Comments (12)
Didnt read Documentation, Going to try that first :)
from fluentftp.
I followed this post as mentioned in the documentation.:
http://stackoverflow.com/questions/13697230/ssl-stream-failed-to-authenticate-as-client-in-apns-sharp
I generated my own PFX cert, and registered it like so:
https://arashnorouzi.wordpress.com/2011/04/13/sending-apple-push-notifications-in-asp-net-%E2%80%93-part-3-apns-certificates-registration-on-windows/
Despite all this, I am getting exactly what you outlined in the docs
Exception: "A call to SSPI failed, see inner exception."
Inner Message = "The message received was unexpected or badly formatted"
Any help would be greatly appreciated.
PS: I have a working POC of your application with SOCKS5 support. Look out for it once I tidy it up!
Here is my config settings:
conn.Credentials = new NetworkCredential(SiUser, SiPass);
conn.DataConnectionType = FtpDataConnectionType.PASV;
conn.EncryptionMode = FtpEncryptionMode.Explicit;
conn.SocketPollInterval = 5000;
conn.Host = SiIp;
conn.Port = SiPort;
conn.ValidateCertificate += (control, e) => {
e.Accept = true;
};
from fluentftp.
I don't have an SSL FTP test server to check this out. Perhaps you can share credentials to yours (if its a test server) via email, or send me a guide to setting it up on whichever OS it works best? Currently I'm using Windows 7 x64 and have no Unix box nearby, and no VPS/remote box either.
from fluentftp.
This worked fine with the same server, last week. The server hasen't changed.
I don't understand why. Maybe I am missing a setting i had before? Or something with my certs?
I have tried everything under the sun to try and get this to work.
My last attempt was generating a client .p12 cert and using that.
https://gist.github.com/mtigas/952344
Thank you in advance for your support.
from fluentftp.
I was able to solve this by totally by passing MS SSPI.
After days and days of trying every cert known to man, I am starting to think it is a bug with SSPI and newer /stronger CERTS.
I implemented OpenSSL and was able to log in fine.
If you would like more information, please let me know.
I would be happy to keep testing SSPI, however, if it will benefit others.
Also i can try to impliment OpenSSL handshakes into FluentFTP if there is a need.
from fluentftp.
I lost you. You "implemented OpenSSL"? I don't understand what's going on.
from fluentftp.
I Implemented this package:
https://github.com/openssl-net/openssl-net
For whatever reason, SSPI cannot successfully authenticate with my server.
My guess is because the UNIX based server, that is using OpenSSL for its negotiation.
I am really not 100% sure.
Have you had a chance to try the test server I setup?
from fluentftp.
No, not yet. Maybe later this week or next week. If its a specialized use case then I'd prefer not testing it.
from fluentftp.
Hi @zharris6,
Could you show an example of how you implemented the package openssl-net.
https://github.com/openssl-net/openssl-net
from fluentftp.
I am several versions behind at this point. But here is the ActivateEncrpytion method using https://github.com/openssl-net/openssl-net. For the record, I do not believe a Linux/Unix based server using OpenSSL is a specialized use case at all.
public void ActivateEncryption(string targethost, X509CertificateCollection clientCerts, SslProtocols sslProtocols)
{
if (!IsConnected)
throw new InvalidOperationException("The FtpSocketStream object is not connected.");
if (m_netStream == null)
throw new InvalidOperationException("The base network stream is null.");
if (m_sslStream != null)
throw new InvalidOperationException("SSL Encryption has already been enabled on this stream.");
try
{
DateTime auth_start;
TimeSpan auth_time_total;
m_sslStream = new OpenSSL.SSL.SslStream(NetworkStream, true, null, null);
auth_start = DateTime.Now;
var certlist = new OpenSSL.X509.X509List();
var chan = new OpenSSL.X509.X509Chain();
var cert = new OpenSSL.X509.X509Certificate();
chan.Add(cert);
certlist.Add(cert);
m_sslStream.AuthenticateAsClient(targethost, certlist, chan, OpenSSL.SSL.SslProtocols.Default, OpenSSL.SSL.SslStrength.All, false);
auth_time_total = DateTime.Now.Subtract(auth_start);
FtpTrace.WriteLine("Time to activate encryption: {0}h {1}m {2}s, Total Seconds: {3}.",
auth_time_total.Hours,
auth_time_total.Minutes,
auth_time_total.Seconds,
auth_time_total.TotalSeconds);
}
catch (AuthenticationException ex)
{
// authentication failed and in addition it left our
// ssl stream in an unsuable state so cleanup needs
// to be done and the exception can be re-thrown for
// handling down the chain.
Close();
throw ex;
}
}
from fluentftp.
Thank you @zharris6 , when I arrive at the company I will test.
from fluentftp.
I'm looking for more information with this issue;
There's still a plethora of companies running windows 7 on their devices where SSPI is having issues with tls 1.2. I'm at the point where I have to circumvent SSPI all together because the companies can't/won't upgrade the systems.
I'm looking to either use https://www.nuget.org/packages/System.Security.Cryptography.OpenSsl/ because of maintainability, but at this point i'll take anything that works.
from fluentftp.
Related Issues (20)
- Support handling retries on Authentication Exceptions HOT 1
- Connection process hangs when attempting AutoConnect HOT 14
- Error in DownloadDirectory with progress parameter HOT 3
- Download with Progress throws exception HOT 9
- Download doesn't proceed when deployed to Azure Container HOT 16
- Process hang with GnuTLS on Linux/ARM64 HOT 9
- Upload within Parallel.ForEach() HOT 11
- Expection FluentFTP.Exceptions.FtpCommandException: Code: 550 Message: Command not recognized or allowed when use GetListing method HOT 2
- AuthenticateAsClientAsync doesn't respect ReadTimeout in a certain scenario HOT 4
- FtpException thrown downloading file with 49.0.2 works in 49.0.1 HOT 4
- Problems uploading a file into a ftp server with TLS HOT 7
- AsyncFtpClient - The operation has timed out HOT 27
- PRT and EPRT don't respect the configured proxy HOT 6
- GetObjectInfo fails for file names with spaces HOT 6
- Error on FTP UPDATFILE after sucessfull connect HOT 1
- Override Read(Span), ReadAsync(Memory), Write(ROS), WriteAsync(ROM) in streams HOT 3
- Issue with AS400 change - AfterConnect actions cannot be undone HOT 21
- Should FTP work be done with temp files? HOT 5
- GetListing Chinese garbled characters HOT 3
- Timeouts when downloading certain files HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fluentftp.