6

I'm developing a FTP server in C#, I just finished implementing FTPS explicit mode functionality using SslStream class and everything goes almost ok.

I'm having problems using fileZilla > 3.0.11 as client. I google arround, and it seems that sslstream implementation does not close the connection properly. (not sending close_notify alert). Using WinScp, SmartFTP and lftp everithing works fine.

Any ideas or any other SSL library?

Or maybe some way to hardcode the close_notify alert and send it?

Concrete code example would be great!

Creating sslStream:

_sslStream = new SslStream(socket.GetStream());      
var _cert = new X509Certificate2(certPath,pass);    
_sslStream.AuthenticateAsServer(_cert);

Closing connections: 

_sslStream.Close();
socket.Close();
_sslStream = null;
socket = null;

FileZilla 3.6.0.2 Error log:

Response:   150 Opening data connection for LIST
Trace:  CFtpControlSocket::TransferParseResponse()
Trace:    code = 1
Trace:    state = 4
Trace:  CFtpControlSocket::SendNextCommand()
Trace:  CFtpControlSocket::TransferSend()
Trace:    state = 5
Trace:  CTlsSocket::OnRead()
Trace:  CTlsSocket::ContinueHandshake()
Trace:  TLS Handshake successful
Trace:  TLS Session resumed
Trace:  Cipher: AES-128-CBC, MAC: SHA1
Trace:  CTransferSocket::OnConnect
Trace:  CTransferSocket::OnReceive(), m_transferMode=0
Trace:  CTlsSocket::Failure(-110, 0)
Error:  GnuTLS error -110 in gnutls_record_recv: The TLS connection was non-properly terminated.
Error:  Could not read from transfer socket: ECONNABORTED - Connection aborted
Trace:  CTransferSocket::TransferEnd(3)
Trace:  CFtpControlSocket::TransferEnd()
Trace:  CTlsSocket::OnRead()
Trace:  CFtpControlSocket::OnReceive()
Response:   226 LIST successful.
Morvader
  • 2,317
  • 3
  • 31
  • 44
  • How are you closing the steam? Please show your code. – Polyfun Apr 02 '13 at 08:32
  • 1
    I just recalled - I had same problem with Filezilla when was implementing our FTPS server. Solved it by fixing SSL classes, however you have no this choise using SSL stream. So you can 1) ignore Filezilla 2) Submit a patch to GnuTLS which will ignore this error :) 3) Open a case somewhere on Microsoft forums - this behavior is not standard-compliant, since RFC clearly requires "Each party is required to send a close_notify alert before closing the write side of the connection." – Nickolay Olshevsky Apr 11 '13 at 09:54
  • Same problem here, did you ever found a working solution? – Joannes Vermorel May 24 '13 at 19:10

4 Answers4

5

I think, you have a real reason to re-invent the wheel. Already there are libraries which implements FTPS server in C#/.NET, like SecureBlackbox (however, it is commercial).

Eugene Mayevski 'Callback
  • 45,135
  • 8
  • 71
  • 121
Nickolay Olshevsky
  • 13,706
  • 1
  • 34
  • 48
3

Please have a look at a workaround I posted here. It would be great if all together we could make this workaround better.

Community
  • 1
  • 1
Neco
  • 539
  • 4
  • 10
0

What happens if you call Shutdown on the Socket before closing it?

socket.Shutdown(SocketShutdown.Both);
CSharpie
  • 9,195
  • 4
  • 44
  • 71
0

How about

_sslStream.Dispose();

I'm wondering if the Dispose method handles the close_notify.

Rots
  • 5,506
  • 3
  • 43
  • 51