我正在尝试连接到z/os系统并获取数据集列表。当我执行listfiles()命令时,我得到一个425错误。我在上查找了错误和ibm站点https://www.ibm.com/support/knowledgecenter/ssltbw_2.4.0/com.ibm.zos.v2r4.cs3cod0/ftp425-04.htm 说
"The session is protected by a security mechanism and the protection level for the data connection is Clear. The minimum data connection protection required by the server is Safe or Private."我提供一个密码,我用tls和证书登录。如果我添加ftp.execpbsz(0);ftp.execprot(“p”);它给我一个无法识别的ssl消息。我在登录前和登录后都试过了,没关系。
如何执行ftp.listfiles(*)并获取有效的文件列表。
来自my pom.xml的片段
<dependency>
<groupId>commons-net</groupId>
<artifactId>commons-net</artifactId>
<version>3.7</version>
</dependency>我的java代码:
private int testConnectivity(Configuration configuration) {
int systemExitCode = 0;
FTPSClient ftp;
try {
ftp = new FTPSClient(false, getSelfSignedCertificate(configuration));
try {
ftp.connect(configuration.getzOsStagingHostName(), configuration.getzOsStagingHostFtpPort());
logger.info(ftp.getReplyString());
int reply = ftp.getReplyCode();
logger.info("ftp.getReplyCode =" + reply);
if (!FTPReply.isPositiveCompletion(reply)) {
// Bad reply code.
ftp.disconnect();
logger.error("FTP server refused connection.");
ftp.disconnect();
} else {
logger.info("FTP: connected to " + configuration.getzOsStagingHostName() + ":"
+ configuration.getzOsStagingHostFtpPort());
ftp.enterLocalPassiveMode();
ftp.login(configuration.getzOsStagingUserId(), configuration.getzOsStagingUserPassword());
logger.info("Login completed\n" + ftp.getStatus());
//(1)
//(1) ftp.execPBSZ(0);ftp.execPROT("P");
ftp.enterLocalPassiveMode();
logger.info("PWD=" + ftp.printWorkingDirectory());
ftp.enterLocalPassiveMode();
FTPFile[] ftpFiles = ftp.listFiles("*");
logger.info("REPLY after list: "+Arrays.stream(ftp.getReplyStrings()).collect(Collectors.joining("\n")));
for (FTPFile file : ftpFiles) {
logger.info("FTP File: " + ftpFiles);
}
ftp.disconnect();
}
} catch (IOException e) {
logger.error("Error connecting to z/OS host" + configuration.getzOsStagingHostName() + ":"
+ configuration.getzOsStagingHostFtpPort(), e);
systemExitCode = 1;
}
} catch (KeyManagementException | CertificateException | KeyStoreException | NoSuchAlgorithmException
| IOException e1) {
systemExitCode = 1;
logger.error("An error occurred getting a certifcate for host", e1);
}
return systemExitCode;
}
private SSLContext getSelfSignedCertificate(Configuration configuration) throws CertificateException,
KeyStoreException, NoSuchAlgorithmException, IOException, KeyManagementException {
File crtFile = new File(configuration.getzOsStagingHostCertificateFileName());
Certificate certificate = CertificateFactory.getInstance("X.509")
.generateCertificate(new FileInputStream(crtFile));
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("server", certificate);
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
return sslContext;
}注意。如果我取消对标有(1)的行的注解,我将得到
javax.net.ssl.SSLException: Unsupported or unrecognized SSL message
at sun.security.ssl.SSLSocketInputRecord.handleUnknownRecord(SSLSocketInputRecord.java:448) ~[?:1.8.0_271]
at sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:174) ~[?:1.8.0_271]
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:110) ~[?:1.8.0_271]
at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1279) ~[?:1.8.0_271]
at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1188) ~[?:1.8.0_271]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:401) ~[?:1.8.0_271]
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:373) ~[?:1.8.0_271]
at org.apache.commons.net.ftp.FTPSClient._openDataConnection_(FTPSClient.java:642) ~[commons-net-3.7.jar:3.7]
at org.apache.commons.net.ftp.FTPClient._openDataConnection_(FTPClient.java:790) ~[commons-net-3.7.jar:3.7]
at org.apache.commons.net.ftp.FTPClient.initiateListParsing(FTPClient.java:3456) ~[commons-net-3.7.jar:3.7]
at org.apache.commons.net.ftp.FTPClient.initiateListParsing(FTPClient.java:3386) ~[commons-net-3.7.jar:3.7]
at org.apache.commons.net.ftp.FTPClient.listFiles(FTPClient.java:3063) ~[commons-net-3.7.jar:3.7]
at com.mycompany.myprod.sprint.App.testConnectivity(App.java:215) [classes/:?]
at com.mycompany.myprod.sprint.App.<init>(App.java:90) [classes/:?]
at com.mycompany.myprod.sprint.App.main(App.java:65) [classes/:?]
1条答案
按热度按时间wribegjk1#
这个问题是由于使用了一个旧版本的commons-net。我从3.7调到3.7.2,它就消失了。如果有人在看,我在登录后调用ftp.execpbsz(0)和ftp.execprot(“p”)。