FlashFXP 4.0 RC 1 Use this forum to ask questions, make suggestions, or provide feedback for FlashFXP 4.0 RC 1. |
07-29-2010, 08:10 PM
|
#1
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
Error connecting site.
Hi,
I can connect a site (over proxy socks & SSL/TLS Auth) with version 3.x but with version 4.0 (with the same exact settings from v3.x) won't connect:
[R] Connection failed (Connection lost)
I think it's one more issue/bug with proxy socks connections with SSL/TLS Auth.
Other thing i noticed that is happening is this error message connecting to proxy socks (all sites):
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
But the proxy connections works just fine in all sites. I verify the IP that's connecting to the sites and its the one from the proxy socks server, so it's working ok. Why it shows "[R] Error: Connected to x.x.x.x:xxxx" ?
Last edited by hggomes; 07-29-2010 at 08:23 PM.
|
|
|
07-29-2010, 08:54 PM
|
#2
|
FlashFXP Developer
FlashFXP Administrator ioFTPD Beta Tester
Join Date: Oct 2001
Posts: 8,012
|
I'm not really sure, can you please include the entire session log so i can see the order of the commands and exactly when the error occurs.
I tested several different SOCKS proxies and they all worked fine for me in the latest build.
|
|
|
07-29-2010, 09:09 PM
|
#3
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
v3:
[R] Connecting to x via Proxy -> IP=x PORT=x
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] SOCKS: Connected to x.x.x.x:xxxx
[R] Connected to x via Proxy
[R] AUTH TLS
[R] 234 AUTH TLS successful
[R] Connected. Negotiating TLSv1 session..
[R] TLSv1 negotiation successful...
[R] TLSv1 encrypted session using cipher DHE-DSS-AES256-SHA (256 bits)
[R] PBSZ 0
[R] 200 PBSZ 0 successful
[R] USER x
[R] 331 Password required for x.
[R] PASS (hidden)
[R] 230 User x logged in.
[R] SYST
[R] 215 UNIX Type: L8
[R] FEAT
[R] 211- Extensions supported:
[R] AUTH TLS
[R] AUTH SSL
[R] PBSZ
[R] PROT
[R] CPSV
[R] SSCN
[R] MDTM
[R] SIZE
[R] REST STREAM
[R] SYST
[R] 211 END
[R] PWD
[R] 257 "/" is current directory.
[R] TYPE A
[R] 200 Type set to A.
[R] PROT P
[R] 200 Protection set to Private
[R] PASV
[R] 227 Entering Passive Mode (x,x,x,x,182,9)
[R] Opening data connection via Proxy
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] SOCKS: Connected to x.x.x.x:xxxx
[R] LIST -al
[R] Connected. Negotiating TLSv1 session..
[R] 150 Opening ASCII mode data connection for directory listing using SSL/TLS.
[R] TLSv1 negotiation successful...
[R] TLSv1 encrypted session using cipher DHE-DSS-AES256-SHA (256 bits)
v4:
[R] Connecting to x via Proxy -> IP=x PORT=xxxx
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
[R] Connected to x via Proxy
[R] Connection failed (Connection lost)
PS: Using the same proxy socks with other sites (SSL/TLS Auth or not) works ok, it's only with one site.
Why it shows always "[R] Error: Connected to x.x.x.x:xxxx" in v4 when using proxy socks? It apears but it connects to proxy socks just fine...
Last edited by hggomes; 07-29-2010 at 09:18 PM.
|
|
|
07-29-2010, 09:20 PM
|
#4
|
FlashFXP Developer
FlashFXP Administrator ioFTPD Beta Tester
Join Date: Oct 2001
Posts: 8,012
|
I just examined the source code and the line that reads "[R] Error: Connected to x.x.x.x:xxxx" is incorrect it should display "[R] SOCKS: Connected to x.x.x.x:xxxx"
What version of OpenSSL is FlashFXP v3 and v4 using? If you backup the OpenSSL dlls in v4 and replace them with the ones from v3 does it work?
OpenSSL v1.0 added some new security measures that can cause problems connecting to some sites, this is what caused SOCKS to break in v4.0 but I tweaked the OpenSSL options enough to get it working again, perhaps the changes I made weren't enough to get it working with all servers/proxies.
If the OpenSSL dlls from v3 work then the internal OpenSSL options will need to be tweaked, however without having every socks and ftp server software available for testing its very difficult to test every combination, I am only able to test what I have.
