4
J'essaye de me connecter à un serveur FTPS (pas SFTP). Je me connecte à partir d'un système Linux, donc j'ai essayé lftp, ftp-ssl, et même en utilisant ftp_ssl_connect de php, mais aucun d'eux ne fonctionne. (J'ai pu me connecter à d'autres serveurs FTPS en utilisant tout ou au moins certaines des méthodes ci-dessus).Problème FTPS: "Un paquet TLS avec une longueur inattendue a été reçu."
L'erreur la plus descriptive que j'ai est de lftp avec debug tout le chemin jusqu'à 11:
$ lftp lftp :~> open -u my-username ftps://server.net Password: lftp [email protected]:~> debug 99999999999 lftp [email protected]:~> ls FileCopy(0x717bf0) enters state INITIAL FileCopy(0x717bf0) enters state DO_COPY ---- dns cache hit ---- Connecting to server.net (IP ADDRESS) port 990 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_RSA_CAMELLIA_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_RSA_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_RSA_CAMELLIA_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_DSS_CAMELLIA_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_DSS_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_DSS_CAMELLIA_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: DHE_PSK_SHA_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: DHE_PSK_SHA_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: DHE_PSK_SHA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: DHE_PSK_SHA_ARCFOUR_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_RSA_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_RSA_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_RSA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_DSS_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_DSS_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_DSS_3DES_EDE_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: RSA_CAMELLIA_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: RSA_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: RSA_CAMELLIA_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: RSA_ARCFOUR_SHA1 GNUTLS: HSK[acfbb0]: Keeping ciphersuite: RSA_ARCFOUR_MD5 GNUTLS: HSK[acfbb0]: Removing ciphersuite: PSK_SHA_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: PSK_SHA_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: PSK_SHA_3DES_EDE_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: PSK_SHA_ARCFOUR_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_AES_128_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_AES_256_CBC_SHA1 GNUTLS: HSK[acfbb0]: Removing ciphersuite: SRP_SHA_3DES_EDE_CBC_SHA1 GNUTLS: EXT[acfbb0]: Sending extension CERT_TYPE GNUTLS: HSK[acfbb0]: CLIENT HELLO was send [88 bytes] GNUTLS: REC[acfbb0]: Sending Packet[0] Handshake(22) with length: 88 GNUTLS: ASSERT: gnutls_cipher.c:205 GNUTLS: REC[acfbb0]: Sent Packet[1] Handshake(22) with length: 93 GNUTLS: ASSERT: gnutls_buffers.c:638 GNUTLS: ASSERT: gnutls_record.c:909 GNUTLS: ASSERT: gnutls_buffers.c:1152 GNUTLS: ASSERT: gnutls_handshake.c:1032 GNUTLS: ASSERT: gnutls_handshake.c:2331 **** gnutls_handshake: A TLS packet with unexpected length was received. ---- Closing control socket ls: Fatal error: gnutls_handshake: A TLS packet with unexpected length was received.
Avec PHP, j'obtiens ce qui suit:
Warning: ftp_login(): SSL/TLS handshake failed in /home/user/ftp.php on line 7 Warning: ftp_login(): SSL enabled start the negotiation in /home/user/ftp.php on line 7 cannot login
Ligne 6: $connect = ftp_ssl_connect("server.net") or die("cannot connect");
ligne 7: $result = ftp_login($connect,"my-username","my-password") or die("cannot login");
Avec ftp-ssl:
$ ftp-ssl -d -z debug server.net SSL_DEBUG_FLAG on Connected to server.net. 220-Security Notice 220-All activities may be monitored. System use indicates consent to 220 monitoring. Information may be given to law enforcement. ftp: setsockopt: Bad file descriptor Name (server.net:user): my-username ---> AUTH SSL 234 SSL enabled start the negotiation write to 0x68c190 (102 bytes => 102 (66)) 0000 - 80 64 01 03 01 00 4b 00-00 00 10 00 00 39 00 00 .d....K......9.. 0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............ 0020 - 00 00 33 00 00 32 00 00-2f 03 00 80 00 00 05 00 ..3..2../....... 0030 - 00 04 01 00 80 00 00 15-00 00 12 00 00 09 06 00 ................ 0040 - 40 00 00 14 00 00 11 00-00 08 00 00 06 04 00 80 @............... 0050 - 00 00 03 02 00 80 e9 28-25 ed ea 2d e4 d2 f2 25 .......(%..-...% 0060 - 80 e1 2e f1 c3 71 .....q read from 0x68c190 (7 bytes => -1 (FFFFFFFFFFFFFFFF)) ftp: SSL_connect error error:00000000:lib(0):func(0):reason(0) : Connection reset by peer
Désolé si ce poste est longue, mais je l'ai été googler pendant des jours sans réponse en vue. Juste espérer quelques informations de débogage que j'ai manqué pourrait être utile à quelqu'un.
Il semble qu'ils aient une règle de pare-feu interdisant l'ouverture du socket de données et qu'ils n'aient pas activé les connexions en mode passif. Si frustrant. Fonctionne maintenant, mais merci beaucoup pour la réponse. – bawkstoo
Parfois, le port 21 est filtré pour autoriser uniquement le texte en clair par certains FAI, provoquant des erreurs comme celle-ci. Déplacer ftp vers un port différent peut aider. – watsonmw