Page 3 of 3

Re: The handshake failed due to un unexpected packet format

Posted: Wed Apr 11, 2018 9:12 am
by Dinant
mcrossley wrote:OK, unless you are getting the exception I don't think it was picking up the new file.

I had a quick look this morning, I don't think MX can be made to use an updated DLL without MX being recompiled - because the public key of the assembly will change (or be removed ;) )when I compile it. :(
I think you are right.
In the first test I've replaced the dll when MX was running. Now I see that is not a stable situation.

Re: The handshake failed due to un unexpected packet format

Posted: Sun May 27, 2018 5:16 pm
by Dinant
My provider has disabled TLS 1.0 again. So I have added an external ftp script which uses WinSCP.
First you have to install WinSCP.
Then add 2 files ftp2web.bat and ftp2web.txt to the Cumulus directory.

<cumulus-directory>\ftps2web.bat:

Code: Select all

"<winscp-install-directory>\WinSCP.com" /script=<cumulus-directory>\ftps2web.txt /log=<cumulus-directory>\ftps2web.log
<cumulus-directory>\ftps2web.txt (example with upload of 4 files):

Code: Select all


open ftps://<user>:<password>@<ftp-server>:21 -explicit -passive=on -rawsettings MinTlsVersion=11 MaxTlsVersion=12

put D:\Cumulus\extra\clientrawhourT.txttmp <upload-directory>/clientrawhour.txt
put D:\Cumulus\extra\monthlyrecordT.jstmp  <upload-directory>/monthlyrecord.js
put D:\cumulus\extra\webtagsT.jsontmp      <upload-directory>/webtags.json
put D:\Cumulus\realtime.txt                <upload-directory>/realtime.txt

exit
Change in the Cumulus MX config:
Under Settings, Internet settings, External programs you have to add ftps2web.bat

Under Settings, Extra web files: you can disable the checkboxes for all files in the FTP column.

If the FTPS script runs it creates a log file ftp2weg.log in the Cumulus directory. If everything is running fine you can remove the /log option from the WinSCP command line because the logfile can grow very quick.

Re: The handshake failed due to un unexpected packet format

Posted: Wed Jul 25, 2018 5:34 pm
by david3
I just ran into this same issue after my ftp server was upgraded from vsftpd v2.2.2 to vsftpd v3.0.2 (which came with the upgrade from CentOS 6 to CentOS 7).

with v2.2.2 my vsftpd.conf had

Code: Select all

ssl_tlsv1_2=YES
with v3.0.2 I kept getting the error in ftplog.txt

Code: Select all

There is stale data on the socket, maybe our connection timed out. Re-connecting.
I found to fix it, I had to add this to vsftpd.conf

Code: Select all

ssl_tlsv1=YES
Actually, I enabled 1.0, 1.1, and 1.2 just in case the higher version is supported in the future.

Code: Select all

ssl_tlsv1=YES
ssl_tlsv1_1=YES
ssl_tlsv1_2=YES
But it's TLS v1.0 that seems to be required by CumulusMX, which I guess is being deprecated and discouraged due to some security issues. I'm guessing the newer version of vsftpd disables it by default whereas the older version didn't.

Anyway, I'm thinking TLS v1.0 is still better than plain old unencrypted ftp. And it is working.

Re: The handshake failed due to un unexpected packet format

Posted: Wed Jul 25, 2018 8:06 pm
by mcrossley
Yes, TLS 1.0 has been considered insecure for some time now. All sites should really be using 1.2.

Re: The handshake failed due to un unexpected packet format

Posted: Thu Jul 26, 2018 12:38 pm
by david3
Yes... To be clear, it's only the ftp server that requires TLS 1.0 (for CumulusMX ftps uploading).

Re: The handshake failed due to un unexpected packet format

Posted: Wed Sep 12, 2018 8:23 pm
by Dinant
I have disabled the FTP upload by disabling the following options:
Enable realtime FTP
Realtime.txt FTP
Realtimegauges.txt FTP

But I still get "Error connecting ftp - The handshake failed due to an unexpected packet format." in the MXDIAG file every 5 minutes.
In the ftplog.txt is says:

Code: Select all

2018-09-12 22:15:00.653 Connecting to ftp.xxx.nl
220 ::ffff:xxx.xxx.xxx.xxx FTP server ready
AUTH TLS
234 AUTH TLS successful
Disposing FtpClient object...
There is stale data on the socket, maybe our connection timed out. Re-connecting.
Not sending QUIT because the connection has already been closed.
Disposing FtpSocketStream...
How to disable the FTP upload completely?

Re: The handshake failed due to un unexpected packet format

Posted: Thu Sep 13, 2018 8:15 am
by steve
Disable 'auto update' in the internet settings.

Re: The handshake failed due to un unexpected packet format

Posted: Fri Sep 14, 2018 7:33 am
by Dinant
Disable 'auto update' in the internet settings.
Yes, but then all files are not updated anymore. I want all files being updated but no ftp from within Cumulus.
The FTP upload of Cumulus is being rejected by my internet provider.
I have to upload the files with my own script (FTP with TLS 1.2).

Re: The handshake failed due to un unexpected packet format

Posted: Fri Sep 14, 2018 9:23 am
by steve
Remove your ftp server details from the config.