I'm having problems with data transfers using FTPS - TLS.
The session dialog is below. Note: Even though the connection is on private network I have edited the IP and port.
I have access to the FTP Server and captured a wire shark trace and verbose logging on the FTP server.
In the FTP server log I see the 226 message is sent. Indications are to me the FTP Server has fulfilled its responsibilities and is waiting for CoreFTP Client's next command.
All bytes of the file are transferred successfully. The FTP server considers the file complete. The only problem is the connection hangs following the transfer. I use disconnect to end the connection.
I can demonstrate this problem at will. If you would like to observe the behavior I can arrange a webx to share my desktop over the internet.
I have down loaded the current beta version 2.1 build 1658 and still experience this problem. Using PASV or PORT mode did not affect the problem.
Using CCC resolves the problem. My impression is CoreFTP might be missing the 226 reply from the FTP server when CCC is not used.
One other note is after the reply '200 CCC command successful' is a long delay - 40-50 seconds. I disabled SYST and still observed this delay.
Welcome to Core FTP, release ver 2.1, build 1658 (U) -- © 2003-2010
WinSock 2.0
Mem -- 2,097,151 KB, Virt -- 2,097,024 KB
Started on Tuesday December 07, 2010 at 10:21:AM
Connect socket #580 to 10.nnn.nnn.nnn, port 123...
220 Server ready for new user.
AUTH TLS
234 Security data exchange complete.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
USER ftp1
331 Password required for ftp1.
PASS **********
230 User ftp1 logged in.
SYST
215 UNIX Type: A
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
PORT 10,nnn,nnn,nnn,83,48
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.969 seconds
CWD /inbound
250 Requested file action okay, completed.
PORT 10,nnn,nnn,nnn,83,49
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Closing data connection, ASCII transfer complete.
Transferred 599 bytes in 0.984 seconds
PWD
257 "/inbound" is current directory.
TYPE A
200 Type set to A.
PORT 10,nnn,nnn,nnn,83,50
200 PORT command successful.
STOR testfile.txt
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
FTPS data transfer problem
-
ForumAdmin
- Site Admin
- Posts: 987
- Joined: Mon Mar 24, 2003 4:37 am
Sorry to report build 1661 didn't help my situation. Below is session dialog. The entire file is transferred. Still looks like CoreFTP missed the server's 226 reply.
Welcome to Core FTP, release ver 2.1, build 1661 (U) -- © 2003-2010
WinSock 2.0
Mem -- 2,097,151 KB, Virt -- 2,097,024 KB
Started on Wednesday December 15, 2010 at 08:37:AM
Connect socket #636 to 10.251.107.154, port 35121...
220 Server ready for new user.
AUTH SSL
234 Security data exchange complete.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
USER timsftp1
331 Password required for timsftp1.
PASS **********
230 User timsftp1 logged in.
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
PORT 10,251,107,11,111,162
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.969 seconds
CWD /inbound
250 Requested file action okay, completed.
PORT 10,251,107,11,111,163
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Closing data connection, ASCII transfer complete.
Transferred 1,220 bytes in 0.969 seconds
PWD
257 "/inbound" is current directory.
TYPE A
200 Type set to A.
PORT 10,251,107,11,111,164
200 PORT command successful.
STOR WINDOWSfoo2.txt
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
WINDOWSfoo2.txt - 287006 bytes transferred
Transfer time: 00:10:04
disconnected
Welcome to Core FTP, release ver 2.1, build 1661 (U) -- © 2003-2010
WinSock 2.0
Mem -- 2,097,151 KB, Virt -- 2,097,024 KB
Started on Wednesday December 15, 2010 at 08:37:AM
Connect socket #636 to 10.251.107.154, port 35121...
220 Server ready for new user.
AUTH SSL
234 Security data exchange complete.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
USER timsftp1
331 Password required for timsftp1.
PASS **********
230 User timsftp1 logged in.
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
PORT 10,251,107,11,111,162
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.969 seconds
CWD /inbound
250 Requested file action okay, completed.
PORT 10,251,107,11,111,163
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Closing data connection, ASCII transfer complete.
