Article delegate-en/4959 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4957@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FTP over SSL Explicit
19 Feb 2011 14:08:50 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

 |31238:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
 |protocol:s23_clnt.c:475:
 |02/14 15:50:23.69 [31238] 1+0/7: builtin-SSLway: ssl_conn() failed

This message seems to show that the server does not support the
negotiation of the version of the SSL protocol to be used.
I tried several combinations to avoid the error message and found the
following to work:

 SERVER=ftp
 MOUNT="/* ftp://ftpsconfpub.belastingdienst.nl:6374/*"
 STLS="fsv,sslway -tls1"
 TLSCONF=-vd
 -vd

With the "-vd" options, DeleGate shows detailed log of SSL negotiation
as follows:

 02/19 23:02:31.32 [27558] 1+0/7: ## SSLway start
 ...
 02/19 23:02:31.35 [27558] 1+0/7: ## SSLway -- TLSxSNI: send ftpsconfpub.belastingdienst.nl
 02/19 23:02:31.63 [27558] 1+0/7: ## SSLway connected
 02/19 23:02:31.63 [27558] 1+0/7: ## SSLway -- 0.000035 start
 02/19 23:02:31.63 [27558] 1+0/7: ## SSLway -- 0.000041 init done
 02/19 23:02:31.63 [27558] 1+0/7: ## SSLway -- 0.004158 begin args
 02/19 23:02:31.63 [27558] 1+0/7: ## SSLway -- 0.004174 end args
 02/19 23:02:31.63 [27558] 1+0/7: ## SSLway -- 0.004732 end rand_seed
 02/19 23:02:31.64 [27558] 1+0/7: ## SSLway -- 0.008311 nodelay set
 02/19 23:02:31.64 [27558] 1+0/7: ## SSLway -- 0.008365 start con/acc
 02/19 23:02:31.64 [27558] 1+0/7: ## SSLway -- 0.032729 ssl_conn() start
 02/19 23:02:31.64 [27558] 1+0/7: ## SSLway -- 0.034168 before connect
 02/19 23:02:31.64 [27558] 1+0/7: ## SSLway -- 0.308243 after connect
 02/19 23:02:31.64 [27558] 1+0/7: ## SSLway -- 0.309791 start relay ...
 02/19 23:02:31.64 [27558] 1+0/7: ## SSLway server's cert. = NONE
 02/19 23:02:31.65 [27558] 1+0/7: ## SSLway S-C EOF from the server
 02/19 23:02:31.65 [27558] 1+0/7: ## SSLway FSV S-C:0/0 C-S:0/0 SC-EOS
 02/19 23:02:31.65 [27558] 1+0/7: ## SSLway S>> shutdown from Server: 2
 02/19 23:02:31.65 [27558] 1+0/7: ## SSLway S<< shutdown Server: 2 <= 2 (1)
 02/19 23:02:31.65 [27558] 1+0/7: ## SSLway done

As the log shows, I could make a little progress than you, but 
there seems another problem.
It is possibly the server reset the connection seeing my IP address.
Thus a confirmation by you will make helpful information for us.

Cheers,
Yutaka
--
  9 9   Yutaka Sato (CSDP,ITIL-F,OCUP-A,Security+) http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller

