227 Entering Passive Mode Error using C# FtpWebRequest connecting to a IBM Mainframe - ftp
Try to upload a file to an IBM Mainframe using FtpWebRequest give the 227 Entering Passive Mode error, using WinSCP console works just fine. I have visited all possible posts here on StackOverflow even this one that I asked my self a few years ago Use C# to FTP file to mainframe including dataset - Translate FTP script to FtpWebRequest code
Following are the C# code, the WinSCP script, and both logs.
C# Code:
string user = "AXXXXXX";
string pwd = "******";
var serverUri = #"ftp://yyy.yy.yy.yy.yy/'AAAA.BBB.CCCC.DDDDD'";
// Get the object used to communicate with the server.
FtpWebRequest request = (FtpWebRequest)WebRequest.Create(serverUri);
request.Credentials = new NetworkCredential(user, pwd);
request.EnableSsl = true;
request.UseBinary = false;
request.Method = WebRequestMethods.Ftp.UploadFile;
FileStream fs = File.OpenRead(#"D:\TEST.TXT");
byte[] buffer = new byte[fs.Length];
fs.Read(buffer, 0, buffer.Length);
fs.Close();
Stream ftpstream = request.GetRequestStream();
ftpstream.Write(buffer, 0, buffer.Length);
ftpstream.Close();
Winscp Script:
option batch on
option confirm off
open ftp://AXXXXXX:******#yyy.yy.yy.yy.yy:21 -explicittls
ASCII
cd /
cd 'AAAA.BBB.CCCC.DDDDD'
put D:\TEST4.TXT TEST4.TXT
bye
Here C# log
System.Net Information: 0 : [75372] FtpWebRequest#45004109::.ctor(ftp://yyy.yy.yy.yy.yy/'AAAA.BBB.CCCC.DDDDD')
System.Net Information: 0 : [75372] Current OS installation type is 'Client'.
System.Net Information: 0 : [75372] FtpWebRequest#45004109::GetRequestStream(Method=STOR.)
System.Net Information: 0 : [75372] RAS supported: True
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Created connection from 192.168.1.10:59723 to 207.192.50.50:21.
System.Net Information: 0 : [75372] Associating FtpWebRequest#45004109 with FtpControlStream#21454193
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [220-FTP 10:24:35 on 2022-09-21.
220- Warning!
220- This is a government Computer System and is the property of the
220-State of . Users have no expectation of privacy. Use
220- of this computer system is subject to monitoring or other review
220- by the government operator or others. Unauthorized or improper
220-use of this system may result in administrative disciplinary action
220- and civil and criminal penalties.
220-
220- Use of this system constitutes consent to monitoring.
220 Connection will close if idle for more than 5 minutes.]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [AUTH TLS]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [234 Security environment established - ready for negotiation]
System.Net Information: 0 : [75372] TlsStream#58870012::.ctor(host=yyy.yy.yy.yy.yy, #certs=0, checkCertificateRevocationList=False, sslProtocols=None)
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [USER AXXXXXX]
System.Net Information: 0 : [75372] SecureChannel#60068066::.ctor(hostname=yyy.yy.yy.yy.yy, #clientCertificates=0, encryptionPolicy=RequireEncryption)
System.Net Information: 0 : [75372] Enumerating security packages:
System.Net Information: 0 : [75372] Negotiate
System.Net Information: 0 : [75372] NegoExtender
System.Net Information: 0 : [75372] Kerberos
System.Net Information: 0 : [75372] NTLM
System.Net Information: 0 : [75372] TSSSP
System.Net Information: 0 : [75372] pku2u
System.Net Information: 0 : [75372] WDigest
System.Net Information: 0 : [75372] Schannel
System.Net Information: 0 : [75372] Microsoft Unified Security Protocol Provider
System.Net Information: 0 : [75372] MSOIDSSP
System.Net Information: 0 : [75372] Default TLS SSP
System.Net Information: 0 : [75372] CREDSSP
System.Net Information: 0 : [75372] SecureChannel#60068066 - Left with 0 client certificates to choose from.
System.Net Information: 0 : [75372] SecureChannel#60068066::.AcquireClientCredentials, new SecureCredential() (flags=(ValidateManual, NoDefaultCred, SendAuxRecord, UseStrongCrypto), m_ProtocolFlags=(Zero), m_EncryptionPolicy=RequireEncryption)
System.Net Information: 0 : [75372] AcquireCredentialsHandle(package = Microsoft Unified Security Protocol Provider, intent = Outbound, scc = System.Net.SecureCredential2)
System.Net Information: 0 : [75372] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = (null), targetName = yyy.yy.yy.yy.yy, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [75372] InitializeSecurityContext(In-Buffer length=0, Out-Buffer length=181, returned code=ContinueNeeded).
System.Net Information: 0 : [75372] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = 849b40:858d40, targetName = yyy.yy.yy.yy.yy, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [75372] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=190, returned code=ContinueNeeded).
System.Net Information: 0 : [75372] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = 849b40:858d40, targetName = yyy.yy.yy.yy.yy, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [75372] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=ContinueNeeded).
System.Net Information: 0 : [75372] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = 849b40:858d40, targetName = yyy.yy.yy.yy.yy, inFlags = ReplayDetect, SequenceDetect, Confidentiality, AllocateMemory, InitManualCredValidation)
System.Net Information: 0 : [75372] InitializeSecurityContext(In-Buffers count=2, Out-Buffer length=0, returned code=OK).
System.Net Information: 0 : [75372] Remote certificate: [Version]
V3
[Subject]
CN=yyy.yy.yy.yy.yy, O=Executive Office of the State of , L=, S=, C=US
Simple Name: yyy.yy.yy.yy.yy
DNS Name: yyy.yy.yy.yy.yy
[Issuer]
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
Simple Name: DigiCert Global G2 TLS RSA SHA256 2020 CA1
DNS Name: DigiCert Global G2 TLS RSA SHA256 2020 CA1
[Serial Number]
02A8DB5DE0952CAF2964D096035F8418
[Not Before]
5/24/2022 8:00:00 PM
[Not After]
6/25/2023 7:59:59 PM
[Thumbprint]
4FE2A581DC2258EF5FB98C1E19BA41DBB070FF57
[Signature Algorithm]
sha256RSA(1.2.840.113549.1.1.11)
[Public Key]
Algorithm: RSA
Length: 2048
Key Blob: 30 82 01 0a 02 82 01 01 00 d3 f1 39 be d1 d5 28 1a fc c9 86 82 24 28 90 3c 53 a4 d4 75 7d a5 3c 76 4d 66 b3 ac b1 58 fd 55 b2 ca 4f 24 24 5c 39 81 1f ec 23 36 dc 85 13 53 b5 3a 63 84 2b a8 3b f1 84 88 47 0e 34 eb 7a a7 28 3d 67 20 4f bb bb 5c 42 87 b0 e0 e3 71 0a 26 96 2f f0 74 85 57 92 f1 2....
