Results 1 to 4 of 4

Thread: 12.04.2 LTS vsftpd, SSL Fails. Worked on 10.04.3 LTS

  1. #1
    Join Date
    Dec 2011
    Beans
    16

    12.04.2 LTS vsftpd, SSL Fails. Worked on 10.04.3 LTS

    I have two computers, one amd64 with vsftpd and one PPC client on a private network. Both are minimal fresh installs.

    Everything worked under 10.04.3. Installed vsftpd on PPC also has connection issues from non-encrypted clients trying to connect with the error 'wrong password' in the log of the client device. I have read several threads where others have had vsftpd issues under 12.04 but none of those fixes have worked for me.

    Any help would be great! Thanks.

    vsftpd.conf

    Code:
    ssl_enable=YES
    implicit_ssl=NO
    require_ssl_reuse=NO
    rsa_cert_file=/etc/test/server.pem
    rsa_private_key_file=/etc/test/server.key
    listen=YES
    write_enable=YES
    dirmessage_enable=NO
    xferlog_enable=YES
    connect_from_port_20=YES
    local_enable=YES
    chroot_local_user=YES
    secure_chroot_dir=/var/run/vsftpd/empty
    vsftpd_log_file=/var/log/vsftpd.log
    anonymous_enable=NO
    pam_service_name=vsftpd
    dual_log_enable=YES
    log_ftp_protocol=YES
    debug_ssl=YES
    xferlog_std_format=NO
    From PPC log

    Net-FTPSSL Version: 0.21


    Code:
    Perl: 5.014002  [5.14.2],  OS: linux
    
    
    Server (port): 192.168.2.109 (21)
    
    
    Keys: (Debug), (Encryption), (Port), (Timeout)
    Values: (1), (E), (21), (30)
    
    
    SKT <<< 220 (vsFTPd 2.3.5)
    SKT >>> AUTH TLS
    SKT <<< 234 Proceed with negotiation.
    >>> USER +++++++
    <<< 331 Please specify the password.
    >>> PASS *******
    <<+ 555 Unexpected EOF on command channel socket:
    >>> QUIT
    Can't write command on socket: Connection reset by peer at /opt/testmonitor/modules//testFTPS.pm line 152 thread 2
    From vsftpd.log

    Code:
    Thu Feb 28 16:08:54 2013 [pid 2] CONNECT: Client "192.168.2.103"
    Thu Feb 28 16:08:54 2013 [pid 2] FTP response: Client "192.168.2.103", "220 (vsFTPd 2.3.5)"
    Thu Feb 28 16:08:54 2013 [pid 2] FTP command: Client "192.168.2.103", "AUTH TLS"
    Thu Feb 28 16:08:54 2013 [pid 2] FTP response: Client "192.168.2.103", "234 Proceed with negotiation."
    Thu Feb 28 16:08:54 2013 [pid 2] DEBUG: Client "192.168.2.103", "SSL version: TLSv1/SSLv3, SSL cipher: DES-CBC3-SHA, not reused, no cert"
    Thu Feb 28 16:08:54 2013 [pid 2] FTP command: Client "192.168.2.103", "USER test"
    Thu Feb 28 16:08:54 2013 [pid 2] [test] FTP response: Client "192.168.2.103", "331 Please specify the password."
    Thu Feb 28 16:08:54 2013 [pid 2] [test] FTP command: Client "192.168.2.103", "PASS <password>"
    Thu Feb 28 16:08:54 2013 [pid 1] [test] OK LOGIN: Client "192.168.2.103"


