CSID "Forbidden command argument" against ProFTPD Server
Issue in version: WinSCP Version 6.1.2 (Build 13797 2023-09-19)
Previous working version: WinSCP Version 5.13.7 (Build 9125)
We are using WinSCP as a library for FTP and SFTP connections to external vendors. After upgrading to version 6.1.2, one of our vendor connections using FTP started failing with "Forbidden command argument." We traced this to an unexpected disconnect after sending a
Working with the vendor, they reported back to us the command was malformed and sent a link to the IETF spec: https://datatracker.ietf.org/doc/html/draft-peterson-streamlined-ftp-command-extensions-10#section-6
This says in part: "The semicolon following the argument value is required even after the last argument specified."
The
https://github.com/winscp/winscp/blob/master/source/core/FtpFileSystem.cpp#L1842
Maybe ProFTPD is more strict than other FTP servers by default or this vendor has set it to be, but asking them to change their rules will be extremely difficult. Can you advise on a workaround?
Thank you!
Client side session logs:
Previous working version: WinSCP Version 5.13.7 (Build 9125)
We are using WinSCP as a library for FTP and SFTP connections to external vendors. After upgrading to version 6.1.2, one of our vendor connections using FTP started failing with "Forbidden command argument." We traced this to an unexpected disconnect after sending a
CSID
command as part of the initial connection handshake. The previous version we were using, 5.13.7, does not appear to support the CSID
command and so did not send it.
Working with the vendor, they reported back to us the command was malformed and sent a link to the IETF spec: https://datatracker.ietf.org/doc/html/draft-peterson-streamlined-ftp-command-extensions-10#section-6
This says in part: "The semicolon following the argument value is required even after the last argument specified."
The
CSID
command does seem to be formatted without a semicolon following the last argument:
https://github.com/winscp/winscp/blob/master/source/core/FtpFileSystem.cpp#L1842
Maybe ProFTPD is more strict than other FTP servers by default or this vendor has set it to be, but asking them to change their rules will be extremely difficult. Can you advise on a workaround?
Thank you!
Client side session logs:
. 2023-10-25 10:51:37.436 -------------------------------------------------------------------------- . 2023-10-25 10:51:37.436 WinSCP Version 6.1.2 (Build 13797 2023-09-19) (OS 10.0.19044 – Windows 10 Enterprise) . 2023-10-25 10:51:37.437 Configuration: C:\Temp\WinSCP\6.1.2\WinSCP.ini . 2023-10-25 10:51:37.437 Log level: Debug 2, Logging passwords . 2023-10-25 10:51:37.437 Local account: user_account . 2023-10-25 10:51:37.437 Working directory: C:\Temp\WinSCP\6.1.2 . 2023-10-25 10:51:37.437 Process ID: 27196 . 2023-10-25 10:51:37.459 Ancestor processes: explorer, ... . 2023-10-25 10:51:37.460 Command-line: "C:\Temp\WinSCP\6.1.2\WinSCP.exe" . 2023-10-25 10:51:37.460 Time zone: Current: GMT-5, Standard: GMT-6 (Central Standard Time), DST: GMT-5 (Central Daylight Time), DST Start: 3/12/2023, DST End: 11/5/2023 . 2023-10-25 10:51:37.460 Login time: Wednesday, October 25, 2023 10:51:37 AM . 2023-10-25 10:51:37.460 -------------------------------------------------------------------------- . 2023-10-25 10:51:37.460 Session name: 0126@XX.XX.XX.XX (Ad-Hoc site) . 2023-10-25 10:51:37.460 Host name: XX.XX.XX.XX (Port: 21) . 2023-10-25 10:51:37.460 User name: 0126 (Password: XXXXXXXX, Key file: No, Passphrase: No) . 2023-10-25 10:51:37.460 Transfer Protocol: FTP . 2023-10-25 10:51:37.460 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec . 2023-10-25 10:51:37.460 Disable Nagle: No . 2023-10-25 10:51:37.460 Proxy: None . 2023-10-25 10:51:37.460 Send buffer: 262144 . 2023-10-25 10:51:37.460 UTF: Auto . 