System.Net Information: 0 : [75372] SecureChannel#60068066 - Remote certificate has errors:
System.Net Information: 0 : [75372] SecureChannel#60068066 - Certificate name mismatch.
System.Net Information: 0 : [75372] SecureChannel#60068066 - Remote certificate was verified as valid by the user.
System.Net Information: 0 : [75372] ProcessAuthentication(Protocol=Tls12, Cipher=Aes256 256 bit strength, Hash=Sha384 0 bit strength, Key Exchange=DiffieHellman 1024 bit strength).
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [331 Send password please.]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [PASS ********]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [230 AXXXXXX is logged on. Working directory is "AXXXXXX.".]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [PBSZ 0]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [200 Protection buffer size accepted]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [PROT P]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [200 Data connection protection set to private]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [OPTS utf8 on]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [501 command OPTS aborted -- no options supported for utf8]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [PWD]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [257 "'AXXXXXX.'" is working directory.]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [TYPE A]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [200 Representation type is Ascii NonPrint]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Sending command [PASV]
System.Net Information: 0 : [75372] FtpControlStream#21454193 - Received response [227 Entering Passive Mode (207,192,33,30,195,108)]
System.Net Information: 0 : [75372] FtpWebRequest#45004109::(Releasing FTP connection#21454193.)
System.Net Error: 0 : [75372] Exception in FtpWebRequest#45004109::GetRequestStream - The remote server returned an error: 227 Entering Passive Mode (207,192,33,30,195,108)
..
at System.Net.FtpWebRequest.SyncRequestCallback(Object obj)
at System.Net.FtpWebRequest.RequestCallback(Object obj)
at System.Net.CommandStream.Dispose(Boolean disposing)
at System.IO.Stream.Close()
at System.IO.Stream.Dispose()
at System.Net.ConnectionPool.Destroy(PooledStream pooledStream)
at System.Net.ConnectionPool.PutConnection(PooledStream pooledStream, Object owningObject, Int32 creationTimeout, Boolean canReuse)
at System.Net.FtpWebRequest.FinishRequestStage(RequestStage stage)
at System.Net.FtpWebRequest.GetRequestStream()
System.Net Error: 0 : [75372] Exception in AppDomain#33675143::UnhandledExceptionHandler - The remote server returned an error: 227 Entering Passive Mode (207,192,33,30,195,108)
WinSCP Log:
. 2022-09-20 16:27:13.865 --------------------------------------------------------------------------
. 2022-09-20 16:27:13.865 WinSCP Version 5.15.3 (Build 9730) (OS 10.0.19043 - Windows 10 Enterprise)
. 2022-09-20 16:27:13.865 Configuration: nul
. 2022-09-20 16:27:13.865 Log level: Normal
. 2022-09-20 16:27:13.865 Local account: XXXXX\xxxxx
. 2022-09-20 16:27:13.866 Working directory: D:\WinSCP
. 2022-09-20 16:27:13.866 Process ID: 20996
. 2022-09-20 16:27:13.866 Command-line: "D:\WinSCP\WinSCP.exe" /console=5.15.3 /consoleinstance=_59692_538 "/console" "/log=logfile.log" "/script=FTPSput.txt" "/ini=nul"
. 2022-09-20 16:27:13.866 Time zone: Current: GMT-4, Standard: GMT-5 (Eastern Standard Time), DST: GMT-4 (Eastern Daylight Time), DST Start: 3/13/2022, DST End: 11/6/2022
. 2022-09-20 16:27:13.871 Login time: Tuesday, September 20, 2022 4:27:13 PM
. 2022-09-20 16:27:13.871 --------------------------------------------------------------------------
. 2022-09-20 16:27:13.871 Script: Retrospectively logging previous script records:
> 2022-09-20 16:27:13.871 Script: option batch on
< 2022-09-20 16:27:13.871 Script: batch on
> 2022-09-20 16:27:13.871 Script: option confirm off
< 2022-09-20 16:27:13.871 Script: confirm off
> 2022-09-20 16:27:13.871 Script: open ftp://AXXXXXX:***#yyy.yy.yy.yy.yy:21 -explicittls
. 2022-09-20 16:27:13.871 --------------------------------------------------------------------------
. 2022-09-20 16:27:13.871 Session name: AXXXXXX#yyy.yy.yy.yy.yy (Ad-Hoc site)
. 2022-09-20 16:27:13.871 Host name: yyy.yy.yy.yy.yy (Port: 21)
. 2022-09-20 16:27:13.871 User name: AXXXXXX (Password: Yes, Key file: No, Passphrase: No)
. 2022-09-20 16:27:13.871 Transfer Protocol: FTP
. 2022-09-20 16:27:13.871 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec
. 2022-09-20 16:27:13.871 Disable Nagle: No
. 2022-09-20 16:27:13.871 Proxy: None
. 2022-09-20 16:27:13.871 Send buffer: 262144
. 2022-09-20 16:27:13.871 UTF: Auto
. 2022-09-20 16:27:13.871 FTPS: Explicit TLS/SSL [Client certificate: No]
. 2022-09-20 16:27:13.871 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto
. 2022-09-20 16:27:13.871 Session reuse: Yes
. 2022-09-20 16:27:13.871 TLS/SSL versions: TLSv1.0-TLSv1.2
. 2022-09-20 16:27:13.871 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2022-09-20 16:27:13.871 Cache directory changes: Yes, Permanent: Yes
. 2022-09-20 16:27:13.871 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2022-09-20 16:27:13.871 Timezone offset: 0h 0m
. 2022-09-20 16:27:13.871 --------------------------------------------------------------------------
. 2022-09-20 16:27:13.874 Connecting to yyy.yy.yy.yy.yy ...
. 2022-09-20 16:27:13.910 Connected with yyy.yy.yy.yy.yy, negotiating TLS connection...
