Re: [twsocket] error with Ftp over TLS
- Original Message - From: Arno Garrels arno.garr...@gmx.de To: ICS support mailing twsocket@elists.org Sent: Monday, December 07, 2009 7:43 PM Subject: Re: [twsocket] error with Ftp over TLS Hi Arno, thank you ofr your response. Strange, was it possible to post a common FTP log as well? i don't understant very well, what is the problem to post the log? With method ReceiveAsync the component doesn't try to establish a secure data channel/connection. However some server may require it, just a guess (haven't read your attached log yet). If so, do not use method ReceiveAsync but the low level methods instead. ok, i try tomorrow. I use ReceiveAsync because is too easy and i see that it work with a lot of customers (the ftp server is only one for all customers). Anyway tomorrow i try with low level methods and send you the log. regards daniele Example FTP log, method ReceiveAsync, data channel plain text allowed: Executing Requested Command 220 FileZilla Server version 0.9.24 beta Session Connected, error = 0 AUTH SSL 234 Using authentication type SSL ! SSL handshake OK USER ics 331 Password required for ics PASS ics 230 Logged on CWD / 250 CWD successful. / is current directory. TYPE I 200 Type set to I PASV 227 Entering Passive Mode (192,168,178,200,8,240) RETR _tmp.txt 150 Connection accepted 226 Transfer OK ! 1,07Kbytes received/sent in 0 milliseconds QUIT 221 Goodbye Example FTP log, method ReceiveAsync, server requires secure data channel: Executing Requested Command 220 FileZilla Server version 0.9.24 beta Session Connected, error = 0 AUTH SSL 234 Using authentication type SSL ! SSL handshake OK USER ics 331 Password required for ics PASS ics 230 Logged on CWD / 250 CWD successful. / is current directory. TYPE I 200 Type set to I PASV 227 Entering Passive Mode (192,168,178,200,8,246) RETR _tmp.txt 550 PROT P required Request 6 Done. StatusCode = 550 LastResponse was : '550 PROT P required' Error = 550 (550 PROT P required) -- Arno Garrels this is the section of code that i use for download: FtpClient1.DisplayFileFlag := false; FtpClient1.Passive := true; FtpClient1.Binary := true; if UseTLS then begin FtpClient1.SSLContext := CM.FtpCliSslContext; FtpClient1.ProtLevel := 'P'; FtpClient1.PBSZSize:= 0; FtpClient1.SslType := sslTypeAuthTls; end; FtpClient1.ReceiveAsync; anyone have a suggestion? thank you in advantage. this is the last part of ics log: 18.09.16.125 |227 Entering Passive Mode (82,0,0,0,78,76)| 18.09.16.125 ! HighLevelAsync 0 18.09.16.125 ! Data Socket Connect 18.09.16.125 TWSocket will connect to 82.0.0.0:20044 18.09.16.125 033FABF0 PutDataInSslBuffer 748 len 6 [254] 18.09.16.125 033FABF0 SslTryToSend 748 18.09.16.125 033FABF0 BIO_write(sslbio, 0x33D8110, 6) = 6 [255] 18.09.16.125 033FABF0 BIO_ctrl(sslbio, BIO_CTRL_FLUSH, 0, 0x0) = 1 [256] 18.09.16.125 033FABF0 TriggerEvents 748 SslState: SSL_ST_OK // MayFD_Read=0 MayDoRecv=-1 MayFD_Write=-1 MaySslTryToSend=-1 bSslAllSent=-1 bAllSent=0 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 37 [257] 18.09.16.125 033FABF0 TriggerEvent sslFdWrite 748 18.09.16.125 033FABF0 BIO_ctrl_pending(sslbio) = 0 [258] 18.09.16.125 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [259] 18.09.16.125 033FABF0 TriggerEvents 748 SslState: SSL_ST_OK // MayFD_Read=0 MayDoRecv=-1 MayFD_Write=0 MaySslTryToSend=-1 bSslAllSent=-1 bAllSent=0 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 37 [260] 18.09.16.125 033FABF0 BIO_ctrl_pending(sslbio) = 0 [261] 18.09.16.125 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [262] 18.09.16.125 SslAsyncSelect 748, 2 FD_WRITE 18.09.16.125 033FABF0 TCustomSslWSocket.Do_FD_WRITE 748 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 37 [263] 18.09.16.125 033FABF0 BIO_read(nbio, 0x13AED8, 37) = 37 [264] 18.09.16.125 