Article delegate-en/1417 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Howto? SSL FTP Tunneling
14 Nov 2001 23:57:45 GMT "Bryan Dees" <ppqcqbdyi-re5dixromxtr.ml@ml.delegate.org>


I finaly got it all to work!

# Proxy SSL FTP
  delegated \
  -P10021 \
  SERVER=ftp://goahp85.airborne.com:10021/  \
  CMAP="sslway -st:FCL:ftp:*:*" CMAP=sslway:FCL:ftp-data:*:*

I took out the CMAP for FSV and added the ending *:* fields to the CMAP
FCL command.

Thank you for your support Yutaka!

Sincerely,

Bryan Dees
phueabdyi-re5dixromxtr.ml@ml.delegate.org



-----Original Message-----
From: feedback@delegate.org [mailto:feedback@delegate.org]
Sent: Wednesday, November 14, 2001 7:43 AM
To: feedback@delegate.org
Cc: Bryan Dees
Subject: Re: [DeleGate-En] Howto? SSL FTP Tunneling


Hi,

On 11/14/01(07:27) you "Bryan Dees" <ppqcqbdyi-re5dixromxtr.ml@ml.delegate.org> wrote
in <_A1407@delegate-en.ML_>
 |Thank you for the example. However, when using the FTP protocol in
place
 |of the https protocol I get
 |the following error:

So can I understand my HTTPS example worked without problem in
your environment?

 |11/13 15:22:23.10 [17830] 1+0: ConnectToServer:
 |DFLT=ftp://goahp85.airborne.com:10021 REAL=://:0
 |11/13 15:22:23.11 [17830] 1+0: ConnectToServer connected [7]
 |{156.137.6.30:10021 <- 156.137.12.90:1162} [0.001s]
 |11/13 15:22:23.11 [17832] 1+0: -- Fork(FSV): 17830 -> 17832
 |11/13 15:22:23.11 [17832] 1+0: #### execFilter[FSV]
 |[/usr/local/delegate7.5.4/lib/sslway]lib/sslway
 |## SSLway[17832](nbhd.abf.ad.airborne.com) connect failed
 |17832:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
 |protocol:s23_clnt.c:460:

Does this server "ftp://goahp85.airborne.com:10021" talk "FTPS"
which start SSL without negotiation?  If so, some kind of
mismatching in SSL version between your SSLway and your server
exists.

Or if the FTP server starts in normal non-SSL status and starts SSL
on demand with "AUTH TLS" negotiation (RFC2228), you must specify
"-st" option as FSV="sslway -st".  If this works, then you should
use CMAP="sslway:FSV:ftp-data" for ftp-data connection.

Cheers,
Yutaka
--
  @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology
(AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan



  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V