FTPS throwing exception - An existing connection was forcibly closed by the remote host

[kanikantik]

Hi,

I am using Cerberus FTP server on Azure VM. When I user Filezilla client to connect to server over FTPS its working fine.

When I use the below code it is throwing the error mentioned in the subject line using (var ftpClient = new FtpClient(FtpProtocol.FtpS,"xx.xx.xxx.xx",990, new NetworkCredential("tenantuser1","tenantuser1"))) { IEnumerable files = ftpClient.ListEntries("/"); } Here is the stack trace

at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation) at ArxOne.Ftp.FtpSession.UpgradeToSsl(Stream stream) at ArxOne.Ftp.FtpSession.CreateDataStream(Socket socket) at ArxOne.Ftp.IO.FtpPassiveStream.SetSocket(Socket socket) at ArxOne.Ftp.IO.FtpPassiveStream..ctor(Socket socket, FtpSession session) at ArxOne.Ftp.FtpSession.OpenDirectPassiveDataStream(String host, Int32 port, TimeSpan connectTimeout, TimeSpan readWriteTimeout) at ArxOne.Ftp.FtpSession.OpenPassiveDataStream(TimeSpan connectTimeout, TimeSpan readWriteTimeout) at ArxOne.Ftp.FtpSession.OpenDataStream(Boolean passive, TimeSpan connectTimeout, TimeSpan readWriteTimeout, FtpTransferMode mode) at ArxOne.Ftp.FtpClientUtility.OpenDataStream(FtpSession session, FtpTransferMode mode) at ArxOne.Ftp.FtpClientUtility.ProcessList(FtpSession session, FtpPath path) at ArxOne.Ftp.FtpClientUtility.<>c__DisplayClass1_0.b__0(FtpSession handle) at ArxOne.Ftp.FtpClient.Process[TResult](Func`2 action, FtpSession session) at ArxOne.Ftp.FtpClientUtility.List(FtpClient ftpClient, FtpPath path) at ArxOne.Ftp.FtpClientUtility.ListEntries(FtpClient ftpClient, FtpPath path) at FTPTestAppConsole.Program.DownloadDirectory(FtpClient client, String source, String destination) in c:\Users\kkanikanti\Documents\Visual Studio 2013\Projects\FTPTestApp\FTPTestAppConsole\Program.cs:line 29 at FTPTestAppConsole.Program.Main(String[] args) in c:\Users\kkanikanti\Documents\Visual Studio 2013\Projects\FTPTestApp\FTPTestAppConsole\Program.cs:line 23 at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args) at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args) at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly() at System.Threading.ThreadHelper.ThreadStart_Context(Object state) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Threading.ThreadHelper.ThreadStart()

Let me know if I have to specify any certificate for FTPS.

Thanks, Krishna Priya

[kanikantik]

Here is the log from Cerberus FTP server....with the above code 2016/02/24 11:56:08 [43122] USER tenantuser1 2016/02/24 11:56:08 [43122] 331 User tenantuser1, password please
2016/02/24 11:56:09 [43122] PASS *** 2016/02/24 11:56:09 [43122] Native user 'tenantuser1' authenticated 2016/02/24 11:56:09 [43122] [tenantuser1] 230 Password Ok, User logged in
2016/02/24 11:56:09 [43122] [tenantuser1] FEAT 2016/02/24 11:56:09 [43122] [tenantuser1] 211- Additional features supported include: MDTM MFCT MFMT SIZE REST STREAM AUTH TLS AUTH SSL PBSZ EPRT EPSV XCRC XSHA1 XSHA256 XSHA512 XMD5 HASH SHA-256;SHA-512;SHA-1;MD5 PROT LANG EN SITE PSWD SITE ZONE SITE UTIME MODE Z ZLIB(LEVEL) MLST Type;Size;Modify;Create; CLNT CSID RMDA UTF8 211 End
2016/02/24 11:56:09 [43122] [tenantuser1] PROT P 2016/02/24 11:56:09 [43122] [tenantuser1] 200 PROT P OK, data channel will be secured
2016/02/24 11:56:09 [43122] [tenantuser1] TYPE I 2016/02/24 11:56:09 [43122] [tenantuser1] 200 Type Binary
2016/02/24 11:56:10 [43122] [tenantuser1] EPSV 2016/02/24 11:56:10 [43122] [tenantuser1] 229 Entering Extended Passive Mode (|||60002|)
2016/02/24 11:58:12 [43122] Connection timed out - Shutting down connection... 2016/02/24 11:58:13 [43122] Connection terminated 2016/02/24 12:00:13 [43123] Incoming connection request on FTPS interface 25 at 100.109.212.23 and here is the log with Filezilla client

2016/02/24 12:12:48 [43124] [tenantuser1] 211- Additional features supported include: MDTM MFCT MFMT SIZE REST STREAM AUTH TLS AUTH SSL PBSZ EPRT EPSV XCRC XSHA1 XSHA256 XSHA512 XMD5 HASH SHA-256;SHA-512;SHA-1;MD5 PROT LANG EN SITE PSWD SITE ZONE SITE UTIME MODE Z ZLIB(LEVEL) MLST Type;Size;Modify;Create; CLNT CSID RMDA UTF8 211 End
2016/02/24 12:12:49 [43124] [tenantuser1] CLNT FileZilla 2016/02/24 12:12:49 [43124] [tenantuser1] 200 Command okay
2016/02/24 12:12:49 [43124] [tenantuser1] OPTS UTF8 ON 2016/02/24 12:12:49 [43124] [tenantuser1] 200 UTF8 support on
2016/02/24 12:12:49 [43124] [tenantuser1] PBSZ 0 2016/02/24 12:12:49 [43124] [tenantuser1] 200 PBSZ=0
2016/02/24 12:12:49 [43124] [tenantuser1] PROT P 2016/02/24 12:12:49 [43124] [tenantuser1] 200 PROT P OK, data channel will be secured
2016/02/24 12:12:50 [43124] [tenantuser1] PWD 2016/02/24 12:12:50 [43124] [tenantuser1] 257 "/" is the current directory
2016/02/24 12:12:50 [43124] [tenantuser1] TYPE I 2016/02/24 12:12:50 [43124] [tenantuser1] 200 Type Binary
2016/02/24 12:12:50 [43124] [tenantuser1] PASV 2016/02/24 12:12:50 [43124] [tenantuser1] 227 Entering Passive Mode (40,76,194,92,234,99)
2016/02/24 12:12:51 [43124] [tenantuser1] MLSD 2016/02/24 12:12:51 [43124] [tenantuser1] 150 Opening data connection
2016/02/24 12:12:51 [43124] SSL connection using TLSv1.2 (ECDHE-RSA-AES256-GCM-SHA384), 256 bit encryption 2016/02/24 12:12:51 [43124] SSL data connection established 2016/02/24 12:12:51 [43124] [tenantuser1] 226 Transfer complete
2016/02/24 12:14:36 [43124] The client closed the connection

[picrap]

I'll take a look at this shortly. Thanks for reporting the bug.

[picrap]

In version 1.9, I added a SslProtocols member in FtpClientParameters. If you set it to SslProtocols.Tls, your test may pass (I say 'may', because Cerberus is a bit complicated). Please note that currently a write passive stream fails (so a STOR won't work in FTPS).

[kanikantik]

When it(version 1.9) will be available through nugget ?. Is there any alternate solution you suggest?

[picrap]

It is available since at least 12 hours :wink: https://www.nuget.org/packages/ArxOne.Ftp/1.9.0