Today I needed to upload about thousand files to server. But after every ~110 files, control connection was closed and I had to reconnect. I did some testing and found out that it was happening with all servers I tried, when SSL was used. It was about ten servers running different versions of FTP software (ProFTPd, Serv-U, IIS FTP, G6FTP, ...). The connection was dropped every time.
The only difference was how many files could be transfered. With servers supporting MFMT it was ~110 files, with others ~240 files. I tried to capture packets and the total size of the capture, before the control connection was dropped, was always very similar. So my guess is that it has something to do with amount of data transfered over control connection.
I also tried it with several versions of OpenSSL libraries (different versions from slproweb.com and cURL) without any difference. It's not related to specific TC version, all 7.04, 7.50a and 7.55pb1 show the same behaviour.
If you have five free minutes and access to FTPS server, please test it. I'd like at least few more people who can confirm it, before I start thinking about blaming TC. ;) The test is very simple. Just select few hundered files and try to upload them. You can use mine: http://www.volny.cz/sobosh/files.zip (1000 one byte files).
FTP with SSL, dropping control connection
Moderators: white, Hacker, petermad, Stefan2
-
ghisler(Author)
- Site Admin
- Posts: 48083
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
Do you have any clues why the control connection is dropped?
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com
I did more testing (a lot of testing actually) and I can say now that TC is innocent. So is OpenSSL, FTP server software and network connection. And the winner is... the moment of truth... built-in firewall in Windows 7.
There must be another braindead helper included that is messing with ftp connections and breaks SSL layer. It's only watching port 21, because when I move FTP server to different port, then it suddenly works ok.
When I turn the firewall off in home/public/domain profiles, it does not change anything. The only thing that helps is turning the firewall off completely by stopping MpsSvc service. But in that case Windows doesn't allow any incoming connections to the machine, so it's not an option even on those machines where I could live without firewall.
Now the question remains, how to find this stupid thing and deactivate it...
There must be another braindead helper included that is messing with ftp connections and breaks SSL layer. It's only watching port 21, because when I move FTP server to different port, then it suddenly works ok.
When I turn the firewall off in home/public/domain profiles, it does not change anything. The only thing that helps is turning the firewall off completely by stopping MpsSvc service. But in that case Windows doesn't allow any incoming connections to the machine, so it's not an option even on those machines where I could live without firewall.
Now the question remains, how to find this stupid thing and deactivate it...
-
ghisler(Author)
- Site Admin
- Posts: 48083
- Joined: 2003-02-04, 09:46 UTC
- Location: Switzerland
- Contact:
That's really annoying, thanks for sharing your results!
Author of Total Commander
https://www.ghisler.com
https://www.ghisler.com