[ https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17152066#comment-17152066 ]
Enrico Olivelli commented on NET-408: ------------------------------------- [~7265626F6F74] Thank you very much. I have now this error: {code:java} java.lang.IllegalStateException: Client/Server mode has not yet been set.java.lang.IllegalStateException: Client/Server mode has not yet been set. at java.base/sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:134) at java.base/sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:123) at java.base/javax.net.ssl.SSLEngine.wrap(SSLEngine.java:479) at org.apache.commons.net.io.ext.ChannelSslWritableByteChannel.write(ChannelSslWritableByteChannel.java:66) at java.base/java.nio.channels.Channels.writeFullyImpl(Channels.java:74) at java.base/java.nio.channels.Channels.writeFully(Channels.java:97) at java.base/java.nio.channels.Channels$1.write(Channels.java:172) at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:82) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:355) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:267) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:262) at java.base/sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1654) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:443) at org.apache.commons.net.ftp.FTPSClient._openDataConnection_(FTPSClient.java:682) at org.apache.commons.net.ftp.FTPClient._openDataConnection_(FTPClient.java:790) at org.apache.commons.net.ftp.FTPClient.initiateListParsing(FTPClient.java:3456) at org.apache.commons.net.ftp.FTPClient.initiateListParsing(FTPClient.java:3386) at org.apache.commons.net.ftp.FTPClient.listFiles(FTPClient.java:3063) {code} I am now trying to force "clientMode" in ChannelSslAdapter.java Once I get this to work, could you please send an official patch or commit to master branch this patch ? > problem connecting to ProFTPD with FTPES > ---------------------------------------- > > Key: NET-408 > URL: https://issues.apache.org/jira/browse/NET-408 > Project: Commons Net > Issue Type: Bug > Components: FTP > Affects Versions: 2.2, 3.0 > Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1 > 32bit, Kernel 2.6.16.46-0.12-default (config file attached) > ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop > Java 1.5 > Reporter: Michael Voigt > Priority: Major > Attachments: BCFTPSClient.java, FTPSClientWithTLSResumption.zip, > PTFTPSClient.java, ftpes.jpg, proftpd.conf > > > I have a problem with the FTPClient connecting to a ProFTPD server. > If the server uses the configuration option "TLSProtocol TLSv1", I > cannot connect to it at all. I recieve the following error message: > - javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection > On the server side I see in the log: > unable to accept TLS connection: protocol error: > - (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert > certificate unknown > - TLS/TLS-C negotiation failed on control channel > If the server uses the configuration option "TLSProtocol SSLv23", I > can connect to it but I cant transfer any files. In the server log I > see: > - starting TLS negotiation on data connection > - TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits) > - client did not reuse SSL session, rejecting data connection (see > TLSOption NoSessionReuseRequired) > - unable to open data connection: TLS negotiation failed > If I add the NoSessionReuseRequired parameter to the ProFTPD config > everything works fine. > Here is my code: > FTPClient ftpClient = new FTPClient(); > ftpClient = new FTPSClient("TLS"); > // this throws an exception with TLSProtocol TLSv1 > ftpClient.connect(host, port); > int reply = ftpClient.getReplyCode(); > if (!FTPReply.isPositiveCompletion(reply)) { > ftpClient.disconnect(); > log.error("The FTP Server did not return a positive > completion reply!"); > throw new > FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION); > } > boolean loginSuccessful = ftpClient.login(userName, password); > if (!loginSuccessful) { > log.error("Login to the FTP Server failed! The > credentials are not valid."); > throw new > FtpTransferException(ECCUtils.ERROR_FTP_LOGIN); > } > ftpClient.execPBSZ(0); > ftpClient.execPROT("P"); > boolean success = ftpClient.storeFile(fileName, fis); > if (!success) { > // this is false if "NoSessionReuseRequired" is not set > } > Now my question is if it is generally possible to connect to a server > with "TLSProtocol TLSv1" or "TLSProtocol SSLv23" without the > "NoSessionReuseRequired" parameter? Could someone provide a piece of > example code for this? -- This message was sent by Atlassian Jira (v8.3.4#803005)