Overview
Features
Download
Documentation
Community
Add-Ons & Services

Problem with FTPS client code

Please post support and help requests here.

Problem with FTPS client code

Postby SVYurov » 23 Jan 2013, 13:36

Hello.
I'm trying to make a FTPS client using a code like this

Code: Select all
void main(void)
{
   try
   {
      initializeSSL();
      
      //…

      Context::Ptr context(new Context(Context::CLIENT_USE, "cert.pem"));
      
      SecureStreamSocket ftpSocket(ftpAddress, context);

      FTPClientSession ftpSession(ftpSocket);
      
      ftpSession.login(login, password);
      {
         //…
      }
      ftpSession.close();

      uninitializeSSL();
   }
   catch(Poco::Exception &exception)
   {
      std::cout<< exception.displayText()<< std::endl;
   }
   catch(std::exception &exception)
   {
      std::cout<< "Error: "<< exception.what()<< std::endl;
   }

   return 0;
}


FTP server is set up on IIS 7.5, SSL enabled, self-signed test certificate is used.

I'm getting the following error:
SSL Exception: error:140770FC:SSL routines:SSL23_GET_SERVERHELLO:unknown protocol

Please, help me to understand what can be wrong here.

P.S.: I have read other threads. Unfortunately, it did not help.
SVYurov
 
Posts: 2
Joined: 23 Jan 2013, 12:48

Re: Problem with FTPS client code

Postby alex » 24 Jan 2013, 03:54

SVYurov wrote:Please, help me to understand what can be wrong here.

Are you sure server is FTPS?
alex
 
Posts: 1044
Joined: 11 Jul 2006, 16:27
Location: United_States

Re: Problem with FTPS client code

Postby SVYurov » 24 Jan 2013, 08:34

alex wrote:Are you sure server is FTPS?


Yes, I'm pretty sure. More specifically, it's a FTPES.

Actually, you can see the logs yourself.

FileZilla 3.6.0.2 logs:

Without TLS

Status: Connecting to 127.0.0.1:521...
Status: Connection established, waiting for welcome message...
Response: 220 Microsoft FTP Service
Command: USER ########
Response: 534-Policy requires SSL.
Response: Win32 error: Access is denied.
Response: Error details: SSL policy requires SSL for control channel.
Response: 534 End
Error: Could not connect to server

Using implicit FTP over TLS

Status: Connecting to 127.0.0.1:521...
Status: Connection established, initializing TLS...
Error: GnuTLS error -15: An unexpected TLS packet was received.
Error: Could not connect to server

Using explicit FTP over TLS

Status: Connecting to 127.0.0.1:521…
Status: Connection established, waiting for welcome message...
Response: 220 Microsoft FTP Service
Command: AUTH TLS
Response: 234 AUTH command ok. Expecting TLS Negotiation.
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER ########
Status: TLS/SSL connection established.
Response: 331 Password required for ########.
Command: PASS ****************
Response: 230 User logged in.
Command: OPTS UTF8 ON
Response: 200 OPTS UTF8 command successful - UTF8 encoding now ON.
Command: PBSZ 0
Response: 200 PBSZ command successful.
Command: PROT P
Response: 200 PROT command successful.
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Status: Directory listing successful


Total Commander 7.04a logs:

Without TLS

Connect to: (24.01.2013 9:57:25)
hostname=127.0.0.1:521
username=########
startdir=
220 Microsoft FTP Service
USER ########
534-Policy requires SSL.
Win32 error: Access is denied.
Error details: SSL policy requires SSL for control channel.
534 End
QUIT

With TLS

Connect to: (24.01.2013 9:57:32)
hostname=127.0.0.1:521
username=########
startdir=
220 Microsoft FTP Service
AUTH TLS
234 AUTH command ok. Expecting TLS Negotiation.
Cert subject: /CN=localhost
Cert issuer: /CN=localhost
USER ########
331 Password required for ########.
PASS ***********
230 User logged in.
SYST
215 Windows_NT
FEAT
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
PBSZ 0
200 PBSZ command successful.
PROT P
200 PROT command successful.
Connect ok!
PWD
257 "/" is current directory.
Get directory
TYPE A
200 Type set to A.
PORT 127,0,0,1,7,70
200 PORT command successful.
LIST
125 Data connection already open; Transfer starting.
Download
Waiting for server...
226 Transfer complete.


P.S.: A few minutes ago I have tried a FileZilla FTP Server. Results are the same.

Edit:
OK, I've realized that ftpSocket(ftpAddress, context) constructor will try to establish a secured connecton immediatly, and that will be a conflict with a protocol of explicit FTP over TLS. I've tried to change code so that a simple FTP connection is established first and then an attempt to turn on SSL is made.

Code: Select all
StreamSocket ftpSocket(address);

FTPClientSession ftpSession(ftpSocket);

std::string response;      
ftpSession.sendCommand("AUTH TLS", response);

SecureStreamSocket ftpSecuredSocket(context);

ftpSecuredSocket.attach(ftpSocket, context);


Result is still the same. Error (error:140770FC:SSL routines:SSL23_GET_SERVERHELLO:unknown protocol) is generated by SSL_connect funcition called by ftpSecuredSocket.attach(ftpSocket, context). Something more should be done here apparently.
SVYurov
 
Posts: 2
Joined: 23 Jan 2013, 12:48

Re: Problem with FTPS client code

Postby alex » 25 Jan 2013, 01:34

Probably has to do with switching to TLS. I don't have any experience with FTPS, but there were other TLS-related questions on this forum.
alex
 
Posts: 1044
Joined: 11 Jul 2006, 16:27
Location: United_States


Return to Support

Who is online

Users browsing this forum: No registered users and 1 guest

cron