2023-10-25 10:51:37.460 FTPS: None [Client certificate: No] . 2023-10-25 10:51:37.460 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto . 2023-10-25 10:51:37.460 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes . 2023-10-25 10:51:37.460 Cache directory changes: Yes, Permanent: Yes . 2023-10-25 10:51:37.460 Recycle bin: Delete to: No, Overwritten to: No, Bin path: . 2023-10-25 10:51:37.460 Timezone offset: 0h 0m . 2023-10-25 10:51:37.460 -------------------------------------------------------------------------- . 2023-10-25 10:51:37.528 Connecting to 0126@XX.XX.XX.XX ... . 2023-10-25 10:51:37.528 Connection pending . 2023-10-25 10:51:37.528 Connected with XX.XX.XX.XX. Waiting for welcome message... . 2023-10-25 10:51:37.528 Read 391 bytes < 2023-10-25 10:51:37.528 220-Tous les accès au système sont vérifiés et enregistrés. < 2023-10-25 10:51:37.528 L'utilisation de ce service et répertoire est réservée à l'utilisation de nos clients. < 2023-10-25 10:51:37.528 Toute utilisation du service et répertoire par une autre compagnie/personne est prohibée. < 2023-10-25 10:51:37.528 < 2023-10-25 10:51:37.528 All access to the system are monitored and recorded. < 2023-10-25 10:51:37.528 The use of this service and directory is reserved for the use of our clients. . 2023-10-25 10:51:37.528 Read 119 bytes < 2023-10-25 10:51:37.528 Any use of this service by another company/person is prohibited. < 2023-10-25 10:51:37.528 220 ProFTPD Server (XXXXX FTP Server) [XX.XX.XX.XX] > 2023-10-25 10:51:37.528 USER 0126 . 2023-10-25 10:51:37.528 Read 32 bytes < 2023-10-25 10:51:37.528 331 Password required for 0126 > 2023-10-25 10:51:37.528 PASS XXXXXXXX . 2023-10-25 10:51:37.528 Read 66 bytes < 2023-10-25 10:51:37.528 230-User '0126' allowed by access rules < 2023-10-25 10:51:37.528 230 User 0126 logged in > 2023-10-25 10:51:37.528 SYST . 2023-10-25 10:51:37.528 Read 19 bytes < 2023-10-25 10:51:37.528 215 UNIX Type: L8 > 2023-10-25 10:51:37.528 FEAT . 2023-10-25 10:51:37.528 Read 259 bytes < 2023-10-25 10:51:37.528 211-Features: < 2023-10-25 10:51:37.528 CLNT < 2023-10-25 10:51:37.528 CSID < 2023-10-25 10:51:37.528 EPRT < 2023-10-25 10:51:37.528 EPSV < 2023-10-25 10:51:37.528 HOST < 2023-10-25 10:51:37.528 MDTM < 2023-10-25 10:51:37.528 MFF modify;UNIX.group;UNIX.mode; < 2023-10-25 10:51:37.528 MFMT < 2023-10-25 10:51:37.528 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*; < 2023-10-25 10:51:37.528 RANG STREAM < 2023-10-25 10:51:37.528 REST STREAM < 2023-10-25 10:51:37.528 SIZE < 2023-10-25 10:51:37.528 TVFS < 2023-10-25 10:51:37.528 211 End > 2023-10-25 10:51:37.528 CLNT WinSCP-release-6.1.2 . 2023-10-25 10:51:37.528 Read 8 bytes < 2023-10-25 10:51:37.528 200 OK > 2023-10-25 10:51:37.528 OPTS UTF8 ON . 2023-10-25 10:51:37.528 Read 30 bytes < 2023-10-25 10:51:37.528 500 OPTS UTF8 not understood . 2023-10-25 10:51:37.561 Connected . 2023-10-25 10:51:37.561 Got reply 1 to the command 1 . 2023-10-25 10:51:37.561 -------------------------------------------------------------------------- . 2023-10-25 10:51:37.561 Using FTP protocol. . 2023-10-25 10:51:37.561 Doing startup conversation with host. > 2023-10-25 10:51:37.578 CSID Name=WinSCP;Version=6.1.2 . 2023-10-25 10:51:37.578 Read 59 bytes < 2023-10-25 10:51:37.579 550 Name=WinSCP;Version=6.1.2: Forbidden command argument . 2023-10-25 10:51:37.579 Got reply 4 to the command 16 . 2023-10-25 10:51:37.579 Getting current directory name. > 2023-10-25 10:51:37.579 PWD . 2023-10-25 10:51:37.579 Read 34 bytes < 2023-10-25 10:51:37.579 257 "/" is the current directory . 2023-10-25 10:51:37.579 Got reply 1 to the command 16 . 2023-10-25 10:51:37.634 Retrieving directory listing... > 2023-10-25 10:51:37.634 TYPE A . 2023-10-25 10:51:37.634 Read 19 bytes < 2023-10-25 10:51:37.634 200 Type set to A > 2023-10-25 10:51:37.635 PASV . 