locked
Problem with FtpWebRequest and reusing ssl session RRS feed

  • Question

  • Hi

    I have problem with connection to FTP server if server uses SSL.

    Server FTP that I connect to requires reusing SSL session and it looks that my client doesn`t support this option because I have problem with connection.

    Server FTP is on Debian 5.0.6, vsftpd 2.0.1-7

    In my FtpWebRequest I set:

    KeepAlive = true;

           UsePassive = true;

           UseBinary = true;

           EnableSsl = true;

     

    Response if problem exists:

    Wed Nov  3 12:49:03 2010 [pid 19825] CONNECT: Client "10.10.6.158"
    Wed Nov  3 12:49:03 2010 [pid 19825] DEBUG: Client "10.10.6.158", "SSL version: TLSv1/SSLv3, SSL cipher: DES-CBC3-SHA, not reused, no cert"
    Wed Nov  3 12:49:03 2010 [pid 19824] [myadmin] OK LOGIN: Client "10.10.6.158"
    Wed Nov  3 12:49:03 2010 [pid 19826] [myadmin] DEBUG: Client "10.10.6.158", "SSL version: TLSv1/SSLv3, SSL cipher: DES-CBC3-SHA, not reused, no cert"
    Wed Nov  3 12:49:03 2010 [pid 19826] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: NONE"
    Wed Nov  3 12:49:03 2010 [pid 19826] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 12:49:03 2010 [pid 19826] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 12:49:03 2010 [pid 19826] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 12:49:03 2010 [pid 19826] [myadmin] DEBUG: Client "10.10.6.158", "SSL ret: 0, SSL error: error:00000000:lib(0):func(0):reason(0), errno: 0"
    Wed Nov  3 12:49:03 2010 [pid 19826] [myadmin] DEBUG: Client "10.10.6.158", "SSL_accept failed: error:140D9115:SSL routines:SSL_GET_PREV_SESSION:session id context uninitialized"
    Wed Nov  3 12:49:03 2010 [pid 19828] CONNECT: Client "10.10.6.158"
    Wed Nov  3 12:49:03 2010 [pid 19828] DEBUG: Client "10.10.6.158", "SSL version: TLSv1/SSLv3, SSL cipher: DES-CBC3-SHA, not reused, no cert"
    Wed Nov  3 12:49:03 2010 [pid 19827] [myadmin] OK LOGIN: Client "10.10.6.158"
    Wed Nov  3 12:49:03 2010 [pid 19829] [myadmin] DEBUG: Client "10.10.6.158", "SSL version: TLSv1/SSLv3, SSL cipher: DES-CBC3-SHA, not reused, no cert"
    Wed Nov  3 12:49:03 2010 [pid 19829] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: NONE"
    Wed Nov  3 12:49:03 2010 [pid 19829] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 12:49:03 2010 [pid 19829] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 12:49:03 2010 [pid 19829] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 12:49:03 2010 [pid 19829] [myadmin] DEBUG: Client "10.10.6.158", "SSL ret: 0, SSL error: error:00000000:lib(0):func(0):reason(0), errno: 0"
    Wed Nov  3 12:49:03 2010 [pid 19829] [myadmin] DEBUG: Client "10.10.6.158", "SSL_accept failed: error:140D9115:SSL routines:SSL_GET_PREV_SESSION:session id context uninitialized"

     

    Is there any way to force FtpWebRequest to use reusing SSL session?

    If I connect to server on Ubuntu (vsftpd 2.3.0~pre2-4ubuntu2)  that has in configuration line:

    require_ssl_reuse=NO everything is ok (vsftpd 2.0.1-7 always requires reusing SSL).

     

    Response, OK:

    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: NONE"
    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL ret: 4294967295, SSL error: error:00000000:lib(0):func(0):reason(0), errno: 0"
    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL version: TLSv1/SSLv3, SSL cipher: DES-CBC3-SHA, reused, no cert"
    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: NONE"
    Wed Nov  3 14:20:06 2010 [pid 2] [myadmin] DEBUG: Client "10.10.6.158", "SSL shutdown state is: SSL_SENT_SHUTDOWN"

     

     

    Regards

    Wednesday, November 3, 2010 1:26 PM