views:

231

answers:

2

Hi,

I'm trying to understand how SSL works. In my wish to make a small FTP client which supports SSL I've run into some problems:

TcpClient FtpConnection = new TcpClient(FtpServer, FtpPort);
NetworkStream FtpStream = FtpConnection.GetStream();
StreamReader FtpReader = new StreamReader(FtpStream);
FtpWriter = new StreamWriter(IrcStream);
send_cmd("AUTH SSL");

send_cmd is just a FtpWriter.WriteLine(text); FtpWriter.Flush(); function.

My "problem" is this: First I need to make a (non-ssl) connection to the FTP, then tell it to do a ssl connection (AUTH SSL), and I would guess I then need to make a new connection - something like:

TcpClient client = new TcpClient(FtpServer, FtpPort);
SslStream sslStream = new SslStream(client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null);
try
{
    sslStream.AuthenticateAsClient("foobar");
}
catch (AuthenticationException e)
{
    MessageBox.Show("Authentication failed - closing the connection.");
    client.Close();
    return;
}

Taken from msdn. I keep dying on handshake failed due to unexpected packet format (which I've tried googling, but all say it's because the author has connected to a wrong port), which I take as: The connection is not ssl until AUTH SSL is send to it. So my question is, how would i go about making this a "hybrid" connection so I can make an SSL connection to the server?

Any help is greatly appreciated!

A: 

http://ftps.codeplex.com/

This project contains every pieces you need.

Lex Li
A: 

Using a library like that is the opposite of what I wanted. Since I found so few hits when searching the web, I'll post what I figured out: Building a C# ftp client is basically like so:

TcpClient blabla = new TcpClient("some.host", 21);
NetworkStream blabla_stream = blabla.GetStream();
StreamReader unsecure_reader = new StreamReader(blabla_stream);
StreamWriter blabla_writer = new StreamWriter(blabla_stream);
blabla_writer.WriteLine("AUTH SSL");
string response = "";
while ((response = unsecure_reader.ReadLine()) != null)
{
   if (response.Substring(0,3) == "234")
   {
       SslStream ssl_connection = new SslStream(blabla.GetStream(), false, new RemoteCertificateValidationCallback(validate_certificate), null);
       ssl_connection.AuthenticateAsClient("");
       StreamReader ssl_stream = new StreamReader(ssl_connection);
       ftp_writer = new StreamWriter(ssl_connection);
   }
}

where validate_certificate is a function based on msdn's (you can google it and mod it easily yourself).

For more info see RFC 4217 and 2228.

Chuck