Connection Timeout Disconnects using Zehon FTP - coldfusion

I am using the Zehon FTP utility on a ColdFusion 9 server. When I am FTP'ing files, it creates one directory, transfers about 16 files, then gives the message :
com.zehon.exception.FileTransferException: org.apache.commons.vfs.FileSystemException: Could not connect to FTP server on "ftpservername.com".
Here's the code:
<cfscript>
//FTP server information
host = "#getSiteList.TMS_FTPADDRESS#";
username = "#getSiteList.TMS_USERNAME#";
password = "#getSiteList.TMS_PASSWORD#";
/* sendingFolder = Folder whose content is to be uploaded recursively
* to the FTP server.
*/
sendingFolder = "#local_Folder#";
/* Forward slash / = root dir of FTP server.
* if you wish to FTP to privateDir under the root, for example,
* then set destFolder to "/privateDir"
*/
destFolder = "/#parent_Folder#";
FTP = createObject("java", "com.zehon.ftp.FTP");
thisBatchTransferProgressDefault= createObject("java", "com.zehon.BatchTransferProgressDefault").init();
FileTransferStatus = createObject("java", "com.zehon.FileTransferStatus");
try {
status = FTP.sendFolder(sendingFolder, destFolder, thisBatchTransferProgressDefault, host, username, password);
if(FileTransferStatus.SUCCESS is status){
writeOutput(sendingFolder & " got ftp-ed successfully to folder " & destFolder);
}
else if(FileTransferStatus.FAILURE is status){
writeOutput("Failed to ftp to folder " & destFolder);
}
} catch (any e) {
writeOutput(e.message);
}
</cfscript>
I tried this on two different servers and the same issue. If I use FileZilla or CFFTP, I can transfer all my files (CFFTP is having issues creating subfolders, which is why I moved away from that, and we want our customers to use their web app to FTP files, not a client). Has anyone else experience this? If so, was a solution discovered? Thanks

Related

Poco::Net::HTTPRequest is unable to resolve host

I have written a code in poco c++ library that is supposed to send a request to the server to get some data. The is running from inside a docker container. And I am getting a "hostname not resolved" error. The sample code is as follow
//initialize session
Poco::SharedPtr<InvalidCertificateHandler> ptrCert = new AcceptCertificateHandler(false);
_ptrContext = new Context(Context::TLSV1_2_CLIENT_USE, "", "", "", Context::VERIFY_RELAXED, 9, false, "ALL:!ADH:!LOW:!EXP:!MD5:#STRENGTH");
_ptrContext->enableSessionCache(true);
// Disable SSL versions 2 & 3 and TLS versions 1.0 & 1.1
_ptrContext->disableProtocols(Poco::Net::Context::PROTO_SSLV2 | Poco::Net::Context::PROTO_SSLV3 | Poco::Net::Context::PROTO_TLSV1 | Poco::Net::Context::PROTO_TLSV1_1);
SSLManager::instance().initializeClient(0, ptrCert, _ptrContext);
_httpsession_secure = new HTTPSClientSession(_hostname, _port);
//build request
Poco::Net::HTTPRequest req(Poco::Net::HTTPRequest::HTTP_POST, uri, Poco::Net::HTTPMessage::HTTP_1_1);
req.setContentLength(http_body.length());
req.setContentType("application/x-www-form-urlencoded");
// Send request
std::ostream &os = _httpsession_secure->sendRequest(req);
os << http_body;
// Wait for response
Poco::Net::HTTPResponse res;
std::istream &rs = _httpsession_secure->receiveResponse(res);
I have run a curl command as the CMD entry in the docker container, and the command is executing properly and giving the result. so that means the host is accessible inside the container. When I execute the code inside the container, it is failing. So I am surely missing something in the code. Please guide.
As per your answer to a my question in the comments, you are using:
_httpsession_secure = new HTTPSClientSession(_hostname, _port);
where _hostname is of the form to https://somehost.somedomain.
This is wrong, you must not pass an URI there, you just have to pass the domain name.
_hostname = "somehost.somedomain";
_httpsession_secure = new HTTPSClientSession(_hostname, _port);