< 2022-09-20 16:27:13.960 220-FTP 16:27:14 on 2022-09-20.
< 2022-09-20 16:27:13.960 220- Warning!
< 2022-09-20 16:27:13.961 220- This is a government Computer System and is the property of the
< 2022-09-20 16:27:13.961 220-State of . Users have no expectation of privacy. Use
< 2022-09-20 16:27:13.961 220- of this computer system is subject to monitoring or other review
< 2022-09-20 16:27:13.961 220- by the government operator or others. Unauthorized or improper
< 2022-09-20 16:27:13.961 220-use of this system may result in administrative disciplinary action
< 2022-09-20 16:27:13.961 220- and civil and criminal penalties.
< 2022-09-20 16:27:13.961 220-
< 2022-09-20 16:27:13.961 220- Use of this system constitutes consent to monitoring.
< 2022-09-20 16:27:13.961 220 Connection will close if idle for more than 5 minutes.
> 2022-09-20 16:27:13.961 AUTH TLS
< 2022-09-20 16:27:14.058 234 Security environment established - ready for negotiation
. 2022-09-20 16:27:14.271 Verifying certificate for "Executive Office of the State of " with fingerprint 4f:e2:a5:81:dc:22:58:ef:5f:b9:8c:1e:19:ba:41:db:b0:70:ff:57 and 19 failures
. 2022-09-20 16:27:14.271 Asking user:
. 2022-09-20 16:27:14.271 **The server's certificate is not known. You have no guarantee that the server is the computer you think it is.**
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Server's certificate details follow:
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Issuer:
. 2022-09-20 16:27:14.271 - Organization: DigiCert Inc, DigiCert Global G2 TLS RSA SHA256 2020 CA1
. 2022-09-20 16:27:14.271 - Location: US
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Subject:
. 2022-09-20 16:27:14.271 - Organization: Executive Office of the State of , sccb.its.state.nc.us
. 2022-09-20 16:27:14.271 - Location: US, ,
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Valid: 5/25/2022 12:00:00 AM - 6/25/2023 11:59:59 PM
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Fingerprint (SHA-1): 4f:e2:a5:81:dc:22:58:ef:5f:b9:8c:1e:19:ba:41:db:b0:70:ff:57
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Summary: Self-signed certificate in certificate chain. The error occurred at a depth of 3 in the certificate chain.
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Certificate was not issued for this server. You might be connecting to a server that is pretending to be "yyy.yy.yy.yy.yy".
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 If you trust this certificate, press Yes. To connect without storing certificate, press No. To abandon the connection press Cancel.
. 2022-09-20 16:27:14.271
. 2022-09-20 16:27:14.271 Continue connecting and store the certificate? ()
. 2022-09-20 16:27:17.451 Using TLSv1.2, cipher TLSv1/SSLv3: DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA, DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
. 2022-09-20 16:27:17.452 TLS connection established. Waiting for welcome message...
> 2022-09-20 16:27:17.452 USER AXXXXXX
< 2022-09-20 16:27:17.479 331 Send password please.
> 2022-09-20 16:27:17.479 PASS ********
< 2022-09-20 16:27:17.547 230 AXXXXXX is logged on. Working directory is "AXXXXXX.".
> 2022-09-20 16:27:17.547 SYST
. 2022-09-20 16:27:17.571 Server is known not to support LIST -a
< 2022-09-20 16:27:17.571 215 MVS is the operating system of this server. FTP Server is running on z/OS.
> 2022-09-20 16:27:17.571 FEAT
< 2022-09-20 16:27:17.594 211- Extensions supported
< 2022-09-20 16:27:17.594 UTF8
< 2022-09-20 16:27:17.595 LANG en*
< 2022-09-20 16:27:17.595 AUTH TLS
< 2022-09-20 16:27:17.595 PBSZ
< 2022-09-20 16:27:17.595 PROT
< 2022-09-20 16:27:17.595 211 End
> 2022-09-20 16:27:17.595 OPTS UTF8 ON
< 2022-09-20 16:27:17.619 501 command OPTS aborted -- no options supported for UTF8
> 2022-09-20 16:27:17.619 PBSZ 0
< 2022-09-20 16:27:17.644 200 Protection buffer size accepted
> 2022-09-20 16:27:17.644 PROT P
< 2022-09-20 16:27:17.667 200 Data connection protection set to private
. 2022-09-20 16:27:17.667 Connected
. 2022-09-20 16:27:17.668 --------------------------------------------------------------------------
. 2022-09-20 16:27:17.668 Using FTP protocol.
. 2022-09-20 16:27:17.668 Doing startup conversation with host.
> 2022-09-20 16:27:17.669 PWD
< 2022-09-20 16:27:17.694 257 "'AXXXXXX.'" is working directory.
. 2022-09-20 16:27:17.694 Getting current directory name.
. 2022-09-20 16:27:17.694 Startup conversation with host finished.
< 2022-09-20 16:27:17.695 Script: Active session: [1] AXXXXXX#yyy.yy.yy.yy.yy
> 2022-09-20 16:27:17.696 Script: ASCII
< 2022-09-20 16:27:17.696 Script: transfer ascii
> 2022-09-20 16:27:17.697 Script: cd /
. 2022-09-20 16:27:17.697 Changing directory to "/".
> 2022-09-20 16:27:17.697 CWD /
< 2022-09-20 16:27:17.722 250 HFS directory / is the current working directory
. 2022-09-20 16:27:17.722 Getting current directory name.
> 2022-09-20 16:27:17.722 PWD
< 2022-09-20 16:27:17.744 257 "/" is the HFS working directory.
< 2022-09-20 16:27:17.744 Script: /
> 2022-09-20 16:27:17.745 Script: cd 'AAAA.BBB.CCCC.DDDDD'
. 2022-09-20 16:27:17.745 Changing directory to "'AAAA.BBB.CCCC.DDDDD'".
> 2022-09-20 16:27:17.745 CWD 'AAAA.BBB.CCCC.DDDDD'
< 2022-09-20 16:27:17.776 250 "AAAA.BBB.CCCC.DDDDD." is the working directory name prefix.
. 2022-09-20 16:27:17.776 Getting current directory name.
> 2022-09-20 16:27:17.776 PWD
< 2022-09-20 16:27:17.801 257 "'AAAA.BBB.CCCC.DDDDD.'" is working directory.
