Topic: SSL_connect fail

When we use Wolfssl for FTPS, we find that the second socket connection fails. When the client sends client Hello, the server simply replies with an ACK. The current test found that this server and VSFTP will have this phenomenon, other servers (such as Filezilla) can be successful. We also tested MBED SSL, which was successfully connected. Do you have friends who have encountered similar problems?

The attachment is the simulated FTPS code under Linux, and the address of the server is test rebex. net:990(195.144.107.198:990).

gcc c.c -o C -lwolfssl       ./C 195.144.107.198 990

Post's attachments

c.c 12.73 kb, 3 downloads since 2021-12-11 

You don't have the permssions to download the attachments of this post.

Share

Re: SSL_connect fail

Could you share the wolfSSL configuration? Also a log and pcap is very useful in determining why a connection is failing. If you'd prefer to keep this information private, please feel free to open a support ticket by emailing support @ wolfssl.com

Re: SSL_connect fail

We have no special configuration. In Ubuntu, clone Wolfssl-5.0.0 and then make and make install. Finally, running c.c will find that the second socket connection failed.

On the forum, I found a question almost identical to mine:https://www.wolfssl.com/forums/topic1626-ftps-data-port-failure.html.
His solution seemed to be to switch servers.

Post's attachments

test.pcapng 10.85 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.

Share

Re: SSL_connect fail

The connection is successful using the Windows tool (normal.pcapng) and the encryption algorithm is 0xC014. When set in c.c (wolfSSL_CTX_set_cipher_list(CTX, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA")) still fails (test2.pcapng).

Post's attachments

normal.pcapng 15.51 kb, 1 downloads since 2021-12-14 

You don't have the permssions to download the attachments of this post.

Share

Re: SSL_connect fail

fail 2 test2.pcapng

Share

Re: SSL_connect fail

Your last message did not attach a pcap file

fail 2 test2.pcapng

Re: SSL_connect fail

fail 2 test2.pcapng

Post's attachments

test2.pcapng 9.92 kb, 1 downloads since 2021-12-15 

You don't have the permssions to download the attachments of this post.

Share

Re: SSL_connect fail

Please try only creating a new SSL object, instead of a new CTX and SSL. Here is an example:
https://github.com/wolfSSL/wolfssl-exam … tls-perf.c

Re: SSL_connect fail

Following this step, the second socket still failed, the phenomenon is the same as before. CTX = SSL_CTX_new is called only once, and SSL_2 = SSL_new is called twice.

Post's attachments

test3.pcapng 10.5 kb, 1 downloads since 2021-12-21 

You don't have the permssions to download the attachments of this post.

Share