Opened 6 years ago

Last modified 6 years ago

#11921 new Bug report

Unable to get directory listing

Reported by: Andrew Silvester Owned by:
Priority: high Component: FileZilla Client
Keywords: TLS CERTIFICATE LIST_FAIL Cc:
Component version: 3.42.1 Operating system type: Windows
Operating system version: Win10 v 1709

Description

I upgraded to 3.42.1 and can no longer get directory listings on TLS connection. This was not happening with previous version of Filezilla.

The error I receive is: Certificate of connection does not match expected certificate.

I cleared the certificate by removing trustedcerts.xml and retrieved a new certificate, but that did not fix the problem. I also cleared cache (from debug tab) and that also did not fix the problem. Evertyhing was working fine until I installed new release (no changes to connections). And it still works with older version of FileZilla.

Log (verbose) snippet follows:

10:22:12	Command:	LIST
10:22:12	Trace:	CTlsSocketImpl::ContinueHandshake()
10:22:12	Trace:	CFtpControlSocket::OnReceive()
10:22:12	Response:	125 List started OK
10:22:12	Trace:	CFtpRawTransferOpData::ParseResponse() in state 4
10:22:12	Trace:	CControlSocket::SendNextCommand()
10:22:12	Trace:	CFtpRawTransferOpData::Send() in state 5
10:22:14	Trace:	CTlsSocketImpl::ContinueHandshake()
10:22:14	Trace:	CTlsSocketImpl::ContinueHandshake()
10:22:14	Trace:	CTlsSocketImpl::ContinueHandshake()
10:22:14	Trace:	TLS Handshake successful
10:22:14	Trace:	Protocol: TLS1.0, Key exchange: RSA, Cipher: AES-256-CBC, MAC: SHA1
10:22:14	Error:	Certificate of connection does not match expected certificate.
10:22:14	Error:	The data connection could not be established: ECONNABORTED - Connection aborted
10:22:14	Trace:	CTransferSocket::TransferEnd(3)
10:22:14	Trace:	CFtpControlSocket::TransferEnd()
10:22:14	Trace:	CFtpControlSocket::OnReceive()
10:22:14	Response:	250 List completed successfully.
10:22:14	Trace:	CFtpRawTransferOpData::ParseResponse() in state 7
10:22:14	Trace:	CFtpControlSocket::ResetOperation(2)
10:22:14	Trace:	CControlSocket::ResetOperation(2)
10:22:14	Trace:	CFtpRawTransferOpData::Reset(2) in state 7
10:22:14	Trace:	CFtpListOpData::SubcommandResult(2) in state 3
10:22:14	Trace:	CFtpControlSocket::ResetOperation(2)
10:22:14	Trace:	CControlSocket::ResetOperation(2)
10:22:14	Trace:	CFtpListOpData::Reset(2) in state 3
10:22:14	Error:	Failed to retrieve directory listing

Change History (1)

comment:1 by Andrew Silvester, 6 years ago

I reverted to previous version 3.41.1 and it is working...

18:01:02 Command: LIST
18:01:02 Trace: CTransferSocket::OnConnect
18:01:02 Trace: CTlsSocketImpl::Handshake()
18:01:02 Trace: Trying to resume existing TLS session.
18:01:02 Trace: CTlsSocketImpl::ContinueHandshake()
18:01:02 Trace: TLS handshake: About to send CLIENT HELLO
18:01:02 Trace: TLS handshake: Sent CLIENT HELLO
18:01:02 Trace: CTlsSocketImpl::OnSend()
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CFtpControlSocket::OnReceive()
18:01:02 Response: 125 List started OK
18:01:02 Trace: CFtpRawTransferOpData::ParseResponse() in state 4
18:01:02 Trace: CControlSocket::SendNextCommand()
18:01:02 Trace: CFtpRawTransferOpData::Send() in state 5
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CTlsSocketImpl::ContinueHandshake()
18:01:02 Trace: TLS handshake: Received SERVER HELLO
18:01:02 Trace: TLS handshake: Processed SERVER HELLO
18:01:02 Trace: TLS handshake: Received CERTIFICATE
18:01:02 Trace: TLS handshake: Processed CERTIFICATE
18:01:02 Trace: TLS handshake: Received SERVER HELLO DONE
18:01:02 Trace: TLS handshake: Processed SERVER HELLO DONE
18:01:02 Trace: TLS handshake: About to send CLIENT KEY EXCHANGE
18:01:02 Trace: TLS handshake: Sent CLIENT KEY EXCHANGE
18:01:02 Trace: TLS handshake: About to send FINISHED
18:01:02 Trace: TLS handshake: Sent FINISHED
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CTlsSocketImpl::ContinueHandshake()
18:01:02 Trace: TLS handshake: Received FINISHED
18:01:02 Trace: TLS handshake: Processed FINISHED
18:01:02 Trace: TLS Handshake successful
18:01:02 Trace: Protocol: TLS1.0, Key exchange: RSA, Cipher: AES-256-CBC, MAC: SHA1
18:01:02 Trace: CTransferSocket::OnConnect
18:01:02 Trace: CTransferSocket::OnReceive(), m_transferMode=0
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CTransferSocket::OnReceive(), m_transferMode=0
18:01:02 Trace: CTransferSocket::TransferEnd(1)
18:01:02 Trace: CTlsSocketImpl::Shutdown()
18:01:02 Trace: CFtpControlSocket::TransferEnd()
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CFtpControlSocket::OnReceive()
18:01:02 Response: 250 List completed successfully.

The big difference seems to be the certificate of connection is not liked by the new version...

10:22:14 Error: Certificate of connection does not match expected certificate.
10:22:14 Error: The data connection could not be established: ECONNABORTED - Connection aborted

Version 0, edited 6 years ago by Andrew Silvester (next)
Note: See TracTickets for help on using tickets.