = new TlsParameters();
            tlsparam.CertificateVerifier = CertificateVerifier.AcceptAll;
            tlsparam.AllowedSuites = TlsCipherSuite.All;
            tlsparam.Version = TlsVersion.Any;

Ftp ftp = new Ftp();
            ftp.Connect("myhost.com", 21, tlsparam, FtpSecurity.Explicit);
            ftp.Login("xxx", "yyy");

It never comes out of the ftp.connect(...) and it never reach ftp.login

And here's the logwriter output:


2011-10-03 15:55:06 Opening log file.
2011-10-03 15:55:06 INFO Ftp(1) Info: Connecting to www.cerades.com:21 using Ftp 3.0.4086.0 (trial version).
2011-10-03 15:55:06 INFO Ftp(1) Info: Using proxy none.
2011-10-03 15:55:07 DEBUG Ftp(1) Info: Connection succeeded.
2011-10-03 15:55:08 INFO Ftp(1) Response: 220 Bienvenu sur le serveur FTPs de www.cerades.com
2011-10-03 15:55:08 INFO Ftp(1) Command: AUTH TLS
2011-10-03 15:55:09 INFO Ftp(1) Response: 234 Using authentication type TLS
2011-10-03 15:55:09 DEBUG Ftp(1) Info: Upgrading control connection to TLS/SSL.
2011-10-03 15:55:09 INFO Ftp(1) TLS: State StateChange:Negotiating
2011-10-03 15:55:09 DEBUG Ftp(1) TLS: HandshakeMessage:ClientHello was sent.
2011-10-03 15:56:09 DEBUG Ftp(1) TLS: Error while processing TLS packet: Rebex.Net.TlsException: The operation was not completed within the specified time limit.
   at wWGvS.ckSCApZ.BXQTfX(Int32 , Boolean )
   at wWGvS.ckSCApZ.AePCoRZ()
   at wWGvS.ckSCApZ.cDtmAOZ()
   at wWGvS.ckSCApZ.ArwjUr()
   at Rebex.Net.TlsSocket.Negotiate()
   at wWGvS.AgXIfM.AUXDmhZ(TlsParameters )
   at Rebex.Net.Ftp.BLyBkd(TlsParameters , FtpSecureUpgradeType )
   at Rebex.Net.Ftp.Connect(String serverName, Int32 serverPort, TlsParameters parameters, FtpSecurity security)
   at ftps.Program.Main(String[] Args)

2011-10-03 15:56:09 INFO Ftp(1) TLS: Info Info:UnexpectedException
2011-10-03 15:56:09 INFO Ftp(1) TLS: Alert Alert:Alert was sent.
2011-10-03 15:56:09 INFO Ftp(1) TLS: State StateChange:Closed
2011-10-03 15:56:10 DEBUG Ftp(1) TLS: Closing TLS socket.
2011-10-03 15:56:10 ERROR Ftp(1) Info: Rebex.Net.TlsException: The operation was not completed within the specified time limit. ---> Rebex.Net.TlsException: The operation was not completed within the specified time limit. ---> Rebex.Net.TlsException: The operation was not completed within the specified time limit.
   at wWGvS.ckSCApZ.BXQTfX(Int32 , Boolean )
   at wWGvS.ckSCApZ.AePCoRZ()
   at wWGvS.ckSCApZ.cDtmAOZ()
   at wWGvS.ckSCApZ.ArwjUr()
   at Rebex.Net.TlsSocket.Negotiate()
   at wWGvS.AgXIfM.AUXDmhZ(TlsParameters )
   at Rebex.Net.Ftp.BLyBkd(TlsParameters , FtpSecureUpgradeType )
   at Rebex.Net.Ftp.Connect(String serverName, Int32 serverPort, TlsParameters parameters, FtpSecurity security)
   at ftps.Program.Main(String[] Args)

at wWGvS.ckSCApZ.cDtmAOZ()
   at wWGvS.ckSCApZ.ArwjUr()
   at Rebex.Net.TlsSocket.Negotiate()
   at wWGvS.AgXIfM.AUXDmhZ(TlsParameters )
   at Rebex.Net.Ftp.BLyBkd(TlsParameters , FtpSecureUpgradeType )
   at Rebex.Net.Ftp.Connect(String serverName, Int32 serverPort, TlsParameters parameters, FtpSecurity security)
   at ftps.Program.Main(String[] Args)

at Rebex.Net.Ftp.Connect(String serverName, Int32 serverPort, TlsParameters parameters, FtpSecurity security)
   at ftps.Program.Main(String[] Args)

Any help would be greatly appreciated as its been 3 days without success :/

Applies to: Rebex FTP/SSL
commented Oct 4, 2011 by Lukas Pokorny (102,210 points)
edited Oct 4, 2011

Have you tried connecting using the .NET version of Rebex FTP/SSL from your PC? Does that work?

commented Oct 4, 2011 by Lukas Pokorny (102,210 points)
edited Oct 4, 2011

Also, on what kind of mobile device do you run Rebex FTP/SSL for .NET CF, and what kind of connectivity does it use? Some of our users reported that certain GPRS providers (AT&T in the US and O2 in the UK, as of 2009) employ some kind of firewall that blocks explicit FTP/SSL for some reason, although implicit FTP/SSL on port 990 works.

commented Oct 4, 2011 by crayco (120 points)
edited Oct 4, 2011

Thank's for you quick reply! I'm running the script on a HTC Touch Pro 2 with a Canadian provider "Rogers".

After I wrote this post I decided to leave my Office development environment this morning and stayed home for some troubleshooting... Running the script on my home network enabling WiFi on the phone worked out!!!

As you pointed out, its definitively a provider issue. I'll call them this morning to see if there is any proxy I can use to solve my issue and post the answer/solution.

I'll also try an active connection as the passive mode seems to be the default and see how that works.

1 Answer

0 votes
answered Oct 4, 2011 by Lukas Pokorny (102,210 points)
edited Oct 19, 2011

Based on the comments above, this really looks like a provider issue then. Unfortunately, FTP protocol is very firewall-unfriendly and FTP over TLS/SSL is even worse in this regard. SFTP might be a better choice if the server supports it

However, active or passive mode won't make a difference because it only affects file transfers and directory listings. Your FTP session failed much earlier than that.

...