Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
2.2, 3.0
-
None
-
None
-
ProFTPD 1.3.3d on SUSE Linux Enterprise Server 10.1 32bit, Kernel 2.6.16.46-0.12-default (config file attached)
ProFTPD 1.3.3d on OpenSUSE 64bit Linux 2.6.34.8-0.2-desktop
Java 1.5
Description
I have a problem with the FTPClient connecting to a ProFTPD server.
If the server uses the configuration option "TLSProtocol TLSv1", I
cannot connect to it at all. I recieve the following error message:
- javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection
On the server side I see in the log:
unable to accept TLS connection: protocol error:
- (1) error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
certificate unknown - TLS/TLS-C negotiation failed on control channel
If the server uses the configuration option "TLSProtocol SSLv23", I
can connect to it but I cant transfer any files. In the server log I
see:
- starting TLS negotiation on data connection
- TLSv1/SSLv3 renegotiation accepted, using cipher RC4-MD5 (128 bits)
- client did not reuse SSL session, rejecting data connection (see
TLSOption NoSessionReuseRequired) - unable to open data connection: TLS negotiation failed
If I add the NoSessionReuseRequired parameter to the ProFTPD config
everything works fine.
Here is my code:
FTPClient ftpClient = new FTPClient();
ftpClient = new FTPSClient("TLS");
// this throws an exception with TLSProtocol TLSv1
ftpClient.connect(host, port);
int reply = ftpClient.getReplyCode();
if (!FTPReply.isPositiveCompletion(reply))
boolean loginSuccessful = ftpClient.login(userName, password);
if (!loginSuccessful)
ftpClient.execPBSZ(0);
ftpClient.execPROT("P");
boolean success = ftpClient.storeFile(fileName, fis);
if (!success)
Now my question is if it is generally possible to connect to a server
with "TLSProtocol TLSv1" or "TLSProtocol SSLv23" without the
"NoSessionReuseRequired" parameter? Could someone provide a piece of
example code for this?