520 Error everytime I run my code behind Cloudflare

I keep getting a 520 error when trying to load s3 files via my code. It all works fine locally but when I upload the changes to my production server which is behind cloudflare I get a 520 error. Im using IIS 7.5 with asp classic code, here is my test page which is call everytime I want to download a file from s3.
https://www.gbca.org.au/aws_test.asp?fileID=9450&hash=688254C6503507FDDF8CF5D5CD113212&type=pam
It doesnt make sense and cloudflare doesnt provide any error messages.
' #########################################
function downloadFile()
Server.ScriptTimeout = 30000
set http = Server.CreateObject("Chilkat_9_5_0.Http")
http.UnlockComponent("BLUESIHttp_MHoP0vyTTL3e")
http.AwsAccessKey = AWS_ACCESS_KEY
http.AwsSecretKey = AWS_SECRET
if bucketType = "not-secure" then
http.AwsEndpoint = "s3.ap-southeast-1.amazonaws.com"
http.AwsRegion = "ap-southeast-1"
bucketLocale = AWS_BUCKET_ASIA
else
http.AwsEndpoint = "s3.ap-southeast-2.amazonaws.com"
http.AwsRegion = "ap-southeast-2"
bucketLocale = AWS_BUCKET_SECURE
end if
s3FileBytes = http.S3_DownloadBytes(bucketLocale, objectName)
If (http.LastMethodSuccess <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode(http.LastErrorText) & "</pre>"
Response.End
End If
'response.write("AWS_BUCKET_ASIA: " & AWS_BUCKET_ASIA & "<br />")
'response.write("objectName: " & objectName& "<br />")
'response.write("s3FileBytes: " & ubound(s3FileBytes) & "<br />")
''response.write("s3FileBytes: " & filetype & "<br />")
''response.end()
Response.Clear
Response.AddHeader "Pragma", "no-cache"
Response.AddHeader "Content-Disposition", "attachment; filename=""" & filename & """"
Response.AddHeader "Content-Length", ubound(s3FileBytes)
Response.AddHeader "Connect", "close"
Response.ContentType = filetype
Response.BinaryWrite s3FileBytes
set AWS = nothing
'-- log the file access
'SQLLine = "INSERT INTO download_history (fileID, who, etc) VALUES (" & fileID & ")"
'DBCC.execute(SQLLine)
end function
https://www.gbca.org.au/aws_test.asp?fileID=9450&hash=688254C6503507FDDF8CF5D5CD113212&type=pam
Error 520 is essentially a catch-all response when something unexpected happens or when the origin server incorrectly interprets or does not tolerate a request due to a protocol violation or an empty response.
Besides reviewing your server logs, I recommend contacting Cloudflare support to review logs on their end as well. Unless you're on Enterprise Plan and explicitly requested to enable 100% logs, keep in mind they only keep 1% anonymized sampled logs for a limited time, so the logs might not be available if you contact them too late.
I've seen cases where nginx error upstream prematurely closed connection while reading response header from upstream was observed, upstream in this case means the origin server. This indicates that the origin server or the path along which it travelled was having issues during this period which caused Cloudflare to generate those 520 errors. Correlating the timestamp with your server's logs will give you better picture as to what the root cause could possibly be.

APNS issue with django

I'm using the following project for enabling APNS in my project:
https://github.com/stephenmuss/django-ios-notifications
I'm able to send and receive push notifications on my production app fine, but the sandbox apns is having strange issues which i'm not able to solve. It's constantly not connecting to the push service. When I do manually the _connect() on the APNService or FeedbackService classes, I get the following error:
File "/Users/MyUser/git/prod/django/ios_notifications/models.py", line 56, in _connect
self.connection.do_handshake()
Error: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert handshake failure')]
I tried recreating the APN certificate a number of times and constantly get the same error. Is there anything else i'm missing?
I'm using the endpoints gateway.push.apple.com and gateway.sandbox.push.apple.com for connecting to the service. Is there anything else I should look into for this? I have read the following:
Apns php error "Failed to connect to APNS: 110 Connection timed out."
Converting PKCS#12 certificate into PEM using OpenSSL
Error Using PHP for iPhone APNS
Turns out Apple changed ssl context from SSL3 to TLSv1 in development. They will do this in Production eventually (not sure when). The following link shows my pull request which was accepted into the above project:
https://github.com/stephenmuss/django-ios-notifications/commit/879d589c032b935ab2921b099fd3286440bc174e
Basically, use OpenSSL.SSL.TLSv1_METHOD if you're using python or something similar in other languages.
Although OpenSSL.SSL.SSLv3_METHOD works in production, it may not work in the near future. OpenSSL.SSL.TLSv1_METHOD works in production and development.
UPDATE
Apple will remove SSL 3.0 support in production on October 29th, 2014 due to the poodle flaw.
https://developer.apple.com/news/?id=10222014a
I have worked on APN using python-django, for this you need three things URL, PORT and Certificate provided by Apple for authentication.
views.py
import socket, ssl, json, struct
theCertfile = '/tmp/abc.cert' ## absolute path where certificate file is placed.
ios_url = 'gateway.push.apple.com'
ios_port = 2195
deviceToken = '3234t54tgwg34g' ## ios device token to which you want to send notification
def ios_push(msg, theCertfile, ios_url, ios_port, deviceToken):
thePayLoad = {
'aps': {
'alert':msg,
'sound':'default',
'badge':0,
},
}
theHost = ( ios_url, ios_port )
data = json.dumps( thePayLoad )
deviceToken = deviceToken.replace(' ','')
byteToken = deviceToken.decode('hex') # Python 2
theFormat = '!BH32sH%ds' % len(data)
theNotification = struct.pack( theFormat, 0, 32, byteToken, len(data), data )
# Create our connection using the certfile saved locally
ssl_sock = ssl.wrap_socket( socket.socket( socket.AF_INET, socket.SOCK_STREAM ), certfile = theCertfile )
ssl_sock.connect( theHost )
# Write out our data
ssl_sock.write( theNotification )
# Close the connection -- apple would prefer that we keep
# a connection open and push data as needed.
ssl_sock.close()
Hopefully this would work for you.

