Jump to content


Issue Information

  • #000051

  • 0 - None Assigned

  • Unfiled

  • -

  • -

Issue Confirmations

  • Yes (0)No (0)
Photo

FTP over SSL

Posted by Bubo on 16 March 2010 - 02:17 PM

FTP over SSL explicit seems to be broken.

Worked like a charm before, after udating to 4.0.1086.0 SmartFTP crashes consitently when connecting this way to a server. Nothing changed on the server, only difference is the update of SmartFTP.


+- System -----------------------------
Microsoft Windows XP Professional
Service Pack 3 (Build 2600)

CPU Speed : 1816 MHz
Total Memory : 1023 MB
Free Memory : 479 MB

+- SmartFTP ---------------------------
Version : 4.0.1086.0
Time Stamp : 2010-03-15 22:12:07
Platform : x86
Id : 400008048
Maintenance : 2012-02-11
Days in use : 603

+- Language ---------------------------
en-US

+- Internet Explorer ------------------
Version : 8.0.6001.18702

+- Winsock ----------------------------
Winsock : 2.2

I could not reproduce this.

Can you give us the host name of the server you are connecting to?

If not please provide a crash dump as described here:
http://www.smartftp....orts-f2594.html

Thanks a lot
Mat

Updating status to: Awaiting Feedback

Can you give us the host name of the server you are connecting to?

Of course: for instance ftp.lupercus.eu - at GoDaddy. They support FTP over SSL explicit in all their packages - and it worked in earlier versions.

Thanx for looking into this!
Bubo.

Thank you. Works fine here:
[03:58:59] SmartFTP v4.0.1086.0
[03:58:59] Resolving host name "ftp.lupercus.eu"
[03:59:00] Connecting to 97.74.144.125 Port: 21
[03:59:00] Connected to ftp.lupercus.eu.
[03:59:00] 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
[03:59:00] 220-You are user number 5 of 75 allowed.
[03:59:00] 220-Local time is now 19:59. Server port: 21.
[03:59:00] 220-This is a private system - No anonymous login
[03:59:00] 220 You will be disconnected after 3 minutes of inactivity.
[03:59:00] AUTH TLS
[03:59:00] 234 AUTH TLS OK.
[03:59:00] Connected. Exchanging encryption keys...
[03:59:00] Key Exchange: 1024 bit RSA
[03:59:00] Session Cipher: 128 bit AES
[03:59:00] TLS 1.0 encrypted session established.
[03:59:00] Command channel protection set to Private.
[03:59:00] PBSZ 0
[03:59:01] 200 PBSZ=0

A few things you can try:
1. Create a new favorite. Go to the menu: File->New Remote Browser. Just enter the host and select "Anonymous" for the login. Click OK to connect.
The tls handshake is done before the user authentication.

2. Try to uninstall SmartFTP. Then install the latest version again. It is important that you uninstall the version first.

3. Do you know where exactly it crashes? After the AUTH TLS, before it even connects, or somewhere afterwards?

Regards,
Mat

Thanx, Mat.

To answer your suggestions 1 & 3 before I uninstall and install: the crash follows immediately at the key exchange. I did as you suggested and connected anonymously via "New Remote Browser":

[09:46:23] SmartFTP v4.0.1086.0
[09:46:24] Resolving host name "ftp.lupercus.eu"
[09:46:24] Connecting to 97.74.144.125 Port: 21
[09:46:24] Connected to ftp.lupercus.eu.
[09:46:25] 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
[09:46:25] 220-You are user number 3 of 75 allowed.
[09:46:25] 220-Local time is now 01:46. Server port: 21.
[09:46:25] 220-This is a private system - No anonymous login
[09:46:25] 220 You will be disconnected after 3 minutes of inactivity.
[09:46:25] AUTH TLS
[09:46:25] 234 AUTH TLS OK.
[09:46:25] Connected. Exchanging encryption keys...
[09:46:25] Key Exchange: 1024 bit Unknown
[09:46:25] Session Cipher: 128 bit RC4

And then there is the Windows-screen informing that SmartFTP has crashed and will be closed.
I will uninstall and install again now, perhaps this will also solve the viewing problem, as you suggested.

OK, I uninstalled completely and did a fresh install. Now indeed a connection with FTP over SSL explicit can be established:

[11:17:45] SmartFTP v4.0.1086.0
[11:17:46] Resolving host name "ftp.lupercus.eu"
[11:17:46] Connecting to 97.74.144.125 Port: 21
[11:17:46] Connected to ftp.lupercus.eu.
[11:17:46] 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
[11:17:46] 220-You are user number 3 of 75 allowed.
[11:17:46] 220-Local time is now 03:17. Server port: 21.
[11:17:46] 220-This is a private system - No anonymous login
[11:17:46] 220 You will be disconnected after 3 minutes of inactivity.
[11:17:46] AUTH TLS
[11:17:46] 234 AUTH TLS OK.
[11:17:46] Connected. Exchanging encryption keys...
[11:17:47] Key Exchange: 1024 bit Unknown
[11:17:47] Session Cipher: 128 bit RC4
[11:17:47] TLS 1.0 encrypted session established.
[11:17:47] Command channel protection set to Private.
[11:17:47] PBSZ 0
[11:17:47] 200 PBSZ=0

However, as you can see, there is a different session cipher: with me it is RC4, with you the (stronger?) AES.
Am I still missing something in the settings?

Kindest,
Bubo.

Well ... alas, the problem persists.

After restarting the computer for the third time, again SmartFTP crashes. Now it is the exact same situation as in my earlier message of 10:23 AM, be it after a complete and clean reinstall. :huh:

Kindest,
Bubo.

Can you provide a crash dump?
http://www.smartftp....orts-f2594.html

Thanks
Mat

Here's the crashdump:

Crashdump SmartFTP (link removed after fix)

Please let me know when you've downloaded the file. It is huge, so I would like to remove the link here ...

Kindest,
Bubo.

Issue fixed in: 4.0.1087.0

Thanks. Found and fixed the bug. It manifested when the [x] Verify Server Certificate option has been enabled. As a temporary workaround, until the new release is available, disable this option in the favorite settings in the FTP->SSL dialog.

Updating status to: Fixed

Install the latest version: http://www.smartftp.com/download

Dear Mat,

Installed 4.0.1087.0 and indeed the problem has been solved.
Thank you for the quick fix!

Kindest,
Bubo.





0 user(s) are reading this issue

0 members, 0 guests, 0 anonymous users