FTPS getdirectorylisting throws connection time out error

Question

FTPS getdirectorylisting throws connection time out error

asked May 6, 2008 in Java FTP by srn (200 points)

Hi

I am using the trial version of the edtFTPj/PRO trying to connect to a FTPS server. When I try to get the directory listing I get connection time out exception.

Here is the code example that I used...

public class GetDirectoryListing {

    public static void main(String[] args) {

        // we want remote host, user name and password
        if (args.length < 3) {
            System.out
                    .println("Usage: run remote-host username password");
            System.exit(1);
        }

        // extract command-line arguments
        String host = args[0];
        String username = args[1];
        String password = args[2];
        String filename = "GetDirectoryListing.java";

        SSLFTPClient ftp = null;

        try {

            // create client
            log.info("Creating FTPS (explicit) client");
            ftp = new SSLFTPClient();

            // disable standard SSL closure
            log.info("Setting configuration flags");
            ftp.setConfigFlags(SSLFTPClient.ConfigFlags.DISABLE_SSL_CLOSURE);
            // NOTE: The DISABLE_SSL_CLOSURE flag is included in this example
            // for the sake of compatibility with as wide a range of servers as
            // possible. If possible it should be avoided as it opens the
            // possibility of truncation attacks (i.e. attacks where data is
            // compromised through premature disconnection).

            // set remote host
            log.info("Setting remote host");
            ftp.setRemoteHost(host);

            // turn off server validation
            log.info("Turning off server validation");
            ftp.setValidateServer(false);

            // connect to the server
            log.info("Connecting to server " + host);
            ftp.connect();

            // switch to SSL on control channel
            log.info("Switching to FTPS (explicit mode)");
            ftp.auth(SSLFTPClient.AUTH_TLS);

            // log in
            log.info("Logging in with username=" + username + " and password="
                    + password);
            ftp.login(username, password);
            log.info("Logged in");

            //ftp.setConnectMode(FTPConnectMode.PASV);
         
       //added to check if the directory listing is working
       log.info("Getting current directory listing");
            FTPFile[] files = ftp.dirDetails(".");
            for (int i = 0; i < files.length; i++) {
                log.info(files[i].toString());
            }

            // Shut down client
            log.info("Quitting client");
            ftp.quit();

            log.info("Example complete");

        } catch (Exception e) {
            e.printStackTrace();
        }
    }

}

Here is the log details while executing the code... The server, username and password details are masked...

INFO [GetDirectoryListing] 6 May 2008 12:55:55.940 : Creating FTPS (explicit) client
INFO [SSLFTPClient] 6 May 2008 12:55:55.973 : edtFTPj - PRO version
DEBUG [FTPClient] 6 May 2008 12:55:55.987 : Class: com.enterprisedt.net.ftp.ssl.SSLFTPClient
DEBUG [ProFTPClient] 6 May 2008 12:55:56.21 : Class: com.enterprisedt.net.ftp.ssl.SSLFTPClient
DEBUG [CryptixProperties] 6 May 2008 12:55:56.88 : Successfully loaded the CryptixEDT properties file
INFO [puretls] 6 May 2008 12:55:56.122 : PureTLS debug level=0
DEBUG [SSLFTPClient] 6 May 2008 12:55:56.124 : Setting custom validator to com.enterprisedt.net.ftp.ssl.SSLFTPStandardValidator
INFO [GetDirectoryListing] 6 May 2008 12:55:56.129 : Setting configuration flags
INFO [GetDirectoryListing] 6 May 2008 12:55:56.130 : Setting remote host
INFO [GetDirectoryListing] 6 May 2008 12:55:56.221 : Turning off server validation
DEBUG [SSLFTPClient] 6 May 2008 12:55:56.222 : Turned server validation off
INFO [GetDirectoryListing] 6 May 2008 12:55:56.222 : Connecting to server ftp.myserver.com
DEBUG [SSLFTPClient] 6 May 2008 12:55:56.223 : Created explicit FTPS client.
DEBUG [SSLFTPClient] 6 May 2008 12:55:56.223 : Connecting to ftp.myserver.com/0.0.0.0:21
DEBUG [SSLSocketUtils] 6 May 2008 12:55:56.236 : Invoking connect with timeout=60000
DEBUG [FTPControlSocket] 6 May 2008 12:55:56.392 : 220 WELCOME TO THE FTP SERVICE.
DEBUG [SSLFTPControlSocket] 6 May 2008 12:55:56.394 : DISABLE_CONTROL_SSL_CLOSURE=true
DEBUG [SSLFTPControlSocket] 6 May 2008 12:55:56.395 : DISABLE_CONTROL_WAIT_ON_CLOSE=false
DEBUG [SSLFTPControlSocket] 6 May 2008 12:55:56.395 : ALLOW_BASIC_CONSTRAINTS_IN_NON_CA=false
INFO [GetDirectoryListing] 6 May 2008 12:55:56.396 : Switching to FTPS (explicit mode)
DEBUG [FTPControlSocket] 6 May 2008 12:55:56.397 : ---> AUTH TLS
DEBUG [FTPControlSocket] 6 May 2008 12:55:56.486 : 234 Proceed with negotiation.
DEBUG [SSLFTPControlSocket] 6 May 2008 12:55:56.487 : Starting SSL handshake on control socket
INFO [cryptix] 6 May 2008 12:55:56.515 : GLOBAL_TRACE=false
INFO [cryptix] 6 May 2008 12:55:56.516 : GLOBAL_DEBUG=false
INFO [cryptix] 6 May 2008 12:55:56.517 : GLOBAL_DEBUG_SLOW=false
DEBUG [SSLHandshake] 6 May 2008 12:55:56.673 : 1 certificates supplied.0 verified certificates.
DEBUG [SSLHandshake] 6 May 2008 12:55:56.674 : isVerified=false, acceptUnverified=true
DEBUG [IJCE_Properties] 6 May 2008 12:55:56.685 : Successfully loaded the IJCE properties file
DEBUG [SSLFTPControlSocket] 6 May 2008 12:55:56.794 : SSL handshake on control socket complete
DEBUG [FTPControlSocket] 6 May 2008 12:55:56.795 : ---> PBSZ 0
DEBUG [FTPControlSocket] 6 May 2008 12:55:56.858 : 200 PBSZ set to 0.
DEBUG [FTPControlSocket] 6 May 2008 12:55:56.859 : ---> PROT

4 Answers

support2 · Answer 1 · 2008-05-06T23:15:50+0000

Typically this problem is because a firewall is blocking the data connection. In unencrypted FTP, firewalls can dynamically open ports for FTP data connections. They can't do this for FTPS (as they can't read the FTP command and thus work out what port to open).

You will need to disable the firewall in between the client and server (temporarily), or decide on a port range to use for data connections and configure the firewall to allow access on those ports. edtFTPj/PRO allows you to specify a port range to use.

srn · Answer 2 · 2008-05-06T23:45:29+0000

I was able to connect to the FTPS server through Filezilla, download, upload, etc. with the same network settings.

I had the firewall issue with another network where I was not able to login to the server using Filezilla.

I was even able to download / upload files using a scripting tool called Script FTP. I am not sure if this is a firewall issue.

support2 · Answer 3 · 2008-05-07T21:23:26+0000

The client is failing to connect to 10.10.1.181 on port 2021. That is the IP address sent back by the server.

Is it correct? You can use 'setAutoPassiveIPSubstitution(true)' to force the client to connect to the host address rather than this address.

PS all trial users are entitled to email support - you may wish to email us at support at enterprisedt dot com and we can post a summary on the forums later.

FTPS getdirectorylisting throws connection time out error

Please log in or register to add a comment.

Please log in or register to answer this question.

4 Answers

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Categories