SSL\TLS Problem

Apr 15, 2014 at 8:37 AM
Hey,
I'm made a setup of FTP server (based on ubuntu\vsftpd).

I'm connecting this ftp server from the internet, so I'm activated the SSL security feature in the server.

In order to check that everything is OK, I'm made a test with FileZila -> it's working.
Log (from FileZilla):
Status: Connecting to ****:21...
Status: Connection established, waiting for welcome message...
Response:   220 (vsFTPd 3.0.2)
Command:    AUTH TLS
Response:   234 Proceed with negotiation.
Status: Initializing TLS...
Status: Verifying certificate...
Command:    USER ****
Status: TLS/SSL connection established.
Response:   331 Please specify the password.
Command:    PASS ********
Response:   230 Login successful.
Command:    SYST
Response:   215 UNIX Type: L8
Command:    FEAT
Response:   211-Features:
Response:    AUTH SSL
Response:    AUTH TLS
Response:    EPRT
Response:    EPSV
Response:    MDTM
Response:    PASV
Response:    PBSZ
Response:    PROT
Response:    REST STREAM
Response:    SIZE
Response:    TVFS
Response:    UTF8
Response:   211 End
Command:    OPTS UTF8 ON
Response:   200 Always in UTF8 mode.
Command:    PBSZ 0
Response:   200 PBSZ set to 0.
Command:    PROT P
Response:   200 PROT now Private.
Status: Connected
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/home/****"
Command:    TYPE I
Response:   200 Switching to Binary mode.
Command:    PASV
Response:   227 Entering Passive Mode (*,*,*,*,*,*).
Command:    LIST
Response:   150 Here comes the directory listing.
Response:   226 Directory send OK.
Status: Directory listing successful
Going back to my C# code...
I'm trying to connect my server with the following code:
public PageDownloader()
        {
            this.Client = new FtpClient();
            this.Client.Host = FTP_HOST;
            this.Client.Port = 21;
            this.Client.Credentials = new NetworkCredential(FTP_USER, FTP_PASS);
            this.Client.DataConnectionType = FtpDataConnectionType.AutoActive;
            this.Client.EncryptionMode = FtpEncryptionMode.Explicit;
            this.Client.ValidateCertificate += Client_ValidateCertificate;
            this.Client.Connect(); // Exception- System.TimeoutException: Timed out trying to connect!
        }

        void Client_ValidateCertificate(FtpClient control, FtpSslValidationEventArgs e)
        {
            // Never rich here
            e.Accept = true; // Allow all - just for testing...
        }
I'm got this exception:
System.TimeoutException: Timed out trying to connect!
   at System.Net.FtpClient.FtpSocketStream.Connect(String host, Int32 port, FtpIpVersion ipVersions)
   at System.Net.FtpClient.FtpClient.Connect()
Someone know why it's happen? Why I'm should check?

Thank you for help
Coordinator
Apr 15, 2014 at 12:49 PM
Use passive instead of active for the data channel.

Sent from my iPhone

Coordinator
Apr 15, 2014 at 1:56 PM
Also enable transaction logging in System.Net.FtpClient to see what it's really doing.

Apr 15, 2014 at 5:54 PM
Hello,
I'm change to Passive mode - same problem.

I'm enabled trace:
        static void Main()
        {
            FtpTrace.AddListener(new ConsoleTraceListener());
            // previous code here
        }
But, nothing is printed to the screen. Huh?
Apr 16, 2014 at 8:16 AM
Edited Apr 16, 2014 at 10:29 AM

Update1:

I'm disabled the SSL\TLS security in the server. Check connection with filezilla ("Use plain FTP") - it's working.

Come back to my c# code and run this code:
FtpTrace.AddListener(new ConsoleTraceListener());
var ftpClient = new System.Net.FtpClient.FtpClient
{
    Host = "*.*.*.*",
    Credentials = new NetworkCredential("*****", "*****")
};
ftpClient.Connect();
And, it's not working. same problem.
So, the problem is not related to SSL\TLS!

The ftp-trace is activated - but nothing printed to the screen.

Update2:

In order to check if the server send responses to the client, I'm disabled the credintials line. So, my client should failed in this case (no user\pass provided).
This is the code:
FtpTrace.AddListener(new ConsoleTraceListener());
var ftpClient = new System.Net.FtpClient.FtpClient
{
    Host = "*.*.*.*"
};
ftpClient.Connect();
Result: "Additional information: No credentials have been specified"
So, we can understand that our code got error from server (server is sending responses).

Update3:

I'm also updated to latest version of the library (via NuGet).

Update4:

Tryed to connect another ftp server. Same code, it's working.
So, maybe it's depends on my ftp server configuration.

I'm using ftp server based on vsftpd.
This is my server configuration:
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
dirmessage_enable=NO
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
secure_chroot_dir=/var/run/vsftpd/empty
pam_service_name=vsftpd

seccomp_sandbox=NO

connect_from_port_20=YES
pasv_enable=YES
pasv_addr_resolve=YES
pasv_address=23.97.167.194
pasv_min_port=4242
pasv_max_port=4243

anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_world_readable_only=NO
Can you find here problems?
Apr 16, 2014 at 10:34 AM
Solved.

It's probably depends on my ftp server application - vsftpd.

restart the server and it's working.

Thanks for help.