Article delegate-en/3436 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3431@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: ftps fails to work with client side ssl utilized.... connected but directory hangs
01 Aug 2006 19:27:53 GMT Michael Ingardia <pmugqbdyi-uqy4d4t2jhjr.ml@ml.delegate.org>


Ok I tried this remotely, and in order to hit my ftp server you have to 
have an active connection.  PASV fails due to fire wall rules most likely.

Here is the log:
08/01 14:14:55.38 [2856] 1+0/9/6: ftp_conndata: connected 
127.0.0.1:20->localhost/127.0.0.1:3320 [34](0.0)
08/01 14:14:55.38 [2856] 1+0/9/6: DATA 70.88.30.83:20 -> 
70.10.203.40:3322 .. 127.0.0.1:20 -> 127.0.0.1:3320
(WIN) 14:55.538 [2880] >>>> [0] 1836 is not socket, retrying 
WSADuplicateSocket ...
(WIN) 14:55.538 [2856] spawn() = 1432 [2880], children(alive=3,total=3) 
0.161s
(WIN) 14:55.538 [2856] spawn() = 1432 [4]0.161
08/01 14:14:55.54 [2856] 1+0/9/6: willSTLS_SV: ServerFlags=230
08/01 14:14:55.55 [2880] 1+0: STLS -> CMAP="sslway:FSV:starttls"
08/01 14:14:55.55 [2880] 1+0: STLS -> CMAP="sslway:FCL:starttls"
08/01 14:14:55.56 [2880] 1+0: default netmask 70.10.203.40/. = FFFFFF00
08/01 14:14:55.58 [2880] 1+0: ## SSLway certfile not found or wrong: 
server-cert.pem [at C:\Program Files\DeleGate\work\21]
08/01 14:14:55.58 [2880] 1+0: ## SSLway keyfile not found or wrong: 
server-key.pem [at C:\Program Files\DeleGate\work\21]
08/01 14:14:55.58 [2880] 1+0: ## SSLway key does not match cert: 
server-key.pem server-cert.pem
08/01 14:14:55.58 [2880] 1+0: ## SSLway -- Using Default Certificate
08/01 14:14:55.58 [2880] 1+0: ## SSLway ## 0.000000 connected/accepted
08/01 14:14:55.58 [2880] 1+0: ## SSLway initialized ctx #0000000 0 X
08/01 14:14:55.58 [2880] 1+0: gethostbyname(-) unknown[0.00s]
08/01 14:14:55.58 [2880] 1+0: [FCL] callFilter2: 27=1 38=1 sslway
08/01 14:14:55.67 [2880] 1+0: ## SSLway ## 0.090000 sescache[1] HIT=0 
sR=0 cR=1
(WIN) 14:55.768 [3856] >>>> [0] 1836 is not socket, retrying 
WSADuplicateSocket ...
(WIN) 14:55.768 [2856] spawn() = 1384 [3856], children(alive=4,total=4) 
0.230s
(WIN) 14:55.768 [2856] spawn() = 1384 [4]0.220[7]0.010
(WIN) 14:55.768 [2856] setNonblockingSocket(35,1)=0
(WIN) 14:55.768 [2856] setNonblockingSocket(36,1)=0
(WIN) 14:55.768 [3856] FATAL: inherited handle[0] 1836 is not socket
(WIN) 14:55.768 [2856] -- SOCKET recv(35)=-1 error=10054 [0.000]
08/01 14:14:55.77 [2856] 1+0/9/6: FTP data-relay([35]8000b -> [36]8000b) 
0b / 0/ (0) 0.00s (read-EOF)
(WIN) 14:55.768 [2856] wait(0) = ...
(WIN) 14:55.768 [2856] wait3(H) = 1384 [3856] FFFFFFFF, 
children(alive=3,total=4) 0.00s
(WIN) 14:55.768 [2856] wait(0) = 1384
(WIN) 14:55.768 [2856] setNonblockingSocket(35,0)=0
08/01 14:14:55.77 [2856] 1+0/9/6: Non-Blocking I/O not supported
(WIN) 15:26.472 [2856] -- SOCKET recv(32)=-1 error=10054 [0.000]
08/01 14:15:26.47 [2856] 1+0/9/6: FTP-SERVER: 421 server response timedout^M
(WIN) 15:26.472 [2856] send(30) = -1+0 errno=10054
(WIN) 15:26.472 [2856] Emulating SIGPIPE: send(-1/-1/30) err=10054
08/01 14:15:26.47 [2856] 1+0/9/6: FTP got SIGPIPE: longjump to service_ftp
08/01 14:15:26.47 [2856] 1+0/9/6: ## service_ftp: error return from setjmp.
(WIN) 15:26.472 [2856] send(58) = -1+0 errno=10054
(WIN) 15:26.472 [2856] Emulating SIGPIPE: send(-1/-1/58) err=10054
(WIN) 15:39.271 [1868] wait3(N) = 584 [2856] 3, 
children(alive=0,total=1) 0.00s


Connecting remotely through an active connection however works through 
the client but through the delegate.

mike...



Yutaka Sato wrote:
> Hi,
>
> In message <_A3429@delegate-en.ML_> on 07/30/06(11:33:12)
> you Michael Ingardia <pmugqbdyi-uqy4d4t2jhjr.ml@ml.delegate.org> wrote:
>  |I am trying to use Delegate version 9.2.3 on windows ( will try on Linux 
>  |and solaris later this week) as a ftps proxy.  When invoking the server 
>  |as follows:dg9_2_3 -P21,990 SERVER=ftp STLS=fcl,fsv
>  |
>  |The server starts up, and seems to be and running.  Using a ftps client 
>  |I can connect to the proxy and login, and even get to the target ftps 
>  |server just fine.  When I try to retrieve a directory listing however 
>  |the process hangs after receiving the "here comes the listing" message 
>  |from the server.  I have tried several ftps servers and get the same 
>  |result.  Connecting directly to the ftps server does not have this issue 
>  |( using vsftp on fedora 3 as the server).
>  |
>  |Running the proxy as follows however does work.
>  |dg9_2_3 -P21,990 SERVER=ftp STLS=fsv
>  |
>  |But connecting in this way I have to have my ftp clients be regular ftp 
>  |clients not ftps clients.
>  |
>  |I have also tried mitm for STLS and it also hangs upon trying to 
>  |retrieve the directory listing.
>  |
>  |Thoughts?
>
> I think the LOGFILE of your DeleGate shows some hints about the problem.
> If the server is accessible by me, I'll test it.
>
> Cheers,
> Yutaka
> --
>   9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
>  ( ~ )  National Institute of Advanced Industrial Science and Technology
> _<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
> Do the more with the less -- B. Fuller
>
>
>   



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V