033FABF0 my_RealSend (0x2EC, 1289944, 37) = 37 [265] 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 0 [266] 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 0 [267] 18.09.16.125 033FABF0 TriggerDataSent 748 18.09.16.125 033FABF0 TriggerEvents 748 SslState: SSL_ST_OK // MayFD_Read=0 MayDoRecv=-1 MayFD_Write=-1 MaySslTryToSend=-1 bSslAllSent=-1 bAllSent=-1 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 0 [268] 18.09.16.125 033FABF0 BIO_ctrl_pending(sslbio) = 0 [269] 18.09.16.125 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [270] 18.09.16.171 ! Data Session Connected (Get) 18.09.16.171 033FB3B0 TryToSend 808 18.09.16.171 033FB3B0 TriggerDataSent 808 18.09.16.203 033FABF0 TCustomSslWSocket.Do_FD_READ 748 18.09.16.203 033FABF0 BIO_ctrl_pending(sslbio) = 0 [271] 18.09.16.203 033FABF0 BIO_ctrl_get_read_request(nbio) = 0 [272] 18.09.16.203 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [273] 18.09.16.203 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = 69 [274
Re: [twsocket] error with Ftp over TLS
Svemu - Reparto Sviluppo wrote: With method ReceiveAsync the component doesn't try to establish a secure data channel/connection. However some server may require it, just a guess (haven't read your attached log yet). If so, do not use method ReceiveAsync but the low level methods instead. (the ftp server is only one for all customers). My guess was not correct. Strange, was it possible to post a common FTP log as well? i don't understant very well, what is the problem to post the log? It takes some time to read and understand the full debug log. The log entries of data socket seem ok and the file should have been received, correct? 18.09.16.171 ! Data Session Connected (Get) 18.09.16.171 033FB3B0 TryToSend 808 18.09.16.171 033FB3B0 TriggerDataSent 808 [..] 18.09.16.218 033FB3B0 *CloseCalled 808 18.09.16.218 033FB3B0 TCustomWSocket.Shutdown 1 808 However the multi-line 226 response looks strange to me: 18.09.16.171 ! Data Session Connected (Get) [..] 18.09.16.203 |150 Accepted data connection| [..] 18.09.16.218 |226-Options: -a | [..] 18.09.16.218 |226 246 matches total| Normal flow would look like this: 18.09.16.171 ! Data Session Connected (Get) [..] 18.09.16.203 |150 Accepted data connection| [..] 18.09.16.218 |226 Transfer OK| Afterwards the server actually doesn't perform the bidirectional SSL shutdown correctly but drops the line: 18.09.16.265 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = -1 [336] So you get error 500 Control connection closed - Connection aborted (#10053) What FTP server is it? -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] error with Ftp over TLS
- Original Message - From: Arno Garrels arno.garr...@gmx.de To: ICS support mailing twsocket@elists.org Sent: Tuesday, December 08, 2009 12:38 PM Subject: Re: [twsocket] error with Ftp over TLS The log entries of data socket seem ok and the file should have been received, correct? yes is true. Afterwards the server actually doesn't perform the bidirectional SSL shutdown correctly but drops the line: 18.09.16.265 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = -1 [336] So you get error 500 Control connection closed - Connection aborted (#10053) What FTP server is it? Pure-FTPd [TLS] (if you want, i can give you an account...) In the same client, i have other connection on the same server but this time via HTTPS and work fine (the same customer have problem with ftp over tls but work with https)- i've two TSslContext, one for Ftp and other for Http, do you tink that the problem can be in one or more properties of SslContext? Tomorrow i try to use the settings of SslContex for http on ftp. thank you, regards daniele -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] error with Ftp over TLS
