数据连接上的FTPSClient套接字超时

Question

更新中...

抱歉实时调试.我整天都陷入困境,我想写出来让我更接近研究它......

我注意到我正在使用setUseEPSVwithIPv4(true)发送一个

EPSV
229 Entering Passive Mode (|||62110|)

删除它让我更进一步,现在我得到了

Total Bytes To Send: 1033
PASV
227 Entering Passive Mode (xxx,xxx,xxx,42,242,189)
STOR /Inbound/Encrypted/TEST.pgp

File Transfer Failed at: 2013-11-21 18:33:07.846
Error Occurred Transmitting File to Remote System, aborting...

Host attempting data connection xxx.xxx.xxx.42 is not same as server xxx.xxx.xxx.67
java.io.IOException: Host attempting data connection xxx.xxx.92.42 is not same as server xxx.xxx.xxx.67
at org.apache.commons.net.ftp.FTPClient._openDataConnection_(FTPClient.java:912)
at org.apache.commons.net.ftp.FTPSClient._openDataConnection_(FTPSClient.java:600)
at org.apache.commons.net.ftp.FTPClient._storeFile(FTPClient.java:633)
at org.apache.commons.net.ftp.FTPClient.__storeFile(FTPClient.java:624)150 Opening ASCII mode SSL data connection for /Inbound/Encrypted/TCONW.TEST.IN.pgp.

at org.apache.commons.net.ftp.FTPClient.storeFile(FTPClient.java:1976)
at mycode.FTPConnection.sendFile(FTPConnection.java:667)
at mycode.FTPPropertyProcessor.putFile(FTPPropertyProcessor.java:54)
at mycode.ftputils.FTPClientUtil.main(FTPClientUtil.java:290)
Error Occurred Sending file, aborting...

辅助服务器是可信的,因为它是它们的DMZ服务器之一.现在绕过这一个......

原始发布如下:

寻找调试建议,或找到与此相关的线索.

我一直在内部使用这个代码库.我有一个新的需要对外部站点进行客户端身份验证,我设法连接并成功登录,但无论何时我进入被动模式,套接字超时.

Using FTPS Connection with Protocol: TLS and Explicit Security Request
220 tss4l589 FTP server (SecureTransport 5.1) ready.
AUTH TLS
234 SSLv23/TLSv1
Connected to xxx.xxx.com on 21
PBSZ 0
200 PBSZ=0
PROT P
200 PROT command successful
USER *******
230 Virtual user XXXX logged in.
PWD
257 "/" is current directory.

...FTPClientUtil Connected Successfully!


Sending:
    Local: c:/test/TEST.txt.asc
    Remote: /Inbound/Encrypted/TEST.pgp
    Starting at: 2013-11-21 17:53:47.877
Total Bytes To Send: 1033
EPSV
229 Entering Passive Mode (|||62110|)

File Transfer Failed at: 2013-11-21 17:54:08.877
Error Occurred Transmitting File to Remote System, aborting...

Connection timed out: connect
java.net.ConnectException: Connection timed out: connect
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(Unknown Source)
    at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
    at java.net.PlainSocketImpl.connect(Unknown Source)
    at java.net.SocksSocketImpl.connect(Unknown Source)
    at java.net.Socket.connect(Unknown Source)
    at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(Unknown Source)
    at org.apache.commons.net.ftp.FTPClient._openDataConnection_(FTPClient.java:894)
    at org.apache.commons.net.ftp.FTPSClient._openDataConnection_(FTPSClient.java:600)
    at org.apache.commons.net.ftp.FTPClient._storeFile(FTPClient.java:633)
    at org.apache.commons.net.ftp.FTPClient.__storeFile(FTPClient.java:624)
    at org.apache.commons.net.ftp.FTPClient.storeFile(FTPClient.java:1976)
    at mycode.ftputils.FTPConnection.sendFile(FTPConnection.java:648)
    at mycode.ftputils.FTPPropertyProcessor.putFile(FTPPropertyProcessor.java:54)
at mycode.ftputils.FTPClientUtil.main(FTPClientUtil.java:290)
Error Occurred Sending file, aborting...

我可以使用其他产品(cuteFTP和FlashFXP)成功连接,所以我不相信它是防火墙问题,但我注意到的是,产品是否进行TLS重新协商？在数据连接上.我没有在FTPSClient代码中看到这种情况.

来自FlashFPX

    FlashFXP 4.4.3 (build 2026)
Support Forums http://forum.flashfxp.com
Winsock 2.2 -- OpenSSL 1.0.1e 11 Feb 2013
[R] Connecting to Test -> DNS=xxx.xxx.com IP=xxx.xx.xx.xx PORT=21
[R] Connected to Test
[R] 220 tss4l589 FTP server (SecureTransport 5.1) ready.
[R] AUTH TLS
[R] 234 SSLv23/TLSv1
[R] Connected. Negotiating SSL/TLS session
[R] TLSv1 negotiation successful...
[R] TLSv1 encrypted session using cipher AES256-SHA (256 bits)
[R] PBSZ 0
[R] 200 PBSZ=0
[R] USER XXXX
[R] 230 Virtual user XXXX logged in.
[R] SYST
[R] 215 UNIX Type: L8
[R] PWD
[R] 257 "/" is current directory.
[R] TYPE A
[R] 200 Type set to A.
[R] PROT P
[R] 200 PROT command successful
[R] PASV
[R] 227 Entering Passive Mode (159,53,92,42,242,212)
[R] Opening data connection IP: 159.53.92.42 PORT: 62164
[R] LIST -al
[R] Connected. Negotiating SSL/TLS session
[R] TLSv1 negotiation successful...
[R] TLSv1 encrypted session using cipher AES256-SHA (256 bits)
[R] 150 Opening ASCII mode SSL data connection for file list.
[R] 226 Transfer complete.
[R] List Complete: 130 bytes in 0.25 second (0.1 KB/s)
[R] QUIT
[R] 221 Goodbye.
[R] Logged off: Test (Duration: 17 seconds)

Answer 1

删除setUseEPSVwithIPv4(true); 是关键在这里.

要通过服务器验证,您需要使用setRemoteVerificationEnabled(false);

我成功地将文件发送到远程系统.

对于那些积极关注这个问题的人抱歉