< 2022-09-20 16:27:17.801 Script: /'AAAA.BBB.CCCC.DDDDD.'
> 2022-09-20 16:27:17.802 Script: put D:\TEST4.TXT TEST4.TXT
. 2022-09-20 16:27:17.802 Copying 1 files/directories to remote directory "/'AAAA.BBB.CCCC.DDDDD.'" - total size: 51
. 2022-09-20 16:27:17.802 PrTime: Yes; PrRO: No; Rght: rw-r--r--; PrR: No (No); FnCs: N; RIC: 0100; Resume: S (102400); CalcS: No; Mask: TEST4.TXT
. 2022-09-20 16:27:17.802 TM: A; ClAr: No; RemEOF: No; RemBOM: No; CPS: 0; NewerOnly: No; EncryptNewFiles: Yes; ExcludeHiddenFiles: No; ExcludeEmptyDirectories: No; InclM: ; ResumeL: 0
. 2022-09-20 16:27:17.802 AscM: *.*html; *.htm; *.txt; *.php; *.php3; *.cgi; *.c; *.cpp; *.h; *.pas; *.bas; *.tex; *.pl; *.js; .htaccess; *.xtml; *.css; *.cfg; *.ini; *.sh; *.xml
. 2022-09-20 16:27:17.802 File: 'D:\TEST4.TXT' [2022-09-20T04:00:00.000Z] [51]
. 2022-09-20 16:27:17.803 Copying "D:\TEST4.TXT" to remote directory started.
. 2022-09-20 16:27:17.803 Ascii transfer mode selected.
. 2022-09-20 16:27:17.803 Starting upload of D:\TEST4.TXT
> 2022-09-20 16:27:17.803 TYPE A
< 2022-09-20 16:27:17.826 200 Representation type is Ascii NonPrint
> 2022-09-20 16:27:17.826 PASV
< 2022-09-20 16:27:17.849 227 Entering Passive Mode (207,192,33,30,195,118)
> 2022-09-20 16:27:17.849 STOR TEST4.TXT
. 2022-09-20 16:27:17.849 Connecting to 207.192.33.30:50038 ...
< 2022-09-20 16:27:17.936 125 Storing data set AAAA.BBB.CCCC.DDDDD.TEST4.TXT
. 2022-09-20 16:27:17.959 Session ID reused
. 2022-09-20 16:27:17.960 Using TLSv1.2, cipher TLSv1/SSLv3: DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA, DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
. 2022-09-20 16:27:17.961 TLS connection established
< 2022-09-20 16:27:18.005 250 Transfer completed successfully.
. 2022-09-20 16:27:18.005 Upload successful
. 2022-09-20 16:27:18.006 Transfer done: 'D:\TEST4.TXT' => '/'AAAA.BBB.CCCC.DDDDD.'/TEST4.TXT' [51]
. 2022-09-20 16:27:18.006 Copying finished: Transferred: 51, Elapsed: 0:00:00, CPS: 653/s
> 2022-09-20 16:27:18.006 Script: bye
. 2022-09-20 16:27:18.006 Script: Exit code: 0
. 2022-09-20 16:27:18.011 Disconnected from server
Related
Is it possible to authenticate to a remote Git repository using the default windows credentials non interactively?
My remote Git repository is hosted by the on premises TFS server. There are two ways to access its content:
Using TFS Restful API - https://learn.microsoft.com/en-us/rest/api/vsts/git/items/get?view=vsts-rest-4.1
Using native git client, e.g. the git clone command
To use the Restful API one can use the powershell Invoke-RestMethod command with the -UseDefaultCredentials and it works fine, no questions asked.
With git clone, however, I have no idea how to use the default credentials. The manager credential helper does not use them. When used for the first time it asks for the credentials.
So, the options I see are:
There an alternative git client, maybe with a limited functionality, but good enough to run clone that can use the default windows credentials.
There is a credential helper for windows that can use the default windows credentials.
There is an askpass implementation for windows that can use the default windows credentials.
The problem is that I could not find anything on the web that implements any of these options.
Edit 1
The approach suggested in https://github.com/git-for-windows/git/wiki/FAQ#how-do-i-access-a-repository-hosted-on-a-microsoft-team-foundation-server-inside-a-windows-domain does not seem to work. Please, observe:
C:\xyz\DevOps> $GitApiUrl
http://tfsserver:8080/tfs/DefaultCollection/code/_apis/git/repositories/MyConfigData
C:\xyz\DevOps> $ProjectName
dev_smoketest56oc
C:\xyz\DevOps> Test-Path .\params.json
False
C:\xyz\DevOps> Invoke-RestMethod -Uri "$GitApiUrl/items?path=$ProjectName.json&api-version=4.1" -UseDefaultCredentials -OutFile params.json
C:\xyz\DevOps> Test-Path .\params.json
True
As you can see the Restful API works without asking for credentials. Now let us try git clone:
C:\xyz\DevOps> $env:GIT_TRACE=1
C:\xyz\DevOps> git clone http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp a
09:13:21.405748 exec-cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/bin
09:13:21.406249 git.c:415 trace: built-in: git clone http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp a
Cloning into 'a'...
09:13:21.430369 run-command.c:637 trace: run_command: git remote-http origin http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp
09:13:21.459149 exec-cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
09:13:21.460654 git.c:654 trace: exec: git-remote-http origin http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp
09:13:21.460654 run-command.c:637 trace: run_command: git-remote-http origin http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp
09:13:21.481711 exec-cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
09:13:21.539575 run-command.c:637 trace: run_command: 'git credential-manager erase'
09:13:21.642660 exec-cmd.c:236 trace: resolved executable dir: C:/Program Files/Git/mingw64/libexec/git-core
09:13:21.644162 git.c:654 trace: exec: git-credential-manager erase
09:13:21.644162 run-command.c:637 trace: run_command: git-credential-manager erase
fatal: Authentication failed for 'http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp/'
C:\xyz\DevOps> $env:GIT_TRACE=0
C:\xyz\DevOps>
Authentication failed.
Edit 2
On the bash console:
$ GIT_CURL_VERBOSE=1
$ curl -v --ntlm -u : http://tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp -o 1.html 2> out.txt
$ curl -v --ntlm -u : http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp -o 2.html 2> out2.txt
The files 1.html and 2.html seem to represent the web page of the repository as in the browser, so both curl commands are successful.
