"534 Fallback to [C]" after iftp

May 30, 2008
42
0
#4
" after iftp

> Subject: RE: [Support-t-147] " after iftp
Forum software bug?: It thought the [C] in the subject line was another tag
and chopped the subject line.

Original subject line, for reference:


> Subject: [Support-t-147] "534 Fallback to [C]" after iftp
Jonathan Gilbert_
\\\ / / / \ |_) |_/
\\\/ \/ \__/ | \ | \
Software Systems
 
#6
" after iftp

On Tue, 15 Jul 2008 18:16:20 -0500, David Marcus <> wrote:


>TCC: 534 Fallback to [C] "www.ping-pong.biz"
If you google the error message, you'll find it in a number of unrelated places.
I found this explanation at
http://www.tbsoftinc.com/support/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=124

Solution

Such error typically looks like:

COMMAND:> PROT P
534 Fallback to [C]

Some SSL/TLS secure FTP servers don't allow user to do encrypted data transfer
(i.e. initiated by LIST, RETR, STOR, etc), and only allow a secure command
channel. For this reason you need to use non-encrypted data channel when
connecting to these servers. Go to [Site Settings | Security] and select
checkboxes [Clear file data transfer] and [Clear listing data transfer]. Then
reconnect again.
 
#7
Re: " after iftp

On Tue, 15 Jul 2008 18:16:20 -0500, David Marcus <> wrote:

If you google the error message, you'll find it in a number of unrelated places.
I found this explanation at
http://www.tbsoftinc.com/support/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=124

Solution

Such error typically looks like:

COMMAND:> PROT P
534 Fallback to [C]

Some SSL/TLS secure FTP servers don't allow user to do encrypted data transfer
(i.e. initiated by LIST, RETR, STOR, etc), and only allow a secure command
channel. For this reason you need to use non-encrypted data channel when
connecting to these servers. Go to [Site Settings | Security] and select
checkboxes [Clear file data transfer] and [Clear listing data transfer]. Then
reconnect again.
OK. That's interesting. But, FileZilla keeps going after getting that message, while TCC gives up. Here is the FileZilla log:

Status: Resolving IP-Address for www.ping-pong.com
Status: Connecting to 67.205.109.9:21...
Status: Connection established, waiting for welcome message...
Response: 220---------- Welcome to Pure-FTPd [TLS] ----------
Response: 220-You are user number 1 of 50 allowed.
Response: 220-Local time is now 19:57. Server port: 21.
Response: 220-IPv6 connections are also welcome on this server.
Response: 220 You will be disconnected after 15 minutes of inactivity.
Command: AUTH TLS
Response: 234 AUTH TLS OK.
Status: Initializing TLS...
Command: USER ttpion
Status: Verifying certificate...
Status: TLS/SSL connection established.
Response: 331 User ttpion OK. Password required
Command: PASS ************
Response: 230-User ttpion has group access to: ttpion
Response: 230 OK. Current restricted directory is /
Command: SYST
Response: 215 UNIX Type: L8
Command: FEAT
Response: 211-Extensions supported:
Response: EPRT
Response: IDLE
Response: MDTM
Response: SIZE
Response: REST STREAM
Response: MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
Response: MLSD
Response: ESTP
Response: PASV
Response: EPSV
Response: SPSV
Response: ESTA
Response: AUTH TLS
Response: PBSZ
Response: PROT
Response: 211 End.
Command: PBSZ 0
Response: 200 PBSZ=0
Command: PROT P
Response: 534 Fallback to [C]
Status: Connected
Status: Retrieving directory listing...
Command: CWD /public_html
Response: 250 OK. Current directory is /public_html
Command: PWD
Response: 257 "/public_html" is your current location
Command: TYPE I
Response: 200 TYPE is now 8-bit binary
Command: PASV
Response: 227 Entering Passive Mode (67,205,109,9,124,114)
Command: LIST
Response: 150 Accepted data connection
Response: 226-ASCII
Response: 226-Options: -a -l
Response: 226 299 matches total
Status: Calculating timezone offset of server...
Command: MDTM .htaccess
Response: 213 20080616174205
Status: Timezone offsets: Server: -14400 seconds. Local: -14400 seconds. Difference: 0 seconds.
Status: Directory listing successful
 
#8
Re: " after iftp

On Tue, 15 Jul 2008 19:00:55 -0500, David Marcus <> wrote:


>OK. That's interesting. But, FileZilla keeps going after getting that message, while TCC gives up.
"PROT P" asks for "Private" data channel protection level. According to RFC
2228, "FTP Security Extensions", "If the server is not willing to accept the
specified protection level, it should respond with reply code 534".

The "C" in the response refers to the "Clear" data channel protection level.
According to FileZilla's log, the server automatically falls back to the "Clear"
level. The appropriate action on the client's part is not specified. I imagine
it depends on whether the client accepts the reduced protection.

I'm confident Rex will look at it but he's limited to whatever functionality the
IPWorks library which TCC uses exposes to him.