none
FtpWebRequest TLS session of data connection has not resumed or the session does not match the control connection RRS feed

  • Question

  • Does FtpWebRequest support TLS session resumption? I can't find the straight answer regarding FtpWebRequest. I am using: .NET 4.5.2, SSL and server require TLS session resumption, without it, I can't upload multiple files at once.
    Sunday, April 1, 2018 1:46 AM

All replies

  • There is a bug in Microsoft's TLS Session Resumption that was fixed a couple of months ago:

    https://support.microsoft.com/en-us/help/3109853/microsoft-security-advisory-update-to-improve-tls-session-resumption-i

    This was detected on HTTPS (see this link), not FTP, but I suspect that in both cases they use internally the same implementation of Sockets, and therefore they would both be affected by the bug.

    I do not know if the patch linked above solves the problem with FtpWebRequest, but it's worth giving it a try.

    • Marked as answer by hbatrnek Monday, April 2, 2018 1:41 AM
    • Unmarked as answer by hbatrnek Monday, April 2, 2018 5:41 PM
    Sunday, April 1, 2018 4:09 PM
    Moderator
  • I have everything up to date and the issue is not resolved.

    When I turn off "Require TLS session resumption..." it works.

    Server log:

    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> Connected on port 21, sending welcome message...
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 220-FileZilla Server 0.9.60 beta
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 220 Please visit https://filezilla-project.org/
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> AUTH TLS
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 234 Using authentication type TLS
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> Connected on port 21, sending welcome message...
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 220-FileZilla Server 0.9.60 beta
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 220 Please visit https://filezilla-project.org/
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> AUTH TLS
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 234 Using authentication type TLS
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> TLS connection established
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> USER UserName
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 331 Password required for UserName
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> TLS connection established
    (000601)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> PASS **********
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 230 Logged on
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> USER UserName
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> 331 Password required for UserName
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PBSZ 0
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 200 PBSZ=0
    (000602)2.4.2018. 19:43:05 - (not logged in) (93.140.68.99)> PASS **********
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 230 Logged on
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PROT P
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 200 Protection level set to P
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PBSZ 0
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 200 PBSZ=0
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> OPTS utf8 on
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 202 UTF8 mode is always enabled. No need to send this command.
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PROT P
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 200 Protection level set to P
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PWD
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 257 "/" is current directory.
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> OPTS utf8 on
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 202 UTF8 mode is always enabled. No need to send this command.
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> TYPE I
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 200 Type set to I
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PWD
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 257 "/" is current directory.
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PASV
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 227 Entering Passive Mode (89,164,194,182,151,51)
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> TYPE I
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 200 Type set to I
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> PASV
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 227 Entering Passive Mode (89,164,194,182,246,195)
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> STOR Sindikat/Urudzbeni/IRA2017 35-POSL01-01_20180402194258217.pdf
    (000601)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 150 Opening data channel for file upload to server of "/Sindikat/Urudzbeni/IRA2017 35-POSL01-01_20180402194258217.pdf"
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> STOR Sindikat/Urudzbeni/IRA2017 120-POSL01-01_20180402194258422.pdf
    (000602)2.4.2018. 19:43:05 - UserName (93.140.68.99)> 150 Opening data channel for file upload to server of "/Sindikat/Urudzbeni/IRA2017 120-POSL01-01_20180402194258422.pdf"
    (000602)2.4.2018. 19:43:06 - UserName (93.140.68.99)> TLS connection for data connection established
    (000601)2.4.2018. 19:43:06 - UserName (93.140.68.99)> 450 TLS session of data connection has not resumed or the session does not match the control connection
    (000601)2.4.2018. 19:43:06 - UserName (93.140.68.99)> disconnected.
    (000603)2.4.2018. 19:43:06 - (not logged in) (93.140.68.99)> Connected on port 21, sending welcome message...
    (000603)2.4.2018. 19:43:06 - (not logged in) (93.140.68.99)> 220-FileZilla Server 0.9.60 beta
    (000603)2.4.2018. 19:43:06 - (not logged in) (93.140.68.99)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
    (000603)2.4.2018. 19:43:06 - (not logged in) (93.140.68.99)> 220 Please visit https://filezilla-project.org/

    Monday, April 2, 2018 5:48 PM
  • Are you looking into this?
    Thursday, April 5, 2018 9:24 AM
  • Not me, I do not have any further information. Maybe if someone from MS sees the message they might provide some insider info. Otherwise, I suggest that you repost the question indicating that you have already tried out this patch and it doesn't solve the issue. The new question is likely to gather more attention than a reply buried down an existing thread.
    Thursday, April 5, 2018 4:34 PM
    Moderator
  • Does FtpWebRequest support TLS session resumption? I can't find the straight answer regarding FtpWebRequest. I am using: .NET 4.5.2, SSL and server require TLS session resumption, without it, I can't upload multiple files at once.

    Hi,

    Hope the following link would do some help.

    Microsoft Shares Solutions for Windows TLS Failures, Timeouts

    Thursday, November 21, 2019 6:18 AM