The output files out.txt and out2.txt are very similar, the differences are in timestamps, guids and crypto strings. So, here is out.txt (I took the liberty to remove empty lines and scrub a few strings):
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 192.168.17.155...* TCP_NODELAY set* Connected to tfsserver (192.168.17.155) port 8080 (#0)* Server auth using NTLM with user ''> GET /tfs/DefaultCollection/code/_git/MyApp HTTP/1.1
> Host: tfsserver:8080
> Authorization: NTLM ***SCRUBBED***
> User-Agent: curl/7.60.0
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Type: text/html; charset=us-ascii
< Server: Microsoft-HTTPAPI/2.0
< WWW-Authenticate: NTLM ***SCRUBBED***
< Date: Thu, 15 Nov 2018 23:07:58 GMT
< Content-Length: 341
<
* Ignoring the response-body{ [341 bytes data]
100 341 100 341 0 0 642 0 --:--:-- --:--:-- --:--:-- 642* Connection #0 to host tfsserver left intact* Issue another request to this URL: 'http://tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp'* Found bundle for host tfsserver: 0x4116f20 [can pipeline]* Re-using existing connection! (#0) with host tfsserver* Connected to tfsserver (192.168.17.155) port 8080 (#0)* Server auth using NTLM with user ''> GET /tfs/DefaultCollection/code/_git/MyApp HTTP/1.1
> Host: tfsserver:8080
> Authorization: NTLM ***SCRUBBED***
> User-Agent: curl/7.60.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Cache-Control: no-cache, no-store, must-revalidate
< Pragma: no-cache
< Content-Type: text/html; charset=utf-8
< Expires: -1
< Server: Microsoft-IIS/8.5
< X-TFS-ProcessId: e5b67424-832f-468b-8787-c7c05aef5396
< ActivityId: 50f62941-8163-4ee9-9c2b-81359ca72838
< X-TFS-Session: 50f62941-8163-4ee9-9c2b-81359ca72838
< X-VSS-E2EID: 50f62941-8163-4ee9-9c2b-81359ca72838
< X-FRAME-OPTIONS: SAMEORIGIN
< X-VSS-UserData: 34be4ed8-c4fd-4e9f-bdae-d1843df36b0f:mkharitonov
< X-AspNetMvc-Version: 4.0
< X-AspNet-Version: 4.0.30319
< Set-Cookie: __RequestVerificationToken_L3Rmcw2=***SCRUBBED***; path=/; HttpOnly
< Set-Cookie: __RequestVerificationToken27563503a-8c73-4ee0-8930-e1f466b255f5=***SCRUBBED***; path=/; HttpOnly
< Persistent-Auth: true
< X-Powered-By: ASP.NET
< P3P: CP="CAO DSP COR ADMa DEV CONo TELo CUR PSA PSD TAI IVDo OUR SAMi BUS DEM NAV STA UNI COM INT PHY ONL FIN PUR LOC CNT"
< Lfs-Authenticate: NTLM
< X-Content-Type-Options: nosniff
< Date: Thu, 15 Nov 2018 23:07:58 GMT
< Content-Length: 120608
<
{ [183 bytes data]
100 117k 100 117k 0 0 167k 0 --:--:-- --:--:-- --:--:-- 167k* Connection #0 to host tfsserver left intact
I cannot verify it to the end, but probably you should set http.emptyAuth to true in config (command git config --global http.emptyAuth true). At least after setting it my git 2.19.1.windows.1 has sent a Authorization: Negotiate ... header to a server which advertises this protocol. Bottom line: git config --global http.emptyAuth true Does it if LFS is not in the picture. If LFS is involved, then prepend the host name with :#, e.g. http://:#tfsserver:8080/tfs/DefaultCollection/code/_git/MyApp
WinSCP - Rename file in a directory, where listing/browsing is forbidden
I'm moving to using WinSCP.com over FTP.exe due to it's capabilities of being able to use PASSIVE mode. I have started to convert my FTP script to WinSCP and noticed something that is happening and I don't have a solution for. Current script - (ftpcommands.txt) open ftp://user:pass#ftp.host.com/ cd / put -transfer=binary "C:\Users\username\Desktop\test folder\myfile.7z.uploading" mv "myfile.7z.uploading" "myfile.7z" bye Calling it from console window Bin\WinSCP.com /script="ftpcommands.txt" /ini=nul Console window results Connecting to ftp.host.com ... Connected Starting the session... Session started. Active session: [1] user#ftp.host.com / myfile.7z.uploading | 193 KB | 754.8 KB/s | binary | 100% Can't get attributes of file 'myfile.7z.uploading'. Could not retrieve file information Permission denied. WinSCP log file (when using the /log=winscp.log switch) . 2018-08-09 13:09:43.432 -------------------------------------------------------------------------- . 2018-08-09 13:09:43.432 WinSCP Version 5.13.3 (Build 8565) (OS 10.0.17134 - Windows 10 Enterprise) . 2018-08-09 13:09:43.432 Configuration: nul . 2018-08-09 13:09:43.432 Log level: Normal . 2018-08-09 13:09:43.432 Local account: GALAXY\username . 2018-08-09 13:09:43.432 Working directory: C:\Users\username\Desktop\test folder . 2018-08-09 13:09:43.432 Process ID: 30844 . 2018-08-09 13:09:43.432 Command-line: "C:\Users\username\Desktop\test folder\Bin\WinSCP.exe" /console=5.13.3 /consoleinstance=_18928_436 "/script=Logs\ftpcommands.txt" "/ini=nul" "/log=winscp.log" . 2018-08-09 13:09:43.432 Time zone: Current: GMT-4, Standard: GMT-5 (Eastern Standard Time), DST: GMT-4 (Eastern Daylight Time), DST Start: 3/11/2018, DST End: 11/4/2018 . 2018-08-09 13:09:43.510 Login time: Thursday, August 9, 2018 1:09:43 PM . 2018-08-09 13:09:43.510 -------------------------------------------------------------------------- . 2018-08-09 13:09:43.510 Script: Retrospectively logging previous script records: > 2018-08-09 13:09:43.510 Script: open ftp://user:***#ftp.host.com/ . 2018-08-09 13:09:43.510 -------------------------------------------------------------------------- . 2018-08-09 13:09:43.510 Session name: user#ftp.host.com (Ad-Hoc site) . 2018-08-09 13:09:43.510 Host name: ftp.host.com (Port: 21) . 2018-08-09 13:09:43.510 User name: user (Password: Yes, Key file: No, Passphrase: No) . 2018-08-09 13:09:43.510 Transfer Protocol: FTP . 2018-08-09 13:09:43.510 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec . 2018-08-09 13:09:43.510 Disable Nagle: No . 2018-08-09 13:09:43.510 Proxy: None . 2018-08-09 13:09:43.510 Send buffer: 262144 . 2018-08-09 13:09:43.510 UTF: Auto . 2018-08-09 13:09:43.510 FTPS: None [Client certificate: No] . 2018-08-09 13:09:43.510 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto . 2018-08-09 13:09:43.510 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes . 2018-08-09 13:09:43.510 Cache directory changes: Yes, Permanent: Yes . 