Article delegate-en/3171 of [1-5108] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
 
Implicit SSL protection of the FTP session
Wed, 29 Mar 2006     Marcelo Spohn

Hi Yutaka,

I'm having a hard time trying to make some FTPS clients to open a data
connection through a Delegate FTPS proxy. (The login process goes
smooth; no problems with the control connnection.) The problem seems to
be that the FTPS clients are using implicit SSL protection of the FTP
session, i.e., they don't seem to be using AUTH TLS or AUTH SSL. Does
Delegate support such type of clients?

My config file is shown below:

    -vv
    LIBPATH='${LIBDIR}:/usr/local/lib:/usr/lib'
    -P990
    SERVER=ftp
    STLS=fcl,"sslway -vd -cert cert.pem"

Some excerpts from the log file:

03/29 01:42:08.83 [15424] 1+0: isinSSL ? [80] from client
03/29 01:42:08.83 [15424] 1+0: SSL Hello?5 [80 130 1 3 1]
03/29 01:42:08.83 [15425] 1+0: -- Fork(FCL): 15424 -> 15425
03/29 01:42:08.84 [15425] 1+0: ## SSLway CFI_TYPE=FCL: -ac is assumed
03/29 01:42:08.84 [15425] 1+0: ## SSLway start
03/29 01:42:08.84 [15425] 1+0: TCP_NODELAY[8] 0 -> 1
03/29 01:42:08.84 [15425] 1+0: TCP_NODELAY[14] 0 -> 1
03/29 01:42:08.84 [15425] 1+0: ## SSLway reuse ctx #2400000 000F0X
03/29 01:42:08.84 [15424] 1+0: ## STLS ## IMPLICIT SSL ON 27,27,27,14


03/29 01:42:08.99 [15424] 1+0/4/3: #### EPSV^M
03/29 01:42:08.99 [15424] 1+0/4/4: cannot make FTP data port: no control
conn-2.
03/29 01:42:08.99 [15425] 1+0: ## SSLway S-C: 39/39 -> 39/SSL
03/29 01:42:08.99 [15424] 1+0/4/4: PASV [] >> 500 Can't create Passive
Mode socket.^M
03/29 01:42:08.99 [15424] 1+0/4/4: service_ftp: start PollIns=[8,27]

Your help is greatly appreaciated!

Thanks,
Marcelo

  search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
Generated:10/31 00:54:23 (1 sec) Expires:10/31 00:54:22 @_@V