FtpServer
FtpServer copied to clipboard
Published
20 hours ago •
FubarDevelopment
FubarDevelopment
How can i avoid (or handle) exceptions when clients try to connect without TLS (implicit)?
I have FTP with implicit TLS forced configured in this way:
var base64 = configuration.GetValue<string>("FtpsServer:Certificate");
var bytes = Convert.FromBase64String(base64);
var certificate = new X509Certificate2(bytes);
services.Configure<AuthTlsOptions>(options =>
{
options.ServerCertificate = certificate;
options.ImplicitFtps = true;
});
services
.AddSingleton(new ImplicitFtpsControlConnectionStreamAdapterOptions(certificate))
.AddSingleton<IFtpControlStreamAdapter, ImplicitFtpsControlConnectionStreamAdapter>();
// Ensure that PROT and PBSZ commands are working.
services.Decorate<IFtpServer>(
(ftpServer, _) =>
{
ftpServer.ConfigureConnection += (s, e) =>
{
var serviceProvider = e.Connection.ConnectionServices;
var stateMachine = serviceProvider.GetRequiredService<IFtpLoginStateMachine>();
var authTlsMechanism = serviceProvider.GetRequiredService<IEnumerable<IAuthenticationMechanism>>()
.Single(x => x.CanHandle("TLS"));
stateMachine.Activate(authTlsMechanism);
};
return ftpServer;
});
But when a client try to connect without TLS, timeout is produced and an exception is thrown:
System.IO.IOException at FubarDev.FtpServer.Authentication.DefaultSslStreamWrapperFactory+<WrapStreamAsync>d__2.MoveNext
Authentication failed because the remote party has closed the transport stream.
This exception generates a lot of noise... how can i handle this exception?
TBH: I don't have a good idea besides explicitly checking for a given exception, but it seems that - in your case - the client timed out and closed the connection. I'll have to take a look if I can improve the situation.