2018-08-09 13:09:43.510 Recycle bin: Delete to: No, Overwritten to: No, Bin path: . 2018-08-09 13:09:43.510 Timezone offset: 0h 0m . 2018-08-09 13:09:43.510 -------------------------------------------------------------------------- . 2018-08-09 13:09:43.510 Connecting to ftp.host.com ... . 2018-08-09 13:09:43.573 Connected with ftp.host.com. Waiting for welcome message... < 2018-08-09 13:09:43.588 220-Welcome < 2018-08-09 13:09:43.588 220- < 2018-08-09 13:09:43.588 220-Company FTP Server > 2018-08-09 13:09:43.588 USER user < 2018-08-09 13:09:43.620 331 Password required for user > 2018-08-09 13:09:43.620 PASS **** < 2018-08-09 13:09:43.635 230 Logged on > 2018-08-09 13:09:43.635 SYST < 2018-08-09 13:09:43.651 215 UNIX emulated by FileZilla > 2018-08-09 13:09:43.651 FEAT < 2018-08-09 13:09:43.682 211-Features: < 2018-08-09 13:09:43.682 MDTM < 2018-08-09 13:09:43.698 REST STREAM < 2018-08-09 13:09:43.698 SIZE < 2018-08-09 13:09:43.698 MLST type*;size*;modify*; < 2018-08-09 13:09:43.698 MLSD < 2018-08-09 13:09:43.698 AUTH SSL < 2018-08-09 13:09:43.698 AUTH TLS < 2018-08-09 13:09:43.698 PROT < 2018-08-09 13:09:43.698 PBSZ < 2018-08-09 13:09:43.698 UTF8 < 2018-08-09 13:09:43.698 CLNT < 2018-08-09 13:09:43.698 MFMT < 2018-08-09 13:09:43.698 EPSV < 2018-08-09 13:09:43.698 EPRT < 2018-08-09 13:09:43.698 211 End > 2018-08-09 13:09:43.698 CLNT WinSCP-release-5.13.3 < 2018-08-09 13:09:43.698 200 Don't care > 2018-08-09 13:09:43.698 OPTS UTF8 ON < 2018-08-09 13:09:43.713 202 UTF8 mode is always enabled. No need to send this command. . 2018-08-09 13:09:43.713 Connected . 2018-08-09 13:09:43.713 -------------------------------------------------------------------------- . 2018-08-09 13:09:43.713 Using FTP protocol. . 2018-08-09 13:09:43.713 Doing startup conversation with host. > 2018-08-09 13:09:43.713 PWD < 2018-08-09 13:09:43.729 257 "/" is current directory. . 2018-08-09 13:09:43.729 Getting current directory name. . 2018-08-09 13:09:43.729 Startup conversation with host finished. < 2018-08-09 13:09:43.729 Script: Active session: [1] user#ftp.host.com > 2018-08-09 13:09:43.746 Script: cd / . 2018-08-09 13:09:43.746 Changing directory to "/". > 2018-08-09 13:09:43.746 CWD / < 2018-08-09 13:09:43.767 250 CWD successful. "/" is current directory. . 2018-08-09 13:09:43.767 Getting current directory name. > 2018-08-09 13:09:43.767 PWD < 2018-08-09 13:09:43.787 257 "/" is current directory. < 2018-08-09 13:09:43.787 Script: / > 2018-08-09 13:09:43.787 Script: put -transfer=binary "C:\Users\username\Desktop\test folder\myfile.7z.uploading" . 2018-08-09 13:09:43.787 Copying 1 files/directories to remote directory "/" - total size: 198,017 . 2018-08-09 13:09:43.787 PrTime: Yes; PrRO: No; Rght: rw-r--r--; PrR: No (No); FnCs: N; RIC: 0100; Resume: S (102400); CalcS: No; Mask: . 2018-08-09 13:09:43.787 TM: B; ClAr: No; RemEOF: No; RemBOM: No; CPS: 0; NewerOnly: No; InclM: ; ResumeL: 0 . 2018-08-09 13:09:43.787 AscM: *.*html; *.htm; *.txt; *.php; *.php3; *.cgi; *.c; *.cpp; *.h; *.pas; *.bas; *.tex; *.pl; *.js; .htaccess; *.xtml; *.css; *.cfg; *.ini; *.sh; *.xml . 2018-08-09 13:09:43.787 File: 'C:\Users\username\Desktop\test folder\myfile.7z.uploading' [2018-08-09T15:41:57.040Z] [198017] . 2018-08-09 13:09:43.787 Copying "C:\Users\username\Desktop\test folder\myfile.7z.uploading" to remote directory started. . 2018-08-09 13:09:43.787 Binary transfer mode selected. . 2018-08-09 13:09:43.787 Starting upload of C:\Users\username\Desktop\test folder\myfile.7z.uploading > 2018-08-09 13:09:43.787 TYPE I < 2018-08-09 13:09:43.803 200 Type set to I > 2018-08-09 13:09:43.803 PASV < 2018-08-09 13:09:43.818 227 Entering Passive Mode (1,2,3,4,17,147) > 2018-08-09 13:09:43.818 STOR myfile.7z.uploading . 2018-08-09 13:09:43.818 Connecting to 1.2.3.4:4499 ... < 2018-08-09 13:09:43.865 150 Opening data channel for file upload to server of "/myfile.7z.uploading" < 2018-08-09 13:09:44.084 226 Successfully transferred "/myfile.7z.uploading" > 2018-08-09 13:09:44.084 MFMT 20180809154157 myfile.7z.uploading < 2018-08-09 13:09:44.100 550 Permission denied . 2018-08-09 13:09:44.100 Upload successful . 2018-08-09 13:09:44.100 Transfer done: 'C:\Users\username\Desktop\test folder\myfile.7z.uploading' => '/myfile.7z.uploading' [198017] . 2018-08-09 13:09:44.100 Copying finished: Transferred: 198,017, Elapsed: 0:00:00, CPS: 776,209/s > 2018-08-09 13:09:44.100 Script: mv "myfile.7z.uploading" "myfile.7z" . 2018-08-09 13:09:44.100 Listing file "myfile.7z.uploading". . 2018-08-09 13:09:44.100 Retrieving file information... > 2018-08-09 13:09:44.100 MLST /myfile.7z.uploading < 2018-08-09 13:09:44.131 550 Permission denied. . 2018-08-09 13:09:44.131 Could not retrieve file information < 2018-08-09 13:09:44.131 Script: Can't get attributes of file 'myfile.7z.uploading'. < 2018-08-09 13:09:44.131 Could not retrieve file information < 2018-08-09 13:09:44.131 Permission denied. . 2018-08-09 13:09:44.131 Script: Failed . 2018-08-09 13:09:44.131 Script: Exit code: 1 . 2018-08-09 13:09:44.131 Disconnected from server I can connect to the FTP server, login, send the single file. That part works great. Then after I send the file I was hoping to get a 226 Successfully transferred message shown to my console window. Instead I have a message showing the following... Can't get attributes of file 'MyFileName.txt'. I have my FTP server set up in a way that the only access rights given are... Write Delete There are no type of read or list rights given to the user. The idea is to have this script blindly dump a file to the FTP server, check that the FTP server returns a successful 226 message and then blindly rename the file once it has been uploaded. Everything works great with FTP.exe but for some reason I can't get it to work for WinSCP.com. So this leaves me with two questions... Is it possible to show the actual server responses when using WinSCP.com? Is it possible to turn off the way WinSCP.com trys to read things like attributes and file information after an upload?