Transferred 1,220 bytes in 0.969 seconds
PWD
257 "/inbound" is current directory.
TYPE A
200 Type set to A.
PORT 10,251,107,11,111,164
200 PORT command successful.
STOR WINDOWSfoo2.txt
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
WINDOWSfoo2.txt - 287006 bytes transferred
Transfer time: 00:10:04
disconnected
-
ForumAdmin
- Site Admin
- Posts: 987
- Joined: Mon Mar 24, 2003 4:37 am
Using WindowsSSL I cannot induce the problem. One of the session dialogs is below. The problem appears to be isolated to openssl.
I changed the cipher suite on the FTP server and retried using openssl. Still experiencing the problem but with a different cipher. See second session dialog below.
I also testied using WSFTP. Within WSFTP specified the ciphers to use. Wireshark shows me WSFTP connection using TLS_RSA_EXPORT_WITH_DES40_CBC_SHA. Connected using CoreFTP. Wireshark shows CoreFTP connection using TLS_RSA_EXPORT_WITH_DES40_CBC_SHA. This is the cipher reported in the server hello for both WSFTP and CoreFTP. I don't think the server is having a problem with this cipher. WSFTP has no problems transfering files. Maybe this is an openssl problem.
Using WinSSL.
Welcome to Core FTP, release ver 2.1, build 1661 (U) -- © 2003-2010
WinSock 2.0
Mem -- 2,097,151 KB, Virt -- 2,097,024 KB
Started on Monday December 20, 2010 at 08:43:AM
Connect socket #596 to 10.251.107.154, port 35121...
220 Server ready for new user.
AUTH SSL
234 Security data exchange complete.
SSLv3 (RC4/MD5), 40 bits
USER timsftp1
331 Password required for timsftp1.
PASS **********
230 User timsftp1 logged in.
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
PORT 10,251,107,11,50,75
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.032 seconds
CWD /outbound
250 Requested file action okay, completed.
PORT 10,251,107,11,50,76
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 0 bytes in 0.015 seconds
CDUP
250 Requested file action okay, completed.
PWD
257 "/" is current directory.
PORT 10,251,107,11,50,77
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.015 seconds
CWD /inbound
250 Requested file action okay, completed.
PORT 10,251,107,11,50,78
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 1,146 bytes in 0.016 seconds
PWD
257 "/inbound" is current directory.
TYPE I
200 Type set to I.
PORT 10,251,107,11,50,79
200 PORT command successful.
STOR Test.data2
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, Binary transfer complete.
Test.data2 - 590 bytes transferred
Transfer time: 00:00:03
QUIT
221 Goodbye.
Session Dialog using OpenSSL
Welcome to Core FTP, release ver 2.1, build 1661 (U) -- © 2003-2010
WinSock 2.0
Mem -- 2,097,151 KB, Virt -- 2,097,024 KB
Started on Monday December 20, 2010 at 08:46:AM
Connect socket #596 to 10.251.107.154, port 35121...
220 Server ready for new user.
AUTH SSL
234 Security data exchange complete.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
USER timsftp1
331 Password required for timsftp1.
PASS **********
230 User timsftp1 logged in.
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
PORT 10,251,107,11,51,100
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.969 seconds
CWD /inbound
250 Requested file action okay, completed.
PORT 10,251,107,11,51,101
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
226 Closing data connection, ASCII transfer complete.
Transferred 1,213 bytes in 0.984 seconds
PWD
257 "/inbound" is current directory.
TYPE I
200 Type set to I.
PORT 10,251,107,11,51,102
200 PORT command successful.
STOR Test.File.14
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
Test.File.14 - 574 bytes transferred
Transfer time: 00:04:21
I changed the cipher suite on the FTP server and retried using openssl. Still experiencing the problem but with a different cipher. See second session dialog below.
