explicit FTP over TLS problem

FTP client for Android handsets.
harrisc
Posts: 6
Joined: Mon Apr 13, 2020 6:06 am
AntiSpam sum: 8

explicit FTP over TLS problem

Post by harrisc »

I just purchased AndFTP Pro and I have a problem

I want to access my website using FTP. I can connect from my Windows 10 PC using Filezilla. In Filezilla I "Require explicit FTP over TLS"

In AndFTP I use FTPS (explicit FTP over TLS/SSL. When logging in I start logging in with "150 Accepted data connection" but then get a message "Connection closed without indication", and cannot proceed.

When contacting my website provider they could only suggest that AndFTP was not TLS 1.2 compliant!

I exported the site data from FileZilla and imported the site data. This entry gave the same results! BTW the destination folder did not import correctly.

Can you suggest how to connect to my website?

Regards

Chris

support
Posts: 853
Joined: Sun Apr 20, 2008 4:40 pm

Re: explicit FTP over TLS problem

Post by support »

AndFTP relies on Android SSLEngine for SSL/TLS support. From the table below it looks it's supported:
https://developer.android.com/reference ... /SSLEngine
Except if you have a very old device.

Are you using Active or Passive mode? Try both.

Maybe the problem is with SSL session re-use?
AndFTP does not support SSL session re-use due to missing low level API to access SSL session.

Options to disable it on server:

harrisc
Posts: 6
Joined: Mon Apr 13, 2020 6:06 am
AntiSpam sum: 8

Re: explicit FTP over TLS problem

Post by harrisc »

I am using a Samsung S7 and a Huaewi MediaPad M5, which I would not call old; they are running Android 8.

On the web server there are no configuration options for SSL session re-use

support
Posts: 853
Joined: Sun Apr 20, 2008 4:40 pm

Re: explicit FTP over TLS problem

Post by support »

Android 8 is fine, it should work.

Is it possible for you to provide a temporary testing account so we could try to reproduce the problem from here? If so then please contact support(at)lysesoft.com

harrisc
Posts: 6
Joined: Mon Apr 13, 2020 6:06 am
AntiSpam sum: 8

Re: explicit FTP over TLS problem

Post by harrisc »

I sent an email with details of temporary ftp account

support
Posts: 853
Joined: Sun Apr 20, 2008 4:40 pm

Re: explicit FTP over TLS problem

Post by support »

Received. Having a look right now.

support
Posts: 853
Joined: Sun Apr 20, 2008 4:40 pm

Re: explicit FTP over TLS problem

Post by support »

I can reproduce the problem.

I would say the problem comes from SSL session re-use setup as mandatory by your hosting provider. Full explanation is detailed in the link below, same problem as you (same FTP server: Pure-FTPd):
http://mail-archives.apache.org/mod_mbo ... an.JIRA%3E

Could you see if you can have this option disabled? If not just move to SFTP (SSH) instead of FTPS and it will work.

support
Posts: 853
Joined: Sun Apr 20, 2008 4:40 pm

Re: explicit FTP over TLS problem

Post by support »

We have a workaround in AndFTP 5.3. We've added TLS data channel option in expert settings. You can setup it to "Clear" instead of "Private". Drop an email to support(at)lysesoft.com to get 5.3 beta.
FTPS_channel.png

harrisc
Posts: 6
Joined: Mon Apr 13, 2020 6:06 am
AntiSpam sum: 8

Re: explicit FTP over TLS problem

Post by harrisc »

I tried the beta. I followed the steps. I set FTS data channel security to Clear. I then saved the setup.

I then tried logon. I get message
227, Entering Passive Mode (xxx.xx. ...)
521. Data connection cannot be oped with this PROT setting.

Any other suggestions?
Chris

support
Posts: 853
Joined: Sun Apr 20, 2008 4:40 pm

Re: explicit FTP over TLS problem

Post by support »

It means your FTPS server settings does not allow Clear data channel and force TLS session reuse.
Too bad ... this workaround works for me with Godaddy.

Do you have SFTP/SSH provided by your hosting server? It would be the solution.

Post Reply