Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 65A26200CBC for ; Tue, 20 Jun 2017 13:05:05 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 6405E160BE1; Tue, 20 Jun 2017 11:05:05 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id A7F03160BD3 for ; Tue, 20 Jun 2017 13:05:04 +0200 (CEST) Received: (qmail 2636 invoked by uid 500); 20 Jun 2017 11:05:03 -0000 Mailing-List: contact issues-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: issues@commons.apache.org Delivered-To: mailing list issues@commons.apache.org Received: (qmail 2625 invoked by uid 99); 20 Jun 2017 11:05:03 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Jun 2017 11:05:03 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id 5D059191303 for ; Tue, 20 Jun 2017 11:05:03 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -100.002 X-Spam-Level: X-Spam-Status: No, score=-100.002 tagged_above=-999 required=6.31 tests=[RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id Aw2-EvwHxEnm for ; Tue, 20 Jun 2017 11:05:01 +0000 (UTC) Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id E688F5F6C7 for ; Tue, 20 Jun 2017 11:05:00 +0000 (UTC) Received: from jira-lw-us.apache.org (unknown [207.244.88.139]) by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 63089E07DA for ; Tue, 20 Jun 2017 11:05:00 +0000 (UTC) Received: from jira-lw-us.apache.org (localhost [127.0.0.1]) by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 20AA824007 for ; Tue, 20 Jun 2017 11:05:00 +0000 (UTC) Date: Tue, 20 Jun 2017 11:05:00 +0000 (UTC) From: "Jouko Toivonoja (JIRA)" To: issues@commons.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (NET-408) problem connecting to ProFTPD with FTPES MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Tue, 20 Jun 2017 11:05:05 -0000 [ https://issues.apache.org/jira/browse/NET-408?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16055584#comment-16055584 ] Jouko Toivonoja commented on NET-408: ------------------------------------- Erick Lichtas, I have tried your fix but I'm facing this: 450 TLS session of data connection has not resumed or the session does not match the control connection Any ideas why is this happening? Pretty sure that the server is FileZilla, but unfortunately I have no control over it. > problem connecting to ProFTPD with FTPES > ---------------------------------------- > > Key: NET-408 > URL: https://issues.apache.org/jira/browse/NET-408 > Project: Commons Net > Issue Type: Bug > Components: FTP > Affects Versions: 2.2, 3.0 > Environment: ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1 32bit, Kernel 2.6.16.46-0.12-default (config file attached) > ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop > Java 1.5 > Reporter: Michael Voigt > Attachments: BCFTPSClient.java, ftpes.jpg, FTPSClientWithTLSResumption.zip, proftpd.conf, PTFTPSClient.java > > > I have a problem with the FTPClient connecting to a ProFTPD server. > If the server uses the configuration option "TLSProtocol TLSv1", I > cannot connect to it at all. I recieve the following error message: > - javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection > On the server side I see in the log: > unable to accept TLS connection: protocol error: > - (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert > certificate unknown > - TLS/TLS-C negotiation failed on control channel > If the server uses the configuration option "TLSProtocol SSLv23", I > can connect to it but I cant transfer any files. In the server log I > see: > - starting TLS negotiation on data connection > - TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits) > - client did not reuse SSL session, rejecting data connection (see > TLSOption NoSessionReuseRequired) > - unable to open data connection: TLS negotiation failed > If I add the NoSessionReuseRequired parameter to the ProFTPD config > everything works fine. > Here is my code: > FTPClient ftpClient = new FTPClient(); > ftpClient = new FTPSClient("TLS"); > // this throws an exception with TLSProtocol TLSv1 > ftpClient.connect(host, port); > int reply = ftpClient.getReplyCode(); > if (!FTPReply.isPositiveCompletion(reply)) { > ftpClient.disconnect(); > log.error("The FTP Server did not return a positive completion reply!"); > throw new FtpTransferException(ECCUtils.ERROR_FTP_CONNECTION); > } > boolean loginSuccessful = ftpClient.login(userName, password); > if (!loginSuccessful) { > log.error("Login to the FTP Server failed! The credentials are not valid."); > throw new FtpTransferException(ECCUtils.ERROR_FTP_LOGIN); > } > ftpClient.execPBSZ(0); > ftpClient.execPROT("P"); > boolean success = ftpClient.storeFile(fileName, fis); > if (!success) { > // this is false if "NoSessionReuseRequired" is not set > } > Now my question is if it is generally possible to connect to a server > with "TLSProtocol TLSv1" or "TLSProtocol SSLv23" without the > "NoSessionReuseRequired" parameter? Could someone provide a piece of > example code for this? -- This message was sent by Atlassian JIRA (v6.4.14#64029)