Go Back   FlashFXP Forums > >

Project: FlashFXP Bug Reports Ticket Tools
ID: 86 Category: General / Unknown
Title: SSL negotiation error on initial connection attempt after loading flashfxp Status: Closed (Fixed / Implemented)
Severity: Minor Version: 3.5.2 (3.6 RC 2)

Junior Member
spudgun
11-22-2007, 05:42 PM
SSL negotiation error on initial connection attempt after loading flashfxp

SSL handshake error that is present in 3.6 (RC 2) that isn't present in 3.4 final.

on 3.6. RC2 if you open flash and try to connect to a SSL enabled FTP you get the following error message

[R] 220 DrFTPD 2.0.4 http://drftpd.org
[R] AUTH SSL
[R] 234 AUTH SSL successful
[R] Connected. Negotiating SSL session..
[R] error:140773E8:SSL routines:SSL23_GET_SERVER_HELLO:reason(1000)
[R] Failed SSL negotiation, disconnected
[R] Connection failed (Connection closed by client)

For some strange reason, this only happens the very first time you try to connect after loading flashfxp and subsequent tries work fine. Also, if you go to a non-ssl enabled FTP first and then go to a SSL enabled one it works fine.

This error isn't present in version 3.4 final, but i need to run 3.6 RC2 as it introduces fixes for many vista specific issues (see my previous bug reports).

I've tried using the SSL .dll files from the 3.4 release to see if it is an issue with these, but they continue to produce the same error.
FlashFXP Developer
bigstar
12-02-2007, 01:47 PM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

I've had probably half a dozen people contact me regarding this issue with drFTPd and no one has been able to provide me access to a drFTPd where I can reproduce this error.

In the tests that I was able to perform the error never occurred.

I'm always looking for test servers to better understand this compatibility issue with drFTPd, In my research I've come across forums/websites of other ftp clients where this error was reported and that alone makes it more suspect that the ftp server is to blame.
Senior Member
DayCuts
12-03-2007, 12:04 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

I have access to a few servers running DrFTPd and have also been unable to reproduce this problem with RC2 (1216). Unfortunately i am unable to provide access to any of them for testing as they do not belong to me.

Is your upload busy when these errors occur? the only time i have ever encountered connection negotiation failure is when my upstream is too busy and causes the handshake to take too long which results in failure. However this have been irregardless of the type of ftp server.
Senior Member
ArtX
12-07-2007, 10:31 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

this is a setting in flashfxp, which is normaly triggered if you select secure uploads and downloads, and secure site to site - options under the SSL settings tab, only when those two options are checked do i get this issue and this is with glftpd
Senior Member
DayCuts
12-08-2007, 03:50 PM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

Are you sure that the 'site to site' option actually has any effect on weather or not you gat an error upon initial connection hankshake? becuase it shouldn't.

And the same question of busy upstream bandwidth applies.
Junior Member
spudgun
12-15-2007, 04:47 PM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

Just as an update on this, this is definetely a vista specific issue, as i've gone back to XP SP2 and i no longer get this problem, but if i use my dual boot to go into vista i get it every time on first site connect as described above
FlashFXP Developer
bigstar
12-16-2007, 08:27 PM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

I was able to confirm this behavior on Vista.

I've tested multiple ftp clients that use OpenSSL and they too exhibit the same behavior.

I've attempted to debug OpenSSL in FlashFXP and I do not see anything out of the ordinary, Basically the ftp server doesn't process the handshake and it fails.

There is no obvious reason why the next connection attempt works just fine.

I will continue to look into this problem.
Senior Member
DayCuts
12-17-2007, 09:13 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

It seems that this would be a compatibility issues between Vista and OpenSSL then, perhaps some sort of dll load/access issue.
Junior Member
stuwil
03-13-2008, 02:02 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

i run xp sp2 and this problem is happening on every connect
[R] error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
[R] Failed TLSv1 negotiation, disconnected
|R] 435 Failed TLS negotiation on data channel (using SSL_accept()), disconnected: Success.
[R] List Error

this makes flash 3.6 unusable for me,i switched back to 3.4 and have no problems at all connecting.
FlashFXP Developer
bigstar
03-13-2008, 08:13 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

Quote:
Originally Posted by stuwil
i run xp sp2 and this problem is happening on every connect
[R] error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
[R] Failed TLSv1 negotiation, disconnected
|R] 435 Failed TLS negotiation on data channel (using SSL_accept()), disconnected: Success.
[R] List Error

this makes flash 3.6 unusable for me,i switched back to 3.4 and have no problems at all connecting.
I think this issue is unrelated to the original bug report.

Can you please provide more of the ftp session log, as well as the name of ftp server software?
Junior Member
spudgun
05-28-2008, 02:32 PM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

Any update on this problem as it is still present in version 3.6.0?
Junior Member
spudgun
09-18-2008, 03:12 PM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

Any update on this issue, as it isn't included as a listed fix in the latest beta release
FlashFXP Developer
bigstar
09-19-2008, 05:49 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

I have not worked directly on this issue because I don't have a drFTPD server for testing.

At one point I had one to test with but I wasn't able to reproduce the problem, but I no longer have access to that server.
Junior Member
spudgun
09-20-2008, 08:20 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

Bigstar,

Thank you for your reply, but it contradicts one of your earlier posts in this thread where you confirmed that you had reproduced this error
FlashFXP Developer
bigstar
09-24-2008, 02:54 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

Sorry I should of read all of the posts to refresh my memory before replying.

There is a specific issue on Vista when combined with OpenSSL when connecting to drFTPD servers. I attempted to determine the cause but was unable to. I had limited time for testing because I eventually lost access to the server I had for testing.
Junior Member
test1234
04-09-2009, 01:55 PM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

issue described and fix for drftpd here:
http://www.drftpd.org/forums/viewtopic.php?f=4&t=3136

if you are having this problem, instruct your techop to implement this fix.

to why vista is making this worse i can only imagine that the openssl lib loading or mapping into memory on first use is slower on vista than on xp and thats why its triggering the delay problem...
FlashFXP Developer
bigstar
06-15-2010, 10:45 AM
Re: SSL negotiation error on initial connection attempt after loading flashfxp

After several tests I do believe that this is the exact cause of the problem.

The OpenSSL initialization code occurs after the AUTH command is sent to the server.

To help solve the problem on our end I am moving the OpenSSL initialization code to execute prior to sending the AUTH command, in my tests this resolves the issue.
Ticket Tools
Subscribe to this Ticket


Posting Rules
You may not post new tickets

Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -5. The time now is 04:51 PM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)