Opened 6 years ago
Last modified 6 years ago
#11921 new Bug report
Unable to get directory listing
Reported by: | Andrew Silvester | Owned by: | |
---|---|---|---|
Priority: | high | Component: | FileZilla Client |
Keywords: | TLS CERTIFICATE LIST_FAIL | Cc: | |
Component version: | 3.42.1 | Operating system type: | Windows |
Operating system version: | Win10 v 1709 |
Description
I upgraded to 3.42.1 and can no longer get directory listings on TLS connection. This was not happening with previous version of Filezilla.
The error I receive is: Certificate of connection does not match expected certificate.
I cleared the certificate by removing trustedcerts.xml and retrieved a new certificate, but that did not fix the problem. I also cleared cache (from debug tab) and that also did not fix the problem. Evertyhing was working fine until I installed new release (no changes to connections). And it still works with older version of FileZilla.
Log (verbose) snippet follows:
10:22:12 Command: LIST 10:22:12 Trace: CTlsSocketImpl::ContinueHandshake() 10:22:12 Trace: CFtpControlSocket::OnReceive() 10:22:12 Response: 125 List started OK 10:22:12 Trace: CFtpRawTransferOpData::ParseResponse() in state 4 10:22:12 Trace: CControlSocket::SendNextCommand() 10:22:12 Trace: CFtpRawTransferOpData::Send() in state 5 10:22:14 Trace: CTlsSocketImpl::ContinueHandshake() 10:22:14 Trace: CTlsSocketImpl::ContinueHandshake() 10:22:14 Trace: CTlsSocketImpl::ContinueHandshake() 10:22:14 Trace: TLS Handshake successful 10:22:14 Trace: Protocol: TLS1.0, Key exchange: RSA, Cipher: AES-256-CBC, MAC: SHA1 10:22:14 Error: Certificate of connection does not match expected certificate. 10:22:14 Error: The data connection could not be established: ECONNABORTED - Connection aborted 10:22:14 Trace: CTransferSocket::TransferEnd(3) 10:22:14 Trace: CFtpControlSocket::TransferEnd() 10:22:14 Trace: CFtpControlSocket::OnReceive() 10:22:14 Response: 250 List completed successfully. 10:22:14 Trace: CFtpRawTransferOpData::ParseResponse() in state 7 10:22:14 Trace: CFtpControlSocket::ResetOperation(2) 10:22:14 Trace: CControlSocket::ResetOperation(2) 10:22:14 Trace: CFtpRawTransferOpData::Reset(2) in state 7 10:22:14 Trace: CFtpListOpData::SubcommandResult(2) in state 3 10:22:14 Trace: CFtpControlSocket::ResetOperation(2) 10:22:14 Trace: CControlSocket::ResetOperation(2) 10:22:14 Trace: CFtpListOpData::Reset(2) in state 3 10:22:14 Error: Failed to retrieve directory listing
I reverted to previous version 3.41.1 and it is working...
18:01:02 Command: LIST
18:01:02 Trace: CTransferSocket::OnConnect
18:01:02 Trace: CTlsSocketImpl::Handshake()
18:01:02 Trace: Trying to resume existing TLS session.
18:01:02 Trace: CTlsSocketImpl::ContinueHandshake()
18:01:02 Trace: TLS handshake: About to send CLIENT HELLO
18:01:02 Trace: TLS handshake: Sent CLIENT HELLO
18:01:02 Trace: CTlsSocketImpl::OnSend()
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CFtpControlSocket::OnReceive()
18:01:02 Response: 125 List started OK
18:01:02 Trace: CFtpRawTransferOpData::ParseResponse() in state 4
18:01:02 Trace: CControlSocket::SendNextCommand()
18:01:02 Trace: CFtpRawTransferOpData::Send() in state 5
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CTlsSocketImpl::ContinueHandshake()
18:01:02 Trace: TLS handshake: Received SERVER HELLO
18:01:02 Trace: TLS handshake: Processed SERVER HELLO
18:01:02 Trace: TLS handshake: Received CERTIFICATE
18:01:02 Trace: TLS handshake: Processed CERTIFICATE
18:01:02 Trace: TLS handshake: Received SERVER HELLO DONE
18:01:02 Trace: TLS handshake: Processed SERVER HELLO DONE
18:01:02 Trace: TLS handshake: About to send CLIENT KEY EXCHANGE
18:01:02 Trace: TLS handshake: Sent CLIENT KEY EXCHANGE
18:01:02 Trace: TLS handshake: About to send FINISHED
18:01:02 Trace: TLS handshake: Sent FINISHED
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CTlsSocketImpl::ContinueHandshake()
18:01:02 Trace: TLS handshake: Received FINISHED
18:01:02 Trace: TLS handshake: Processed FINISHED
18:01:02 Trace: TLS Handshake successful
18:01:02 Trace: Protocol: TLS1.0, Key exchange: RSA, Cipher: AES-256-CBC, MAC: SHA1
18:01:02 Trace: CTransferSocket::OnConnect
18:01:02 Trace: CTransferSocket::OnReceive(), m_transferMode=0
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CTransferSocket::OnReceive(), m_transferMode=0
18:01:02 Trace: CTransferSocket::TransferEnd(1)
18:01:02 Trace: CTlsSocketImpl::Shutdown()
18:01:02 Trace: CFtpControlSocket::TransferEnd()
18:01:02 Trace: CTlsSocketImpl::OnRead()
18:01:02 Trace: CFtpControlSocket::OnReceive()
18:01:02 Response: 250 List completed successfully.
The big difference seems to be the certificate of connection is not liked by the new version...
10:22:14 Error: Certificate of connection does not match expected certificate.
10:22:14 Error: The data connection could not be established: ECONNABORTED - Connection aborted