Svemu - Reparto Sviluppo wrote: The log entries of data socket seem ok and the file should have been received, correct? yes is true. Afterwards the server actually doesn't perform the bidirectional SSL shutdown correctly but drops the line: 18.09.16.265 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = -1 [336] So you get error 500 Control connection closed - Connection aborted (#10053) What FTP server is it? Pure-FTPd [TLS] (if you want, i can give you an account...) Yes please. I do not know Pure-FTPd but the documentation says: Pure-FTPd has experimental support for encryption of the control and data channels using SSL/TLS security mechanisms -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] error with Ftp over TLS
- Original Message - From: Arno Garrels arno.garr...@gmx.de To: ICS support mailing twsocket@elists.org Sent: Tuesday, December 08, 2009 1:10 PM Subject: Re: [twsocket] error with Ftp over TLS Svemu - Reparto Sviluppo wrote: The log entries of data socket seem ok and the file should have been received, correct? yes is true. Afterwards the server actually doesn't perform the bidirectional SSL shutdown correctly but drops the line: 18.09.16.265 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = -1 [336] So you get error 500 Control connection closed - Connection aborted (#10053) What FTP server is it? Pure-FTPd [TLS] (if you want, i can give you an account...) Yes please. please send me your email address at chmod700 !at! hotmail.it (!at! is for prevent spam) I do not know Pure-FTPd but the documentation says: Pure-FTPd has experimental support for encryption of the control and data channels using SSL/TLS security mechanisms -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] error with Ftp over TLS
Svemu - Reparto Sviluppo wrote: Pure-FTPd [TLS] (if you want, i can give you an account...) Yes please. please send me your email address at chmod700 !at! hotmail.it (!at! is for prevent spam) My email address is included in this email header, no need to send it to you, anyway CCed. -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] error with Ftp over TLS
However the multi-line 226 response looks strange to me: 18.09.16.171 ! Data Session Connected (Get) [..] 18.09.16.203 |150 Accepted data connection| [..] 18.09.16.218 |226-Options: -a | [..] 18.09.16.218 |226 246 matches total| Normal flow would look like this: 18.09.16.171 ! Data Session Connected (Get) [..] 18.09.16.203 |150 Accepted data connection| [..] 18.09.16.218 |226 Transfer OK| Afterwards the server actually doesn't perform the bidirectional SSL shutdown correctly but drops the line: 18.09.16.265 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = -1 [336] So you get error 500 Control connection closed - Connection aborted (#10053) Just tested your server several times and it works fine with the test account you sent me. I wonder why your log contains these strange looking responses: 18.09.16.203 |150 Accepted data connection| [..] 18.09.16.218 |226-Options: -a | [..] 18.09.16.218 |226 246 matches total| In my tests I got this: 16:11:07:578 |150-Accepted data connection| [..] 16:11:07:578 |150 312.6 kbytes to download| [..] 16:11:08:156 |226-File successfully transferred| [..] 16:11:08:156 |226 0.554 seconds (measured here), 0.55 Mbytes per second| [..] 16:11:08:343 |221-Goodbye. You uploaded 0 and downloaded 313 kbytes.| [..] 16:11:08:359 |221 Logout.