Jump to content


Issue Information

  • #000070

  • 0 - None Assigned

  • Unfiled

  • -

  • -

Issue Confirmations

  • Yes (0)No (0)
Photo

FTP over SSL Explicit Fails Frequently

Posted by Nick on 05 May 2010 - 06:09 PM

Since upgrading to SmartFTP 4.0.1103.0 on Windows 7, I am receiving frequent errors when attempting to connect via FTP over SSL Explicit to our Filezilla Server-based FTP server. The server configuration has not changed in some time; in other words, this used to work.

The typical behavior is for the connection to fail with

[13:51:38] 234 Using authentication type TLS
[13:51:38] SSL: Error (Error=0x80090308).

several times. It then retries several times and eventually connects, indicating some kind of race or transient network condition. Below, please find a log of an example in which SmartFTP initially failed to connect, then connected successfully:

[13:51:37] SmartFTP v4.0.1103.0
[13:51:37] Resolving host name "www.skiviez.com"
[13:51:37] Connecting to 67.192.207.1 Port: 8585
[13:51:37] Connected to www.skiviez.com.
[13:51:37] 220 Welcome to the Skiviez Administrative FTP Server. FileZilla Server version 0.9.34 beta If you are not authori
[13:51:37] AUTH TLS
[13:51:38] 234 Using authentication type TLS
[13:51:38] SSL: Error (Error=0x80090308).
[13:51:38] The token supplied to the function is invalid
[13:51:38] Client closed the connection.
[13:51:38] Connect failed. Waiting to retry (30s)...
[13:52:08] Connection attempt 2...
[13:52:08] Resolving host name "www.skiviez.com"
[13:52:08] Connecting to 67.192.207.1 Port: 8585
[13:52:08] Connected to www.skiviez.com.
[13:52:08] 220 Welcome to the Skiviez Administrative FTP Server. FileZilla Server version 0.9.34 beta If you are not authori
[13:52:08] AUTH TLS
[13:52:08] 234 Using authentication type TLS
[13:52:08] TLS 1.0 encrypted session established.
[13:52:08] Key Exchange: 2048 bit RSA
[13:52:08] Session Cipher: 128 bit AES
[13:52:08] Command channel protection set to Private.
[13:52:08] PBSZ 0
[13:52:08] 200 PBSZ=0
[13:52:08] USER SkiviezMediaManager
[13:52:08] 331 Password required for skiviezmediamanager
[13:52:08] PASS (hidden)
[13:52:08] 230 Logged on
[13:52:08] SYST
[13:52:08] 215 UNIX emulated by FileZilla
[13:52:08] Detected Server Type: UNIX
[13:52:08] RTT: 62.797 ms
[13:52:08] FEAT
[13:52:08] 211-Features:
[13:52:08] MDTM
[13:52:08] REST STREAM
[13:52:08] SIZE
[13:52:08] MODE Z
[13:52:08] MLST type*;size*;modify*;
[13:52:08] MLSD
[13:52:08] AUTH SSL
[13:52:08] AUTH TLS
[13:52:08] UTF8
[13:52:08] CLNT
[13:52:08] MFMT
[13:52:08] 211 End
[13:52:08] CLNT SmartFTP 4.0.1103.0
[13:52:09] 200 Don't care
[13:52:09] OPTS UTF8 ON
[13:52:09] 200 UTF8 mode enabled
[13:52:09] Detected Server Software: FileZilla Server
[13:52:09] PWD
[13:52:09] 257 "/" is current directory.

Clients connecting via the .NET Framework's FtpWebRequest class do not have this issue; additionally, I tried updating to 4.0.1105.0 and the issue still occurs.

Importantly, "FTP: Completely rewrote SSL layer" in build 1093 sure looked interesting, so I downgraded to a copy of 1091 that I had lying around the file system, and I am unable to reproduce the error with this older version. That indicates to me that something broke!

Hope this description helps. Thanks for looking into it.

Hello. Your are most likely right with your analysis. I'm trying to reproduce the problem. Is your server in the public Internet?

Unfortunately, it is not publicly accessible (the firewall sitting in front of it restricts it to our office IP).

I can tell you that it's running FileZilla Server 0.9.34 on Windows Server 2003. The SSL certificate is one from GoDaddy and it involves a chained intermediary. If you need more information or if I can help in any other way, please let me know.

Is there any chance you can open the server for my ip range for a limited time?

Thanks
Mat

Updating status to: Confirmed

Bug fixed in the latest beta build (1106).

Issue fixed in: 4.0.1106.0

Updating status to: Fixed
Issue fixed in: 4.0.1108.0

Install the latest version: http://www.smartftp.com/download


killerbees19
May 10 2010 09:17 AM
I've the same problem in v4.0.1109.0 :mellow:
[11:13:44] SmartFTP v4.0.1109.0
[11:13:46] Resolving host name "*****"
[11:13:46] Connecting to ***.***.***.*** Port: 21
[11:13:46] Connected to happytec.at.
[11:13:46] 220 FTP on ***** ready
[11:13:46] AUTH TLS
[11:13:46] 234 AUTH TLS successful
[11:13:46] SSL: Error (Error=0x80090308).
[11:13:46] Das Token, das der Funktion ├╝bergeben wurde, ist ung├╝ltig.
[11:13:46] Client closed the connection.


Kann ich nicht reproduzieren
[12:05:47] SmartFTP v4.0.1109.0
[12:05:47] Resolving host name "happytec.at"
[12:05:47] Connecting to 85.13.139.63 Port: 21
[12:05:47] Connected to happytec.at.
[12:05:47] 220 FTP on dd18810.kasserver.com ready
[12:05:47] AUTH TLS
[12:05:48] 234 AUTH TLS successful
[12:05:48] TLS 1.0 encrypted session established.
[12:05:48] Key Exchange: 1024 bit RSA
[12:05:48] Session Cipher: 128 bit AES
[12:05:48] Command channel protection set to Private.
[12:05:48] PBSZ 0
[12:05:48] 200 PBSZ 0 successful

Oeffne einen neuen bug report





0 user(s) are reading this issue

0 members, 0 guests, 0 anonymous users