In message <_A4957@delegate-en.ML_> on 02/15/11(00:01:04)
you plujqbdyi-p5lznxismzxr.ml@ml.delegate.org wrote:
 |Hello,
 |
 |I am trying for a project a connect to an explicid SSL server.
 |
 |This server is maintained by the goverment in the netherlands.
 |
 |
 |Host: ftpsconfpub.belastingdienst.nl
 |Port: 6374
 |
 |I tryed with latest delegate 998
 |
 |no luck, I tryed two different ways of starting the delegate process,
 |
 |
 |1st Method:
 |
 |./delegated-998 -v -P15555 SERVER=ftp MOUNT="/*
 |ftps://ftpsconfpub.belastingdienst.nl:6374/*" STLS="-fcl,fsv"
 |REMITTABLE="ftp" MODE=noxdc
 |
 |I started a local ftp client, and enterd UID / PW for login, connect
 |worked and then after "ls" I get an error.
 |I guess this is due to the fact, that after hte command the connection is
 |established, and not at the first login.
 |
 |Log:
 |02/14 15:49:54.99 [31238] 1+0: PATH:
 |ftp://-:21!localhost:15555!localhost:44586!anonymous@localhost;1297694994
 |02/14 15:49:55.25 [31238] 1+0: FTP server ftp://-:21/
 |02/14 15:49:55.25 [31238] 1+0: *** / =>
 |ftps://ftpsconfpub.belastingdienst.nl:6374/ ***
 |02/14 15:49:55.25 [31238] 1+0: MOUNTED-TO:
 |//ftpsconfpub.belastingdienst.nl:6374/
 |02/14 15:49:55.25 [31238] 1+0: -- putBuiltinHTML: empty
 |ftp-banner-postfix.dhtml
 |02/14 15:49:55.25 [31238] 1+0: bind_insock(20,127.0.0.1,0) = 0, errno=0
 |02/14 15:49:55.25 [31238] 1+0: ### IDENT CONNECT(localhost:113)
 |TIMEOUT(1000ms) (111)
 |02/14 15:49:55.25 [31238] 1+0: #### no authorization required
 |02/14 15:50:23.63 [31238] 1+0/6: FTP-control-remote: 127.0.0.1:15555 [50]
 |02/14 15:50:23.63 [31238] 1+0/6: FTP-data-local[21]: 127.0.0.1:46950
 |02/14 15:50:23.63 [31238] 1+0/6: --FTPdata reuse port# 46950
 |[127,0,0,1,183,102]
 |02/14 15:50:23.63 [31238] 1+0/6: ## [EPSV] restored (|||46950|)
 |02/14 15:50:23.63 [31238] 1+0/6: PASV [X][|||46950|] >> 229 Entering
 |Extended Passive Mode (|||46950|)^M
 |02/14 15:50:23.63 [31238] 1+0/7: *** / =>
 |ftps://ftpsconfpub.belastingdienst.nl:6374/ ***
 |02/14 15:50:23.63 [31238] 1+0/7: MOUNTED REMOTE
 |[USER@ftpsconfpub.belastingdienst.nl:6374] LIST .
 |02/14 15:50:23.63 [31238] 1+0/7: FTP LOGIN FROM localhost TO
 |USER@belastingdienst..nl
 |02/14 15:50:23.63 [31238] 1+0/7: PATH:
 |ftp://ftpsconfpub.belastingdienst.nl:6374!localhost:15555!localhost:44586!anonymous@localhost;1297694994
 |02/14 15:50:23.64 [31238] 1+0/7: FTP server
 |ftp://ftpsconfpub.belastingdienst.nl:6374/
 |02/14 15:50:23.64 [31238] 1+0/7: FTPHOPS: 1 [11/50 - -1/-1]
 |02/14 15:50:23.64 [31238] 1+0/7: mkdirShared FALED errno=13:
 |/var/lib/nobody/delegate/act/servers/cc
 |02/14 15:50:23.64 [31238] 1+0/7: ConnectToServer:
 |DFLT=ftp://ftpsconfpub.belastingdienst.nl:6374 REAL=://:0
 |02/14 15:50:23.66 [31238] 1+0/7: ConnectToServer connected [22]
 |{85.159.100.161:6374 <- 172.30.30.20:46952} [0.021s]
 |02/14 15:50:23.66 [31238] 1+0/7: --FSVX R[:]
 |D[ftp:ftpsconfpub.belastingdienst.nl] <= [starttls/ftp]
 |02/14 15:50:23.68 [31238] 1+0/7: ## SSLway connect failed
 |31238:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
 |protocol:s23_clnt.c:475:
 |02/14 15:50:23.69 [31238] 1+0/7: builtin-SSLway: ssl_conn() failed
 |02/14 15:50:23.69 [31238] 1+0/7: ## SSLway ## cleared the cache(0) on CON
 |error
 |[31238] SSLway ## cleared the cache(0) on CON error
 |(UNIX) 15:50:23.694 [31238] --E-SSLway ErrFin [23 27 28]{rdy=-1 sta=0}
 |02/14 15:50:23.70 [31238] 1+0/7: --pushPFilter (starttls/starttls)
 |tid=DBB0 [22][23] 20030 BFFF1BC0
 |02/14 15:50:23.70 [31238] 1+0/7: willSTLS_SV[ftp]: ServerFlags=20330 BFFF1BC0
 |02/14 15:50:23.70 [31238] 1+0/7: FTP-SERVER: 421 connection closed by
 |server^M
 |02/14 15:50:23.70 [31238] 1+0/7: closed from the server [LIST]
 |02/14 15:50:23.70 [31238] 1+0/7: resetServ 0 0 84628B0 [B7DB2080 B7C3DBB0
 |0] 8[22 22 23 -1 22]1 [50 20483]1
 |02/14 15:50:23.70 [31238] 1+0/7: ## resetServ [22 22 23 -1 22] disconn.
 |02/14 15:51:23.69 [31238] 1+0/7: disconnected [50]