2023-10-25 10:51:37.635 Read 52 bytes < 2023-10-25 10:51:37.635 227 Entering Passive Mode (198,235,27,150,239,22). > 2023-10-25 10:51:37.635 MLSD . 2023-10-25 10:51:37.636 Connecting to XX.XX.XX.XX:61206 ... . 2023-10-25 10:51:37.636 Connection pending . 2023-10-25 10:51:37.636 Data connection opened . 2023-10-25 10:51:37.636 Read 49 bytes < 2023-10-25 10:51:37.636 150 Opening ASCII mode data connection for MLSD (File listing) . 2023-10-25 10:51:37.674 Data connection closed . 2023-10-25 10:51:37.674 Data connection closed . 2023-10-25 10:51:37.674 Read 23 bytes < 2023-10-25 10:51:37.674 226 Transfer complete . 2023-10-25 10:51:37.675 Directory listing successful . 2023-10-25 10:51:37.675 Got reply 1 to the command 2 . 2023-10-25 10:51:37.710 Session upkeep . 2023-10-25 10:51:37.737 Attempt to close connection due to fatal exception: * 2023-10-25 10:51:37.737 (ExtException) **Name=WinSCP;Version=6.1.2: Forbidden command argument** . 2023-10-25 10:51:37.738 Connection closed . 2023-10-25 10:51:37.738 Got reply 1004 to the command 2 * 2023-10-25 10:51:37.742 (EFatal) **Name=WinSCP;Version=6.1.2: Forbidden command argument** . 2023-10-25 10:51:40.298 Disconnected from server . 2023-10-25 10:51:40.298 Connection closed . 2023-10-25 10:56:17.156 -------------------------------------------------------------------------- . 2023-10-25 10:56:17.157 WinSCP Version 6.1.2 (Build 13797 2023-09-19) (OS 10.0.19044 – Windows 10 Enterprise) . 2023-10-25 10:56:17.157 Configuration: C:\Temp\WinSCP\6.1.2\WinSCP.ini . 2023-10-25 10:56:17.157 Log level: Debug 2, Logging passwords . 2023-10-25 10:56:17.157 Local account: user_account . 2023-10-25 10:56:17.157 Working directory: C:\Temp\WinSCP\6.1.2 . 2023-10-25 10:56:17.157 Process ID: 27196 . 2023-10-25 10:56:17.157 Ancestor processes: explorer, ... . 2023-10-25 10:56:17.157 Command-line: "C:\Temp\WinSCP\6.1.2\WinSCP.exe" . 2023-10-25 10:56:17.157 Time zone: Current: GMT-5, Standard: GMT-6 (Central Standard Time), DST: GMT-5 (Central Daylight Time), DST Start: 3/12/2023, DST End: 11/5/2023 . 2023-10-25 10:56:17.158 Login time: Wednesday, October 25, 2023 10:56:17 AM . 2023-10-25 10:56:17.158 -------------------------------------------------------------------------- . 2023-10-25 10:56:17.158 Session name: 0126@XX.XX.XX.XX (Ad-Hoc site) . 2023-10-25 10:56:17.158 Host name: XX.XX.XX.XX (Port: 990) . 2023-10-25 10:56:17.158 User name: 0126 (Password: XXXXXXXX, Key file: No, Passphrase: No) . 2023-10-25 10:56:17.158 Transfer Protocol: FTP . 2023-10-25 10:56:17.158 Ping type: Dummy, Ping interval: 30 sec; Timeout: 15 sec . 2023-10-25 10:56:17.158 Disable Nagle: No . 2023-10-25 10:56:17.158 Proxy: None . 2023-10-25 10:56:17.158 Send buffer: 262144 . 2023-10-25 10:56:17.158 UTF: Auto . 2023-10-25 10:56:17.158 FTPS: Implicit TLS/SSL [Client certificate: No] . 2023-10-25 10:56:17.158 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: Auto . 2023-10-25 10:56:17.158 Session reuse: Yes . 2023-10-25 10:56:17.158 TLS/SSL versions: TLSv1.0-TLSv1.3 . 2023-10-25 10:56:17.158 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes . 2023-10-25 10:56:17.158 Cache directory changes: Yes, Permanent: Yes . 2023-10-25 10:56:17.158 Recycle bin: Delete to: No, Overwritten to: No, Bin path: . 2023-10-25 10:56:17.158 Timezone offset: 0h 0m . 2023-10-25 10:56:17.158 -------------------------------------------------------------------------- . 2023-10-25 10:56:17.217 Connecting to XX.XX.XX.XX:990 ... . 2023-10-25 10:56:17.217 Connected . 2023-10-25 10:56:17.217 TLS layer changed state from unconnected to connecting . 2023-10-25 10:56:32.155 Timeout detected. (control connection) . 2023-10-25 10:56:32.155 Connection closed . 2023-10-25 10:56:32.155 Connection failed. . 2023-10-25 10:56:32.155 Got reply 1004 to the command 1 . 2023-10-25 10:56:32.156 Connection closed