You cannot prevent WinSCP from checking file before doing rename. But as you have hinted yourself, you can workaround it using WinSCP call command and FTP commands RNFR and RNTO: call RNFR myfile.7z.uploading call RNTO myfile.7z As for the MFMT, WinSCP uses that to update a timestamp of the uploaded file. If that fails, WinSCP silently ignores the error. But if you want to avoid having the error in the log file, just use -nopreservetime switch of the put command.
Gulp Vinyl FTP ECONNRESET error after FEAT command
I am attempting to use the gulp-vinyl-ftp plugin to upload to a remote site.
gulp.task("deploy", ["default"], function () {
var conn = ftp.create({
host: "mywebsite",
user: "****",
password: "******",
// secure: true,
timeOffset: -301,
parallel: 1,
debug: gutil.log
});
var globs = [
"distr/**/*.php",
"!out/vendor/**",
"!out/config.php",
"out/**/*.map",
"out/**/*.css",
"out/**/*.js"
];
return gulp.src(globs)
.pipe(conn.newer("/")).pipe(debug({ title: "Deploy New: " }))
});
However, I am receiving the following error:
events.js:182
throw er; // Unhandled 'error' event
^
Error: read ECONNRESET
at exports._errnoException (util.js:1016:11)
at TCP.onread (net.js:609:25)
The debug output is as follows:
[08:37:28] [connection] < '220 Microsoft FTP Service\r\n'
[08:37:28] [parser] < '220 Microsoft FTP Service\r\n'
[08:37:28] [parser] Response: code=220, buffer='Microsoft FTP Service'
[08:37:28] [connection] > 'USER xxx'
[08:37:29] [connection] < '331 Password required\r\n'
[08:37:29] [parser] < '331 Password required\r\n'
[08:37:29] [parser] Response: code=331, buffer='Password required'
[08:37:29] [connection] > 'PASS xxxx'
[08:37:29] [connection] < '230 User logged in.\r\n'
[08:37:29] [parser] < '230 User logged in.\r\n'
[08:37:29] [parser] Response: code=230, buffer='User logged in.'
[08:37:29] [connection] > 'FEAT'
It ends there.
However, I can connect just fine through WinSCP.
. 2017-11-08 08:36:24.161 Connecting to mywebsite ...
. 2017-11-08 08:36:24.192 Connected with mywebsite. Waiting for welcome message...
< 2017-11-08 08:36:24.285 220 Microsoft FTP Service
> 2017-11-08 08:36:24.285 USER xxxx
< 2017-11-08 08:36:24.379 331 Password required
> 2017-11-08 08:36:25.861 PASS ********
< 2017-11-08 08:36:25.970 230 User logged in.
> 2017-11-08 08:36:25.970 SYST
. 2017-11-08 08:36:26.064 The server is probably running Windows, assuming that directory listing timestamps are affected by DST.
< 2017-11-08 08:36:26.064 215 Windows_NT
> 2017-11-08 08:36:26.064 FEAT
< 2017-11-08 08:36:26.157 211-Extended features supported:
< 2017-11-08 08:36:26.157 LANG EN*
< 2017-11-08 08:36:26.157 UTF8
< 2017-11-08 08:36:26.157 AUTH TLS;TLS-C;SSL;TLS-P;
< 2017-11-08 08:36:26.157 PBSZ
< 2017-11-08 08:36:26.157 PROT C;P;
< 2017-11-08 08:36:26.157 CCC
< 2017-11-08 08:36:26.157 HOST
< 2017-11-08 08:36:26.157 SIZE
< 2017-11-08 08:36:26.157 MDTM
< 2017-11-08 08:36:26.157 REST STREAM
< 2017-11-08 08:36:26.157 211 END
> 2017-11-08 08:36:26.157 OPTS UTF8 ON
< 2017-11-08 08:36:26.251 200 OPTS UTF8 command successful - UTF8 encoding now ON.
. 2017-11-08 08:36:26.298 Connected
I have tried both the IP address and domain name in the host field, commenting out the the timeOffset and parallel options.
I am not sure where to go from here honestly; any advice would be appreciated.
Thanks.
You will find lot of posts about IIS mysteriously (and inconsistently) closing a connection after receiving FEAT command. I have not found any definitive solution, but working workaround seems to be to deny the FEAT command (if Gulp can handle that). In IIS manager, go to FTP > FTP Request Filtering > Commands tab > Actions > Deny command and type FEAT. See also Microsoft FTP fails to connect after the client requests the list of features (FEAT).
Ruby FTP not working with IIS FTP server
I have a ruby script that uploads a file via FTP.
