I made a simple ftp client in C # that does what I need (connect to ftp, optionally using a proxy), but I also want to use AUTH SSL.
So, instead of NetworkStream, I looked at SslStream and hoped that it would be a fairly simple replacement.
However, I seem to have a lot of problems when you contact my (glftpd, selfsigned openssl cert) ftp. Here's a snapshot of the code:
TcpClient client = new TcpClient("192.168.0.2", 1337); SslStream sslStream = new SslStream( client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null ); try { sslStream.AuthenticateAsClient("192.168.0.2"); // or "glftpd", neither worked. } catch (AuthenticationException e) { Console.WriteLine("Exception: {0}", e.Message); if (e.InnerException != null) { Console.WriteLine("Inner exception: {0}", e.InnerException.Message); } Console.WriteLine("Authentication failed - closing the connection."); client.Close(); return; }
I am breaking AuthenticateAsClient with an IOException: "Handshake failed due to unexpected packet format." I do not break ValidateServerCertificate (never reached).
It’s hard for me to debug this error, since I can set the TcpClient port to 1208219421 and still get the same error (so I don’t even know if it could talk to the ssl port).
The code (from 3-4 different C # ssl tutorials that I looked at) above is changed from the link text
I tried both sslStream.AuthenticateAsClient (..., ..., SslProtocols.Tls, false) and sslStream.AuthenticateAsClient (..., ... SslProtocols.Ssl3, false) Ssl2 and Default, and I know that TLS works with my glftpd installation.
If I had to guess, I would have thought that this had something to do with the name machinename / certname, but I tried the name certname (which is "glftpd"), so right now I don’t know why I failed the handshake.
It should also be noted that the certificate is self-signed.
Any help is much appreciated!