 |-@[127.0.0.1]localhost:44586 (88.711s)(-1)
 |02/14 15:51:23.69 [31238] 1+0/7: #Sig/CSC finish 397 349 P2 R0 E0 {2 r0
 |t0} 0/0/1
 |
 |
 |2nd Method:
 |./delegated-998 FSV=sslway SERVER=ftp -P15555 -v REMITTABLE="ftp" MODE=noxdc
 |
 |Here I also stared a local ftp client and logged in with
 |USER@ftpsconfpub.belastingdienst.nl:6374
 |
 |This did not work aswell.. :(
 |
 |Log:
 |
 |
 |02/14 15:54:14.66 [26793] 1+0: PATH:
 |ftp://-:21!localhost:15555!localhost:38977!anonymous@localhost;1297695254
 |02/14 15:54:14.67 [26793] 1+0: FTP server ftp://-:21/
 |02/14 15:54:14.67 [26793] 1+0: *** / => file://localhost/-stab-/ ***
 |02/14 15:54:14.67 [26793] 1+0: MOUNTED-TO-STAB: file://localhost/-stab-/
 |02/14 15:54:14.67 [26793] 1+0: -- putBuiltinHTML: empty
 |ftp-banner-postfix.dhtml
 |02/14 15:54:14.67 [26793] 1+0: bind_insock(20,127.0.0.1,0) = 0, errno=0
 |02/14 15:54:14.67 [26793] 1+0: ### IDENT CONNECT(localhost:113)
 |TIMEOUT(1000ms) (111)
 |02/14 15:54:14.67 [26793] 1+0: #### no authorization required
 |02/14 15:54:35.08 [26793] 1+0/1: FTP LOGIN FROM localhost TO
 |USER@belastingdienst..nl
 |02/14 15:54:35.08 [26793] 1+0/1: rewritten to: CWD
 |//USER@belastingdienst..nl:6374^M
 |02/14 15:54:40.11 [26793] 1+0/2: mkdirShared FALED errno=17:
 |/var/lib/nobody/delegate/tmp
 |02/14 15:54:40.11 [26793] 1+0/2: mkdirShared FALED errno=17:
 |/var/lib/nobody/delegate/tmp/resolvy
 |02/14 15:54:40.11 [26793] 1+0/2: mkdirShared FALED errno=13:
 |/var/lib/nobody/delegate/tmp/resolvy/6e0305ceb7615a1ca5bc442eddb71187
 |02/14 15:54:40.11 [26793] 1+0/2: mkdirShared FALED errno=13:
 |/var/lib/nobody/delegate/tmp/resolvy/6e0305ceb7615a1ca5bc442eddb71187/byname
 |02/14 15:54:40.11 [26793] 1+0/2: {R} CACHE cannot create:
 |/var/lib/nobody/delegate/tmp/resolvy/6e0305ceb7615a1ca5bc442eddb71187/byname/1d
 |02/14 15:54:40.11 [26793] 1+0/2: FTP LOGIN FROM localhost TO
 |USER@belastingdienst..nl
 |02/14 15:54:40.11 [26793] 1+0/2: PATH:
 |ftp://ftpsconfpub.belastingdienst.nl:6374!localhost:15555!localhost:38977!anonymous@localhost;1297695254
 |02/14 15:54:40.12 [26793] 1+0/2: FTP server
 |ftp://ftpsconfpub.belastingdienst.nl:6374/
 |02/14 15:54:40.12 [26793] 1+0/2: FTPHOPS: 1 [11/35 - -1/-1]
 |02/14 15:54:40.12 [26793] 1+0/2: mkdirShared FALED errno=13:
 |/var/lib/nobody/delegate/act/servers/cc
 |02/14 15:54:40.12 [26793] 1+0/2: ConnectToServer:
 |DFLT=ftp://ftpsconfpub.belastingdienst.nl:6374 REAL=://:0
 |02/14 15:54:40.14 [26793] 1+0/2: ConnectToServer connected [21]
 |{85.159.100.161:6374 <- 172.30.30.20:41751} [0.021s]
 |02/14 15:54:40.14 [26793] 1+0/2: willSTLS_SV[ftp]: ServerFlags=0 BFFE3000
 |02/14 15:54:40.16 [26793] 1+0/2: ## SSLway connect failed
 |26793:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
 |protocol:s23_clnt.c:475:
 |02/14 15:54:40.16 [26793] 1+0/2: builtin-SSLway: ssl_conn() failed
 |02/14 15:54:40.16 [26793] 1+0/2: ## SSLway ## cleared the cache(0) on CON
 |error
 |[26793] SSLway ## cleared the cache(0) on CON error
 |(UNIX) 15:54:40.163 [26793] --E-SSLway ErrFin [22 26 27]{rdy=-1 sta=0}
 |02/14 15:54:40.16 [26793] 1+0/2: --pushPFilter (/ftp) tid=DBB0 [21][22] 0
 |BFFE3000
 |02/14 15:54:40.17 [26793] 1+0/2: inherited AsProxy: 10000
 |02/14 15:54:40.17 [26793] 1+0/2: FTP-SERVER: 421 connection closed by
 |server^M
 |02/14 15:54:40.17 [26793] 1+0/2: closed from the server [PASS]
 |02/14 15:54:40.17 [26793] 1+0/2: resetServ 0 0 8428A08 [B7DB2080 B7C3DBB0
 |0] 8[21 21 -1 23 21]1 [35 20483]1
 |02/14 15:54:40.17 [26793] 1+0/2: disconnected [35]
 |-@[127.0.0.1]localhost:38977 (25.511s)(-1)
 |02/14 15:54:40.17 [26793] 1+0/2: #Sig/CSC finish 384 346 P2 R0 E0 {2 r0
 |t0} 0/0/1
 |
 |
 |Any idear what I am doing wrong here? My two commands are completly
 |different, for me it looks like delegate is doing only explicit TLS and
 |not SSL :(
 |
 |Any help would be appreciated.
 |Stefanero

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V