| (all multi-line responses) And the server does not drop the control connection but performs the bidirectional SSL shutdown correctly: 16:11:08:359 009D8250 BIO_ctrl_pending(sslbio) = 0 [420] 16:11:08:359 009D8250 SslInternalClose 1824 16:11:08:359 009D8250 TCustomSslWSocket.ShutDown 1 1824 16:11:08:359 009D8250 SslInternalShutdown 1824 16:11:08:359 ICB SSL3 alert write warning close notify 16:11:08:359 009D8250 BIO_ctrl_pending(nbio) = 37 [421] 16:11:08:359 009D8250 SslShutdownCompleted *0* 1824 16:11:08:359 009D8250 TriggerEvents 1824 SslState: SSL_ST_OK // MayFD_Read=0 MayDoRecv=-1 MayFD_Write=-1 MaySslTryToSend=-1 bSslAllSent=-1 bAllSent=-1 16:11:08:359 009D8250 BIO_ctrl_pending(nbio) = 37 [422] 16:11:08:359 009D8250 TriggerEvent sslFdWrite 1824 16:11:08:359 009D8250 BIO_ctrl_pending(sslbio) = 0 [423] 16:11:08:359 009D8250 BIO_ctrl_get_write_guarantee(nbio) = 4096 [424] 16:11:08:359 009D8250 TCustomSslWSocket.Do_FD_WRITE 1824 16:11:08:359 009D8250 BIO_ctrl_pending(nbio) = 37 [425] 16:11:08:359 009D8250 BIO_read(nbio, 0x13BD6C, 37) = 37 [426] 16:11:08:359 009D8250 my_RealSend (0x720, 1293676, 37) = 37 [427] 16:11:08:359 009D8250 BIO_ctrl_pending(nbio) = 0 [428] 16:11:08:359 009D8250 BIO_ctrl_pending(nbio) = 0 [429] 16:11:08:359 009D8250 BIO_ctrl_pending(nbio) = 0 [430] 16:11:08:359 009D8250 TriggerSslShutDownComplete(0) 1824 16:11:08:359 009D8250 TCustomWSocket.Shutdown 1 1824 16:11:08:359 009D8250 SslShutdownCompleted *1* 1824 16:11:08:359 009D8250 TCustomSslWSocket.Do_FD_CLOSE error #0 1824 16:11:08:359 009D8250 BIO_ctrl_pending(sslbio) = 0 [431] 16:11:08:359 009D8250 Socket data pending: 0 Err: 0 1824 16:11:08:359 009D8250 FCloseInvoked=0 1824 16:11:08:375 ! HighLevelAsync 0 16:11:08:375 ! HighLevelAsync done 16:11:08:375 009D8250 ResetSslSession 1824 16:11:08:375 SslAsyncSelect 1824, 32 FD_CLOSE 16:11:08:375 SslAsyncSelect 1824, 2 FD_WRITE I've no more ideas, sorry. Maybe somebody else? -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] error with Ftp over TLS
- Original Message - From: Arno Garrels arno.garr...@gmx.de To: ICS support mailing twsocket@elists.org; daniele barbato chmod...@hotmail.it Sent: Tuesday, December 08, 2009 4:53 PM Subject: Re: [twsocket] error with Ftp over TLS However the multi-line 226 response looks strange to me: 18.09.16.171 ! Data Session Connected (Get) [..] 18.09.16.203 |150 Accepted data connection| [..] 18.09.16.218 |226-Options: -a | [..] 18.09.16.218 |226 246 matches total| Normal flow would look like this: 18.09.16.171 ! Data Session Connected (Get) [..] 18.09.16.203 |150 Accepted data connection| [..] 18.09.16.218 |226 Transfer OK| Afterwards the server actually doesn't perform the bidirectional SSL shutdown correctly but drops the line: 18.09.16.265 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = -1 [336] So you get error 500 Control connection closed - Connection aborted (#10053) Just tested your server several times and it works fine with the test account you sent me. I wonder why your log contains these strange looking responses: i think that the difference is the command. probably in my log the command was FtpClient1.ListAsync; I've no more ideas, sorry. Maybe somebody else? tomorrow i do a new test on a customer pc, because from my office work fine. thank you. regards daniele -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] error with Ftp over TLS
Svemu - Reparto Sviluppo wrote: Hi, i use a TSslFtpClient and TSslContext for upload and download data from FtpServer over TLS. some customers have this error: 500 Control connection closed - Connection aborted (#10053) Strange, was it possible to post a common FTP log as well? With method ReceiveAsync the component doesn't try to establish a secure data channel/connection. However some server may require it, just a guess (haven't read your attached log yet). If so, do not use method ReceiveAsync but the low level methods instead. Example FTP log, method ReceiveAsync, data channel plain text allowed: Executing Requested Command 220 FileZilla Server version 0.9.24 beta Session Connected, error = 0 AUTH SSL 234 Using authentication type SSL ! SSL handshake OK USER ics 331 Password required for ics PASS ics 230 Logged on CWD / 250 CWD successful. / is current directory. TYPE I 200 Type set to I PASV 227 Entering Passive Mode (192,168,178,200,8,240) RETR _tmp.txt 150 Connection accepted 226 Transfer OK ! 