|
|
|
date: Thu, 26 Jun 2008 13:03:00 -0700 (PDT),
group: microsoft.public.dotnet.security
back
Problem with SslStream for data connection for FTP
Hello,
I'm trying do FTP over SSL and am running into a problem on the data
connection (control connection is working fine).
When logging in I first issue the AUTH TLS command on non-SSL
connection, then create a new SslStream, and use that to
AuthenticateAsClient, that works and then I issue the PBSZ 0 and PROT
P commands before sending the USER/PASS commands.
So far, so good. But when I try to do something that will requires
the data connection, I can't make it...
I issue the PASV command, get the ip and port and use that to create a
TcpClient passing it the ipAddress, port (just as I do when creating
the command connection).
Dim oDataClient As TcpClient = New TcpClient(ipAddress, port)
Dim sslStream As SslStream = New
SslStream(oDataClient.GetStream(), False, cbDelegate, Nothing)
' above works
sslStream.AuthenticateAsClient(ipAddress) ' this hangs
Does anyone have any idea as to why the call to AuthenicateAsClient is
hanging? My validation routine isn't getting called (it currently
does nothing but return true anyway).
--
J. Moreno
date: Thu, 26 Jun 2008 13:03:00 -0700 (PDT)
author: unknown
Re: Problem with SslStream for data connection for FTP
Your validation routine is returning true, but it is also accepting all
certificates.
Now that you have accepted all certificates on your stream, you just need to
validate with the protocol that is in the certificate.
Since you accepted all, just send all protocols to the AuthenticateAsClient
C#
SslStream.AuthenticateAsClient("", null,
System.Security.Authentication.SslProtocols.Ssl2 |
System.Security.Authentication.SslProtocols.Ssl3 |
System.Security.Authentication.SslProtocols.Tls, false);
and you should be fine
wrote in message
news:07413061-d2e1-4690-ab67-7951175c75e5@y22g2000prd.googlegroups.com...
> Hello,
>
> I'm trying do FTP over SSL and am running into a problem on the data
> connection (control connection is working fine).
>
> When logging in I first issue the AUTH TLS command on non-SSL
> connection, then create a new SslStream, and use that to
> AuthenticateAsClient, that works and then I issue the PBSZ 0 and PROT
> P commands before sending the USER/PASS commands.
>
> So far, so good. But when I try to do something that will requires
> the data connection, I can't make it...
>
> I issue the PASV command, get the ip and port and use that to create a
> TcpClient passing it the ipAddress, port (just as I do when creating
> the command connection).
>
> Dim oDataClient As TcpClient = New TcpClient(ipAddress, port)
> Dim sslStream As SslStream = New
> SslStream(oDataClient.GetStream(), False, cbDelegate, Nothing)
>
> ' above works
> sslStream.AuthenticateAsClient(ipAddress) ' this hangs
>
> Does anyone have any idea as to why the call to AuthenicateAsClient is
> hanging? My validation routine isn't getting called (it currently
> does nothing but return true anyway).
>
> --
> J. Moreno
date: Sat, 28 Jun 2008 11:20:00 -0400
author: EradicusMax
|
|