    TestFTPS.pm

    Code:
    1  #!/usr/bin/perl -w
    2  
    3  #================================================================================
    4  # TestFTP over SSL module.
    5  #---------------------------------------------------------------------
    6  #
    7  # 
    8  # 
    9  #
    10 #================================================================================
    11 
    12 use strict;
    13 
    14 package TestFTPS;
    15 
    16 use Net::FTPSSL;
    17 use File::Basename;
    18 use File::Spec;
    19 use threads;
    20 use Thread::Queue;
    21 use JSON;
    22 
    23 my($filename, $installPath, $suffix) = fileparse(File::Spec->rel2abs( __FILE__ ));
    24 my @dirs = File::Spec->splitdir($installPath);
    25 my $installationPath = File::Spec->catdir(@dirs[0..$#dirs-2])."/";
    26 
    27 #non-core modules
    28 use TestLog;
    29 
    30 sub new {
    31 	my $type = shift;
    32 
    33 	#I'm turning the array of inputs into a hash, called parameters.
    34 	my %params = @_;	
    35 
    36 	my $log;
    37 	if(defined $params{log}) {
    38 		$log = $params{log};
    39 	}
    40 	else {
    41 		$log = TestLog->new(level=>1, filename=>$installationPath.'logs/Test_ftps.log');
    42 	}
    43 	
    44 	my $self = {
    45 		log		 => $log,
    46 		host		=> 'localhost',
    47 		port		=> 21,
    48 		user		=> 'user',
    49 		pass		=> 'pass',	
    50 		queue_ftp   => Thread::Queue->new(),
    51 		queue_out   => Thread::Queue->new(),
    52 	};
    53 	
    54 	bless $self;
    55 	return $self;
    56 }
    57 
    58 sub run {
    59 	my $self=shift;
    60 	$self->{log}->logStatus("FTP: creating ftp thread...");
    61 	my $worker = threads->create(\&work, $self);
    62 	$worker->detach();
    63 	
    64 	$self->{log}->logStatus("FTP: ftp thread created");
    65 }
    66 
    67 sub work {
    68 	my $self = shift;
    69 	my $tself = threads->self();
    70 	my $tid  = $tself->tid();
    71 	
    72 	$self->{log}->logStatus("FTP: FTP tid=$tid started");
    73 	
    74 	my $ok=1;
    75 	while( defined( my $msg = $self->{queue_ftp}->dequeue() ) )
    76 	{
    77 	$ok=1;
    78 		$self->{log}->logStatus("FTP: FTP request: \n$msg");
    79 	my $body = from_json($msg);
    80 	my $host=$body->{HOST}?$body->{HOST}:$self->{host};
    81 	my $port=$body->{PORT}?$body->{PORT}:$self->{port};
    82 	my $user=$body->{USER}?$body->{USER}:$self->{user};
    83 	my $pass=$body->{PASS}?$body->{PASS}:$self->{pass};
    84 	
    85 		$self->{log}->logStatus("FTP: Connecting to FTP on $host:$port");
    86 		my $ftps = Net::FTPSSL->new($host, Port=>$port, Encryption => EXP_CRYPT, Debug => 1, Timeout => 30);
    87 		if($ftps)
    88 		{
    89 			$self->{log}->logStatus("FTP: FTP Logging in");
    90 			if($ftps->login($user, $pass))
    91 			{
    92 		$ok=1;
    93 				my($rfile, $rdir, $rsuf) = fileparse($body->{DST});
    94 		$rdir='' if($rdir=~/^\.[\\\/]$/);
    95 				my $lfile = $body->{SRC};
    96 				my $id = $body->{FILE_ID};
    97 				
    98 				$self->{log}->logStatus("FTP: Uploading '$lfile' to '$rdir$rfile'");
    99 		if(! -r $lfile)
    100		{
    101			$self->{log}->logError("FTP: Local file '$lfile' is unavailable");
    102			next;
    103		}
    104		
    105		my $create=0;
    106				if($rdir)
    107				{
    108			#make directories
    109			my @dirs = split('/',$rdir);
    110			
    111			foreach my $dir(@dirs)
    112			{
    113			next if($dir eq '');
    114			if(!$create && !$ftps->cwd($dir))
    115			{
    116				$create = 1;
    117				$self->{log}->logStatus("FTP: CWD to '$dir' failed");
    118			}
    119			if($create)
    120			{
    121				$self->{log}->logStatus("FTP: Creating directory '$dir'");
    122				$ftps->mkdir($dir);
    123				if(!$ftps->cwd($dir))
    124				{
    125				$self->{log}->logError("FTP: Can't change directory '$rdir': ".$ftps->last_message);
    126				$ok=0;
    127				last;
    128				}
    129			}
    130			}
    131		}
    132		if($ok)
    133		{
    134			$ftps->binary;
    135			if($ftps->put($lfile, $rfile))
    136			{
    137				$self->{log}->logStatus("FTP: File '$lfile' uploaded");
    138				$self->{queue_out}->enqueue($lfile);
    139			}
    140			else
    141			{
    142				$self->{log}->logError("FTP: Can't put file: ".$ftps->last_message);
    143				$ok=0;
    144			}
    145		}
    146			}
    147			else
    148			{				
    149				$self->{log}->logError("FTP: Can't login: ".$ftps->last_message);
    150				$ok=0;
    151			}
    152			$ftps->quit();
    153		}
    154		else
    155		{
    156			$self->{log}->logError("FTP: Unable to connect to FTPS on $host:$port");
    157			$ok=0;
    158		}
    159	}
    160}
    161
    162#destructor
    163DESTROY {
    164	my $self = shift;
    165	$self->{log}->logStatus("FTP: FTPS has shut down.") if defined($self->{log});
    166}
    167
    1681;
    Last edited by JackPM; March 1st, 2013 at 10:51 PM.

  2. #2
    Join Date
    Sep 2011
    Location
    Behind you!
    Beans
    532
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: 12.04.2 LTS vsftpd, SSL Fails. Worked on 10.04.3 LTS

    I'm not that good at trouble-shooting other peoples setups but I have managed to get vsftpd using SSL working on 12.04. Check my sig for steps on how I did it.

  3. #3
    Join Date
    Dec 2011
    Beans
    16

    Re: 12.04.2 LTS vsftpd, SSL Fails. Worked on 10.04.3 LTS

    Thanks for the reply. I took a look at your guide but nothing jumped out to me unfortunately.

  4. #4
    Join Date
    Dec 2011
    Beans
    16

    Re: 12.04.2 LTS vsftpd, FTPSSL Fails. Worked on 10.04.3 LTS

    Bump.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •