TC9.20: FTPS-Connections to writeable homedir not possible
Moderators: white, Hacker, petermad, Stefan2
TC9.20: FTPS-Connections to writeable homedir not possible
If TC opens a FTPS connection to a host with a write permission on the FTPS-home directory, TC breaks the login attempt with OFFLINE2, error=0 and does not connect to the FTPS server
- ghisler(Author)
- Site Admin
- Posts: 48118
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
OFFLINE2 means that reading from the server returns an error when reading data. It has nothing to do with write permissions on the server.
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
- ghisler(Author)
- Site Admin
- Posts: 48118
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
Interesting, any idea what package is sent? Which server software do you use? I need to reproduce it so I can write a workaround.
Btw, you could try using OpenSSL instead of the normally used sChannel (Secur32.dll) library. For this, you need to download the OpenSSL libraries from here:
https://indy.fulgan.com/SSL/?C=N;O=D
Get the win32 package for Total Commander 32-bit (even on 64-bit Windows!), or the win64 package for Total Commander 64-bit.
Then unpack the dlls to the Total Commander directory. If you use the combined 32+64-bit version, but the 64-bit dlls in subdirectory "64" below the Total Commander directory. Then close and re-open Total Commander.
Total Commander will show in the connection log whether it uses sChannel or openSSL.
Btw, you could try using OpenSSL instead of the normally used sChannel (Secur32.dll) library. For this, you need to download the OpenSSL libraries from here:
https://indy.fulgan.com/SSL/?C=N;O=D
Get the win32 package for Total Commander 32-bit (even on 64-bit Windows!), or the win64 package for Total Commander 64-bit.
Then unpack the dlls to the Total Commander directory. If you use the combined 32+64-bit version, but the 64-bit dlls in subdirectory "64" below the Total Commander directory. Then close and re-open Total Commander.
Total Commander will show in the connection log whether it uses sChannel or openSSL.
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
Thank you for this tip.
I've tested the OpenSSL-solution without success.
TC uses OpenSSL after publishing the dlls in the TC directory.
Log output on connect:
SSL: Libraries loaded OK! C:\Programme\totalcmd\libeay32.dll
On the server side we're using the VSFTPD default package (3.0.3-9build1) on an Ubuntu 18.04 LTS server.
I think, I've read somewhere in the internet, that the failure package can be an unencrypted message which shows, that the home dir is writable (without guarantee).
I've tested the OpenSSL-solution without success.
TC uses OpenSSL after publishing the dlls in the TC directory.
Log output on connect:
SSL: Libraries loaded OK! C:\Programme\totalcmd\libeay32.dll
On the server side we're using the VSFTPD default package (3.0.3-9build1) on an Ubuntu 18.04 LTS server.
I think, I've read somewhere in the internet, that the failure package can be an unencrypted message which shows, that the home dir is writable (without guarantee).
- ghisler(Author)
- Site Admin
- Posts: 48118
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
Hmm, that shouldn't be - there are no plain text messages expected after AUTH TLS and the server replying
234 AUTH TLS successful
The server may send more reply lines before that, e.g.
234-Starting TLS sesssion
234 AUTH TLS successful
but nothing afterwards.
To find our what really happens, I will have to try to install VSFTPD, and configure it exactly like you did. Did you change anything in the VSFTPD configuration?
234 AUTH TLS successful
The server may send more reply lines before that, e.g.
234-Starting TLS sesssion
234 AUTH TLS successful
but nothing afterwards.
To find our what really happens, I will have to try to install VSFTPD, and configure it exactly like you did. Did you change anything in the VSFTPD configuration?
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com