1,07Kbytes received/sent in 0 milliseconds QUIT 221 Goodbye Example FTP log, method ReceiveAsync, server requires secure data channel: Executing Requested Command 220 FileZilla Server version 0.9.24 beta Session Connected, error = 0 AUTH SSL 234 Using authentication type SSL ! SSL handshake OK USER ics 331 Password required for ics PASS ics 230 Logged on CWD / 250 CWD successful. / is current directory. TYPE I 200 Type set to I PASV 227 Entering Passive Mode (192,168,178,200,8,246) RETR _tmp.txt 550 PROT P required Request 6 Done. StatusCode = 550 LastResponse was : '550 PROT P required' Error = 550 (550 PROT P required) -- Arno Garrels this is the section of code that i use for download: FtpClient1.DisplayFileFlag := false; FtpClient1.Passive := true; FtpClient1.Binary := true; if UseTLS then begin FtpClient1.SSLContext := CM.FtpCliSslContext; FtpClient1.ProtLevel := 'P'; FtpClient1.PBSZSize:= 0; FtpClient1.SslType := sslTypeAuthTls; end; FtpClient1.ReceiveAsync; anyone have a suggestion? thank you in advantage. this is the last part of ics log: 18.09.16.125 |227 Entering Passive Mode (82,0,0,0,78,76)| 18.09.16.125 ! HighLevelAsync 0 18.09.16.125 ! Data Socket Connect 18.09.16.125 TWSocket will connect to 82.0.0.0:20044 18.09.16.125 033FABF0 PutDataInSslBuffer 748 len 6 [254] 18.09.16.125 033FABF0 SslTryToSend 748 18.09.16.125 033FABF0 BIO_write(sslbio, 0x33D8110, 6) = 6 [255] 18.09.16.125 033FABF0 BIO_ctrl(sslbio, BIO_CTRL_FLUSH, 0, 0x0) = 1 [256] 18.09.16.125 033FABF0 TriggerEvents 748 SslState: SSL_ST_OK // MayFD_Read=0 MayDoRecv=-1 MayFD_Write=-1 MaySslTryToSend=-1 bSslAllSent=-1 bAllSent=0 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 37 [257] 18.09.16.125 033FABF0 TriggerEvent sslFdWrite 748 18.09.16.125 033FABF0 BIO_ctrl_pending(sslbio) = 0 [258] 18.09.16.125 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [259] 18.09.16.125 033FABF0 TriggerEvents 748 SslState: SSL_ST_OK // MayFD_Read=0 MayDoRecv=-1 MayFD_Write=0 MaySslTryToSend=-1 bSslAllSent=-1 bAllSent=0 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 37 [260] 18.09.16.125 033FABF0 BIO_ctrl_pending(sslbio) = 0 [261] 18.09.16.125 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [262] 18.09.16.125 SslAsyncSelect 748, 2 FD_WRITE 18.09.16.125 033FABF0 TCustomSslWSocket.Do_FD_WRITE 748 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 37 [263] 18.09.16.125 033FABF0 BIO_read(nbio, 0x13AED8, 37) = 37 [264] 18.09.16.125 033FABF0 my_RealSend (0x2EC, 1289944, 37) = 37 [265] 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 0 [266] 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 0 [267] 18.09.16.125 033FABF0 TriggerDataSent 748 18.09.16.125 033FABF0 TriggerEvents 748 SslState: SSL_ST_OK // MayFD_Read=0 MayDoRecv=-1 MayFD_Write=-1 MaySslTryToSend=-1 bSslAllSent=-1 bAllSent=-1 18.09.16.125 033FABF0 BIO_ctrl_pending(nbio) = 0 [268] 18.09.16.125 033FABF0 BIO_ctrl_pending(sslbio) = 0 [269] 18.09.16.125 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [270] 18.09.16.171 ! Data Session Connected (Get) 18.09.16.171 033FB3B0 TryToSend 808 18.09.16.171 033FB3B0 TriggerDataSent 808 18.09.16.203 033FABF0 TCustomSslWSocket.Do_FD_READ 748 18.09.16.203 033FABF0 BIO_ctrl_pending(sslbio) = 0 [271] 18.09.16.203 033FABF0 BIO_ctrl_get_read_request(nbio) = 0 [272] 18.09.16.203 033FABF0 BIO_ctrl_get_write_guarantee(nbio) = 4096 [273] 18.09.16.203 033FABF0 Winsock recv( 748, 0x13CED4, 4096, 0) = 69 [274] 18.09.16.203 033FABF0 BIO_write(nbio, 0x13CED4, 69) = 69 [275] 18.09.16.203 033FABF0 BIO_ctrl(nbio, BIO_CTRL_FLUSH, 0, 0x0) = 1 [276] 18.09.16.203 033FABF0 BIO_read(sslbio, 0x1, 0) = 0 [277] 18.09.16.203 033FABF0 BIO_ctrl_pending(sslbio)