How to use NSS with Jetty?

I am trying to setup Jetty to use NSS as its cryptographic engine. I have gotten it to the point where the server starts BUT any client that tries to connect seems to hang in the browser.
The setup process / code I am following is as follows (32-bit Windows 1.6 JVM).
NSS Database Creation
modutil.exe -create -dbdir C:\nssdb
modutil.exe -create -fips true -dbdir C:\nssdb
modutil.exe -create -changepw "NSS FIPS 140-2 Certificate DB" -dbdir C:\nssdb
Load NSS into Java
String config = "name = NSS\n";
config += "nssLibraryDirectory = C:\\nss\\lib\n";
config += "nssSecmodDirectory = C:\\nssdb\n";
config += "nssDbMode = readWrite\n";
config += "nssModule = fips";
InputStream stream = new ByteArrayInputStream(config.getBytes("UTF-8"));
Provider nss = new sun.security.pkcs11.SunPKCS11(stream);
Security.addProvider(nss);
int sunJssePosition = -1;
int currentIndex = 0;
for (Provider provider : Security.getProviders()) {
if ("SunJSSE".equals(provider.getName())) {
sunJssePosition = currentIndex + 1;
break;
}
currentIndex++;
}
Security.removeProvider("SunJSSE");
Provider sunJsse = new com.sun.net.ssl.internal.ssl.Provider(nss);
if (sunJssePosition == -1) {
Security.addProvider(sunJsse);
} else {
Security.insertProviderAt(sunJsse, sunJssePosition);
}
NSS Self Sign Certificate Generation
C:\nss\bin\certutil.exe -S -n 127.0.0.1 -x -t "u,u,u" -s "CN=127.0.0.1, OU=Foo, O=Bar, L=City, ST=NY, C=US" -m 25001 -d C:\nssdb
Jetty Startup
KeyStore ks = KeyStore.getInstance("PKCS11");
ks.load(null, "SuperSecret");
//Start setting up Jetty
Server server = new Server();
SslContextFactory sslContextFactory = new SslContextFactory();
//sslContextFactory.setKeyStoreProvider("SunPKCS11-NSS");
sslContextFactory.setKeyStore(ks);
//sslContextFactory.setKeyStorePassword(new String("SuperSecret"));
SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory);
sslConnector.setPort(443);
server.addConnector(sslConnector);
WebAppContext context = new WebAppContext();
//Blah Blah Blah, setup Jetty
server.setHandler(context);
server.start();
server.join();
Any ideas?
Edit: This seems extremely odd but I can access the server using Internet Explorer just fine. Firefox seems to be the one having an issue.
I have solved the issue. It turns out there are severe bugs in the Java 6 SSL implementation. The solution? Switch to Java 7!

Interaction between C++ and Rails applications

I have two applications: c++ service and a RoR web server (they are both running at same VPS)
I need to "send" some variables (and then do something with them) from each other. For exaple, i'm looking for something like this:
// my C++ sample
void SendMessage(string message) {
SendTo("127.0.0.1", message);
}
void GetMessage(string message) {
if (message == "stop")
SendMessage("success");
}
# Ruby sample
# application_controller.rb
def stop
#m = Messager.new
#m.send("stop")
end
I have never used it before, and i even don't know which technology should i search and learn.
Ok, i have found the solution. Its TCP sockets:
Ruby TCP server, to send messages:
require 'socket'
server = TCPServer.open(2000)
loop {
Thread.start(server.accept) do |client|
client.puts(Time.now.ctime)
client.puts "Closing the connection. Bye!"
client.close
end
}
Ruby client, to accept messages:
require 'socket'
host = 'localhost'
port = 2001 # it should be running server, or it will be connection error
s = TCPSocket.open(host, port)
while line = s.gets
puts line.chop
end
s.close
Now you should write TCP-server+client in another application. But you have got the idea.