home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
kermit.columbia.edu
/
kermit.columbia.edu.tar
/
kermit.columbia.edu
/
newsgroups
/
misc.20031118-20041115
/
000190_jaltman2@nyc.rr.com_Mon Apr 12 16:35:37 2004.msg
< prev
next >
Wrap
Internet Message Format
|
2004-11-14
|
3KB
Path: newsmaster.cc.columbia.edu!iad-feed.news.verio.net!peer1.stngva01.us.to.verio.net!news.verio.net!news.maxwell.syr.edu!news.glorb.com!border1.nntp.ash.giganews.com!border2.nntp.ash.giganews.com!nntp.giganews.com!feed5.newsreader.com!newsreader.com!news3.optonline.net!cyclone.rdc-nyc.rr.com!news-out.nyc.rr.com!twister.nyc.rr.com.POSTED!not-for-mail
Message-ID: <407AE686.3030209@nyc.rr.com>
From: Jeffrey Altman <jaltman2@nyc.rr.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7b) Gecko/20040316
X-Accept-Language: en-us, en
MIME-Version: 1.0
Newsgroups: comp.protocols.kermit.misc
Subject: Re: FTP with Auth SSL
References: <c5bv8301ck0@drn.newsguy.com> <GWfec.23377$Nn4.4630542@twister.nyc.rr.com> <c5clci0adl@drn.newsguy.com> <407A073D.7040004@nyc.rr.com> <c5d66301vto@drn.newsguy.com> <407A990B.3040105@nyc.rr.com> <c5emg3093u@drn.newsguy.com>
In-Reply-To: <c5emg3093u@drn.newsguy.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Lines: 30
Date: Mon, 12 Apr 2004 18:48:23 GMT
NNTP-Posting-Host: 24.193.46.55
X-Complaints-To: abuse@rr.com
X-Trace: twister.nyc.rr.com 1081795703 24.193.46.55 (Mon, 12 Apr 2004 14:48:23 EDT)
NNTP-Posting-Date: Mon, 12 Apr 2004 14:48:23 EDT
Organization: Road Runner - NYC
Xref: newsmaster.cc.columbia.edu comp.protocols.kermit.misc:14903
There are lots of knobs you can adjust in Kermit
to alter how much verification it requires and whether
it attempts to use SSLv3/TLSv1 or SSLv2 (which should
never be used.) However, those are not your problem.
The server is closing the connection on the Data channel.
If you have no logs from the server to help you, then
you are pretty much out of luck.
I do not know what SSL/TLS library is used by your
ftpd. I also do know know which version of OpenSSL you
are using for Kermit. Perhaps you have come across an
incompatibility between the two. I do not know.
As I mentioned previously, Kermit's FTP AUTH {SSL, TLS}
attempts to optimize the authentication by taking advantage
of SSL/TLS Session Reuse. This is performed in the
module ckcftp.c in function ssl_dataconn() with the function
SSL_copy_session_id(ssl_ftp_data_con,ssl_ftp_con);
Perhaps your FTP server's library is broken and cannot
handle this. I do not know.
I suggest you try to debug the problem from the server
end since that is the side which is dropping the data
connection. If you would like me to debug the problem
I am available for hire and can be contacted at
jaltman at secure-endpoints dot com.