These settings cant be tweaked by the end user.
|
|
|
07-29-2010, 09:33 PM
|
#5
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
I tried all kind of combinations with OpenSSL, all versions on both, always the same... It's not a problem with versions of OpenSSL i can assure you. Whatever the version of OpenSSL i use in v3 it always works and doing the same with v4 it always show the same message:
[R] Connecting to x via Proxy -> IP=x PORT=xxxx
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
[R] Connected to x via Proxy
[R] Connection failed (Connection lost)
I know why this happen, if i connect without proxy socks to this site with v3 i will receive this message:
[R] Connecting to x -> IP=x.x.x.x PORT=xxxx
[R] Connected to x
[R] Connection failed (Connection lost)
That's because the server only allows logins connected to the proxy socks, that explains why the same message appears in v4 with the proxy socks. But even more strange if i connect without socks in v4 it shows this:
[R] Unable to resolve host: x.x.x.x
Something is wrong here (v4) i can tell the server is running glFTPD v2.01 (last stable)
Other sites are all working ok, but it always shows the same message when connecting to socks:
[R] Connecting to x via Proxy -> IP=x PORT=xxxx
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
The "strange" thing here is that appears the IP of the socks server on the sites i enter, that means the socks connection was made. But the proof that sock connection is not working at 100% is the error log and that im unable to connect to the site that requires socks connection.
Last edited by hggomes; 07-29-2010 at 10:12 PM.
|
|
|
07-30-2010, 08:00 AM
|
#6
|
FlashFXP Developer
FlashFXP Administrator ioFTPD Beta Tester
Join Date: Oct 2001
Posts: 8,012
|
I am unable to test glFTPD but I don't see why it wouldn't work.
You could try using wireshark http://www.wireshark.org/ to analyze the connection to see what data is being sent/received and perhaps compare the results with v3, without having your exact configuration, proxy, ftp server, its going to be extremely difficult for me to determine the exact cause.
I will continue to investigate this issue but at the moment I've hit a dead end.
|
|
|
07-30-2010, 10:39 AM
|
#7
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
I've made a few tests and my conclusion is that something is going on with v4.
In my case i can say there exist two problems, the first one is when i connect with proxy socks and the second one is when connecting to glFTPD server.
The proxy socks are machines running SSH servers, i connect to them making a ssh tunnel and then i use it in Flashfxp. I've never have problems in any of them with v3, with v4 i cannot connect without:
[R] Connecting to x via Proxy -> IP=x PORT=xxxx
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
Here is the Wireshark capture when connecting to glFTPD without socks in v4:
[R] Unable to resolve host: x.x.x.x
<removed by bigstar>
Last edited by bigstar; 07-31-2010 at 01:10 PM.
|
|
|
07-30-2010, 12:38 PM
|
#8
|
FlashFXP Developer
FlashFXP Administrator ioFTPD Beta Tester
Join Date: Oct 2001
Posts: 8,012
|
As I previously stated the first bit is simply a textual mistake
[R] Connecting to x via Proxy -> IP=x PORT=xxxx
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
The word "Error" is using the wrong text, it should be using "SOCKS" so in this case everything is fine up until this point. It doesn't effect anything other than showing the wrong word.
This error seems different than the original one you reported, where in this case the dns lookup failed, where in the last log you showed me a connection failed error.
If the dns lookup fails this behavior is correct.
|
|
|
07-30-2010, 12:48 PM
|
#9
|
FlashFXP Developer
FlashFXP Administrator ioFTPD Beta Tester
Join Date: Oct 2001
Posts: 8,012
|
Right click on the session status window and enable timestamps.
How much time elapses between each of the status messages?
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
[R] Connected to x via Proxy
[R] Connection failed (Connection lost)
In the Preferences > Connection section make sure your connection timeout is high enough, if the value is too low it can result is this error.
I think we really need a wireshark capture of when this specific error occurs.
|
|
|
07-30-2010, 12:52 PM
|
#10
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
But in v3 all works fine, it doesn't exist "textual mistake" or "dns lookup fail".
"This error seems different than the original one you reported, where in this case the dns lookup failed, where in the last log you showed me a connection failed error."
Maybe you haven't understand:
Connecting to glFTPD server:
v3 with socks
=========
[R] Connecting to x via Proxy -> IP=x PORT=x
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] SOCKS: Connected to x.x.x.x:xxxx
[R] Connected to x via Proxy
[R] AUTH TLS
[R] 234 AUTH TLS successful
[R] Connected. Negotiating TLSv1 session..