I also testied using WSFTP. Within WSFTP specified the ciphers to use. Wireshark shows me WSFTP connection using TLS_RSA_EXPORT_WITH_DES40_CBC_SHA. Connected using CoreFTP. Wireshark shows CoreFTP connection using TLS_RSA_EXPORT_WITH_DES40_CBC_SHA. This is the cipher reported in the server hello for both WSFTP and CoreFTP. I don't think the server is having a problem with this cipher. WSFTP has no problems transfering files. Maybe this is an openssl problem.
Using WinSSL.
Welcome to Core FTP, release ver 2.1, build 1661 (U) -- © 2003-2010
WinSock 2.0
Mem -- 2,097,151 KB, Virt -- 2,097,024 KB
Started on Monday December 20, 2010 at 08:43:AM
Connect socket #596 to 10.251.107.154, port 35121...
220 Server ready for new user.
AUTH SSL
234 Security data exchange complete.
SSLv3 (RC4/MD5), 40 bits
USER timsftp1
331 Password required for timsftp1.
PASS **********
230 User timsftp1 logged in.
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
PORT 10,251,107,11,50,75
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.032 seconds
CWD /outbound
250 Requested file action okay, completed.
PORT 10,251,107,11,50,76
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 0 bytes in 0.015 seconds
CDUP
250 Requested file action okay, completed.
PWD
257 "/" is current directory.
PORT 10,251,107,11,50,77
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.015 seconds
CWD /inbound
250 Requested file action okay, completed.
PORT 10,251,107,11,50,78
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, ASCII transfer complete.
Transferred 1,146 bytes in 0.016 seconds
PWD
257 "/inbound" is current directory.
TYPE I
200 Type set to I.
PORT 10,251,107,11,50,79
200 PORT command successful.
STOR Test.data2
125 Data connection already open; transfer starting.
SSLv3 (RC4/MD5), 40 bits
226 Closing data connection, Binary transfer complete.
Test.data2 - 590 bytes transferred
Transfer time: 00:00:03
QUIT
221 Goodbye.
Session Dialog using OpenSSL
Welcome to Core FTP, release ver 2.1, build 1661 (U) -- © 2003-2010
WinSock 2.0
Mem -- 2,097,151 KB, Virt -- 2,097,024 KB
Started on Monday December 20, 2010 at 08:46:AM
Connect socket #596 to 10.251.107.154, port 35121...
220 Server ready for new user.
AUTH SSL
234 Security data exchange complete.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
USER timsftp1
331 Password required for timsftp1.
PASS **********
230 User timsftp1 logged in.
Keep alive off...
PWD
257 "/" is current directory.
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
PORT 10,251,107,11,51,100
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
226 Closing data connection, ASCII transfer complete.
Transferred 194 bytes in 0.969 seconds
CWD /inbound
250 Requested file action okay, completed.
PORT 10,251,107,11,51,101
200 PORT command successful.
LIST
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
226 Closing data connection, ASCII transfer complete.
Transferred 1,213 bytes in 0.984 seconds
PWD
257 "/inbound" is current directory.
TYPE I
200 Type set to I.
PORT 10,251,107,11,51,102
200 PORT command successful.
STOR Test.File.14
125 Data connection already open; transfer starting.
TLSv1, cipher TLSv1/SSLv3 (EXP-DES-CBC-SHA) - 56 bit
Test.File.14 - 574 bytes transferred
Transfer time: 00:04:21
Same problem here too
I am also getting this issue. I can connect to the client fine, but when it is negotiating the security it seems to take ages. I was testing with 6 files all less than 1KB and it was taking about 5 minutes to download them.
I tried this with Filezilla and it did it instantly, unfortunately Filezilla doesn't allow command line scripts.
I have tried Open SSL and Windows SSL and using CCC and nothing seems to make any difference. I have also tried the latest dev build.
Did you manage to get a fix for this.
I tried this with Filezilla and it did it instantly, unfortunately Filezilla doesn't allow command line scripts.
I have tried Open SSL and Windows SSL and using CCC and nothing seems to make any difference. I have also tried the latest dev build.
Did you manage to get a fix for this.