EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Connection failed (error code is 75797)

Also by EldoS: Callback File System
Create virtual file systems and disks, expose and manage remote data as if they were files on the local disk.
#25136
Posted: 05/31/2013 16:00:49
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

I'm evaluating WebDAVBlackbox and testing an https connection with the WebDavClient_VS2012 sample project. The very first time I run it and login, I see the root WebDAV folder, however accessing that folder and each time after I get the following error at "WebDavClient.List(ObjList);"

Connection failed (error code is 75797)

followed by

Connection error 96258 (error code is 96258)

The code works fine with http.

Any ideas where I can start looking?
#25137
Posted: 05/31/2013 16:14:50
by Ken Ivanov (EldoS Corp.)

Thank you for contacting us.

Error 75797 is an SSL error (namely, ERROR_SSL_INTERNAL_ERROR), which is reported if SSL/TLS conversation goes wrong for unexpected reason. Could you please capture a call stack inside the DoError() event handler and post it here?
#25138
Posted: 05/31/2013 17:27:49
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

Attached, please let me know if you need more info.


[ Download ]
#25139
Posted: 05/31/2013 19:27:51
by Ken Ivanov (EldoS Corp.)

Thank you. According to the stack trace, it's the server side where the error comes from. Apparently, the server does not like something in the session parameters. Please try to adjust the following properties of the TElHTTPSWebDAVClient object before connecting to the server:

1. Tune up SSL versions:

HTTPSClient.Versions = SBSSLConstants.Unit.sbSSL3 | SBSSLConstants.Unit.sbTLS1;

2. Restrict the cipher suite set:

Code
for (int i = SBSSLConstants.Unit.SB_SUITE_FIRST; i <= SBSSLConstants.Unit.SB_SUITE_LAST; i++)
{
    HTTPSClient.set_CipherSuites(i, false);
}
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_RC4_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_DES_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_3DES_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_RSA_AES128_SHA, true);
HTTPSClient.set_CipherSuites(SBSSLConstants.Unit.SB_SUITE_DHE_RSA_3DES_SHA, true);


3. Turn off SSL session resumption:

HTTPSClient.UseSSLSessionResumption = false;


If this doesn't help, please check whether OnCertificateValidate event is fired when you attempt to access the folder (there's already a method that handles it in the code, you only have to put a breakpoint there). This will let us know on what connection stage the server comes up with the error.
#25140
Posted: 05/31/2013 20:11:27
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

I tried adjusting the properties with no luck. The OnCertificateValidate event does fire.
If I wait a while and connect I will see the root directory, but then either accessing a folder/file or logging in a second time will throw the error. I also captured the network traffic and see this,

TLSv1 Record Layer: Encrypted Alert
Content Type: Alert (21)
Version: TLS 1.0 (0x0301)
#25147
Posted: 06/01/2013 14:06:04
by Ken Ivanov (EldoS Corp.)

Thank you very much for checking. This means that my original assumption was wrong. Still, I suggest that we proceed with the restricted configuration for a while just to exclude compatibility issues. Two questions to follow:

1) Did you have a chance to check if other (third-party) WebDAV clients do work correctly with the server?

2) Could you please now switch HTTPSClient.UseSSLSessionResumption to true and check if it changes anything?
#25149
Posted: 06/01/2013 14:44:35
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

Yes, I tested with BitKinex and it worked fine. I switched UseSSLSessionResumption to true and makes no difference.
#25150
Posted: 06/01/2013 16:35:11
by Eugene Mayevski (EldoS Corp.)

Is there a chance for us to have access to that server for testing? If yes, we'll move the question to HelpDesk (private support channel) where you can provide the information we might need to access the server. This will let us experiment with the server and try to find the reason rather quickly. Without access it would be hard to guess, what exactly the server might not like.


Sincerely yours
Eugene Mayevski
#25151
Posted: 06/01/2013 16:55:30
by Keefer (Standard support level)
Joined: 05/31/2013
Posts: 5

Sure, lets do that.
#25152
Posted: 06/01/2013 17:03:19
by Eugene Mayevski (EldoS Corp.)

Thank you, I've moved the question to the helpdesk. I think we'll have a chance to reproduce the problem tomorrow evening or on Monday (I'll try to look at it tomorrow).


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 1675 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!