[R] TLSv1 negotiation successful...
[R] TLSv1 encrypted session using cipher DHE-DSS-AES256-SHA (256 bits)
[R] PBSZ 0
[R] 200 PBSZ 0 successful
[R] USER x
[R] 331 Password required for x.
[R] PASS (hidden)
[R] 230 User x logged in.
[R] SYST
[R] 215 UNIX Type: L8
[R] FEAT
[R] 211- Extensions supported:
[R] AUTH TLS
[R] AUTH SSL
[R] PBSZ
[R] PROT
[R] CPSV
[R] SSCN
[R] MDTM
[R] SIZE
[R] REST STREAM
[R] SYST
[R] 211 END
[R] PWD
[R] 257 "/" is current directory.
[R] TYPE A
[R] 200 Type set to A.
[R] PROT P
[R] 200 Protection set to Private
[R] PASV
[R] 227 Entering Passive Mode (x,x,x,x,182,9)
[R] Opening data connection via Proxy
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] SOCKS: Connected to x.x.x.x:xxxx
[R] LIST -al
[R] Connected. Negotiating TLSv1 session..
[R] 150 Opening ASCII mode data connection for directory listing using SSL/TLS.
[R] TLSv1 negotiation successful...
[R] TLSv1 encrypted session using cipher DHE-DSS-AES256-SHA (256 bits)
v3 without socks
===========
[R] Connecting to x -> IP=x.x.x.x PORT=xxxx
[R] Connected to x
[R] Connection failed (Connection lost)
This is perfectly normal cause server only allows logins via socks.
v4 with socks
=========
[R] Connecting to x via Proxy -> IP=x PORT=xxxx
[R] SOCKS: Connecting to x.x.x.x:xxxx
[R] Error: Connected to x.x.x.x:xxxx
[R] Connected to x via Proxy
[R] Connection failed (Connection lost)
v4 without socks
===========
[R] Unable to resolve host: x.x.x.x
I'm sorry but i don't think the behavior is correct, it should be the same as v3.
Last edited by hggomes; 07-30-2010 at 01:13 PM.
|
|
|
07-30-2010, 01:01 PM
|
#11
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
The connection timeout is 40 seconds, same as v3.
Timestamps ON
with socks:
=======
[18:55:17] [R] Connecting to x via Proxy -> IP=x.x.x.x PORT=xxxx
[18:55:17] [R] SOCKS: Connecting to x.x.x.x:xxxx
[18:55:17] [R] Error: Connected to x.x.x.x:xxxx
[18:55:17] [R] Connected to x via Proxy
[18:55:17] [R] Connection failed (Connection lost)
[18:55:17] [R] Delaying for 20 seconds before reconnect attempt #1
without socks:
=========
[18:58:53] [R] Unable to resolve host: x.x.x.x
Last edited by hggomes; 07-30-2010 at 01:24 PM.
|
|
|
07-30-2010, 01:32 PM
|
#12
|
FlashFXP Developer
FlashFXP Administrator ioFTPD Beta Tester
Join Date: Oct 2001
Posts: 8,012
|
I understand but what I am asking for is the wireshark info from v4 using a proxy connecting to glFTPD.
What you provided was v4 without a proxy.
The socks routine in v4 is identical to that of v3, which leads me to believe something else within FlashFXP is causing the problem, however since I can't reproduce the problem its impossible to know whats wrong.
Does it make any difference if you try connecting to the site via the IP rather than the host name?
|
|
|
07-30-2010, 01:37 PM
|
#13
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
Ok, i will reproduce the problem with socks in v4 and capture it with Wireshark for you.
I only connect to the server via IP, it doesn't have a hostname/dns.
|
|
|
07-30-2010, 01:59 PM
|
#14
|
Junior Member
FlashFXP Beta Tester
Join Date: Jan 2010
Posts: 25
|
The Wireshark capture in v4 with socks is very identical:
<removed by bigstar>
Last edited by bigstar; 07-31-2010 at 01:10 PM.
|
|
|
07-30-2010, 06:24 PM
|
#15
|
FlashFXP Developer
FlashFXP Administrator ioFTPD Beta Tester
Join Date: Oct 2001
Posts: 8,012
|
I had a beta tester set me up with a glftpd server for testing, using my socks proxy I was able to connect using SSL/TLS without any issue.
Perhaps the problem is with the proxy server, do you know what software it uses?
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -5. The time now is 08:29 AM.
|