I tested this with a LINUX server and the upload was working well.
But when I changed the upload destination to the production server which is a Windows Server 2012 R2 running IIS, I got the following error message:
A Connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. - connect<2> <Errno::ETIMEDOUT>
I do however find the connection in the FTPlog:
2015-01-28 10:48:55 12.34.56.78 - 87.65.43.21 21 ControlChannelOpened - - 0 0 0 0 0
2015-01-28 10:48:55 12.34.56.78 - 87.65.43.21 21 USER .... 331 0 0 23 17 0
2015-01-28 10:48:55 12.34.56.78 WIN-0CFF8VSL25E\.... 87.65.43.21 21 PASS *** 230 0 0 21 15 94
2015-01-28 10:48:55 12.34.56.78 WIN-0CFF8VSL25E\.... 87.65.43.21 21 TYPE I 200 0 0 20 8 0
2015-01-28 10:48:55 12.34.56.78 WIN-0CFF8VSL25E\.... 87.65.43.21 21 PASV - 227 0 0 50 6 0
2015-01-28 10:49:16 - WIN-0CFF8VSL25E\.... 87.65.43.21 49994 DataChannelClosed - - 0 0 0 0 0
2015-01-28 10:49:16 12.34.56.78 WIN-0CFF8VSL25E\.... 87.65.43.21 21 ControlChannelClosed - - 0 0 141 46 21469
I am doing almost the same task with a batch script today, using windows native ftp cli, and this works fine.
Here is the ruby code:
require "net/ftp"
require "rubygems"
require "zip"
puts "Copying data"
FileUtils.cp("...", "...")
folder = "C:\\..."
input_filenames = ['...']
zipfile_name = "C:\\...\\....zip"
puts "Compressing data"
Zip::File.open(zipfile_name, Zip::File::CREATE) do |zipfile|
input_filenames.each do |filename|
zipfile.add(filename, folder + '\\' + filename)
end
end
progress = 0.0;
file_size = File.size(zipfile_name)
NET::FTP.debug_mode = true
puts "Uploading data:"
ftp = Net::FTP.new('12.34.56.78','xxx','xxx')
ftp.debug_mode = true
ftp.read_timeout = 10000
ftp.passive = true
ftp.putbinaryfile('C:\\...\\....zip', '....zip') do |data|
progress = progress.to_f+data.length.to_f
print "\rProgress: " + ((progress/file_size)*100).round(2).to_s + "%"
end
ftp.close()
puts "\nUpload completed!"
I am assuming there is no problem in the script, since it was working fine with a different server. What I am assuming it is, is a difference in how IIS' FTP server handles/responds to connections vs how vsftpd handles them.
Any suggestions to how to fix this?
I set passive to false and that solved my problem.
PureFtpd passive port range doesn't deliver listening address to client
I'm trying to configure my pureftpd behind the firewall to act as a passive ftp/TLS server. Acting machines: Server: 192.168.3.220 (internal network, default route to the router at 192.168.3.1) Configuration: pureftpd with PassivePorts 64000 64300, MasqueradeAddress ww.xx.yy.zz (this one is configured on router) Router: internal: 192.168.3.1, DNAT rule (PREROUTING chain) ww.xx.yy.zz tcp/21,64000:64300 NATed to address 192.168.3.220, FORWARD chain accepting these packets both directions. Client1: external server with fixed public IP Client2: NATed machine somewhere - on 192.168.5.x network Scenario1: - Client1: connect OK, login OK, command 'ls': gets OK, after PASV: ---> PASV GNUTLS: REC[0x28ecce0]: Sending Packet[9] Application Data(23) with length: 6 GNUTLS: REC[0x28ecce0]: Sent Packet[10] Application Data(23) with length: 37 GNUTLS: ASSERT: gnutls_buffers.c:322 GNUTLS: ASSERT: gnutls_buffers.c:322 GNUTLS: REC[0x28ecce0]: Expected Packet[9] Application Data(23) with length: 65536 GNUTLS: REC[0x28ecce0]: Received Packet[9] Application Data(23) with length: 64 GNUTLS: REC[0x28ecce0]: Decrypted Packet[9] Application Data(23) with length: 31 <--- 200 Protection set to Private ---> LIST ---> ABOR Interesting thing: 227 from server, which I see in paranoid log from pureftpd, I don't see on the client - only the 200 Protection set to Private ...waits cca 30sec and reconnects using ACTIVE(!!) mode -> ls Scenario2: - using Client2 (sorry for czech locales): ---> USER xxxxxx <--- 331 Password required for xxxxxx ---> PASS XXXX <--- 230 User xxxxxx logged in ---> PWD <--- 230 Ls oi a:2013-01-03 21:19:00 ---> PBSZ 0 <--- 257 "/" is the current directory ---> PROT P <--- 200 PBSZ 0 successful ---> PASV <--- 200 Protection set to Private ---> LIST ---> ABOR ---- Přerušený datový socket bude uzavřen (means closing data socket) ---- Řídicí socket bude uzavřen (means closing control socket) ---- Pasivní režim bude vypnut (means Passive will be turned off) ---- dns cache hit ---- Navazuje se spojení na ftp1.xxxxxxxxx.cz (ww.xx.yy.zz) port 21 <--- 220 ww.xx.yy.zz FTP server ready ... ---> USER xxxxxx <--- 331 Password required for xxxxxx ---> PASS XXXX <--- 230 User xxxxxx logged in ---> PWD <--- 230 Ls oi a:2013-01-03 21:19:22 ---> PBSZ 0 <--- 257 "/" is the current directory ---> PROT P <--- 200 PBSZ 0 successful ---> PORT 192,168,5,xx,185,136 <--- 200 Protection set to Private ---> LIST <--- 500 Illegal PORT command ---- Closing data socket ---> QUIT ls: Nepřekonatelná chyba: 500 Illegal PORT command <--- 425 Unable to build data connection: Connection refused iptables on the NAT machine don't increase my accounting counters on ports 64000:64300, so I expect there's no passive connection made at all.
So... the real problem was the second 230 reply: ---> PWD <--- 230 Ls oi a:2013-01-03 21:19:22 This is a known issue of the PureFTPd 1.3.3a (default debian squeeze) The solution was to compile PureFTPd from wheezy (1.3.4a-2), now everything works fine. Thank you all, who tried to figure out what's going on. Tldv