Search code examples
phpftppassive-mode

"php_connect_nonb() failed: Operation now in progress (115)" with TLS/SSL-encrypted FTP connection in PHP - Unencypted connection works


I'm trying to use an automatic backup script for cPanel accounts of my server.
I have mounted an FTP server in one local machine with FileZilla Server. I can connect and transfer files successfully with FileZilla client, a Plesk server, and lftp...
The passive mode is enabled.

For some unknown reason when trying to connect and put files with PHP with enabled encryption the response is:

Warning: ftp_put(): php_connect_nonb() failed: Operation now in progress (115) in
/home/xxxxxxx/public_html/lab/test/perform_mysql_bk.php on line 326

Any ideas for this error?

Without encryption the upload works.

For the connection I'm using:

$fSuccess = false;

$sServerAddress = $this->m_aConfig['FTP_SERVER_ADDRESS'];
$iServerPort = (int)( $this->m_aConfig['FTP_SERVER_PORT'] );

// set up FTP connection
if ( ($this->m_aConfig['FTP_USE_SSL'] == 'YES') ) {

    if ( function_exists('ftp_ssl_connect') ) {
        $this->m_oFtpConnection = ftp_ssl_connect( $sServerAddress, $iServerPort );
        
        if ( !$this->m_oFtpConnection ) {
            $this->writeLog( "Attempt to connect to ".$sServerAddress.":".$iServerPort." with SSL+FTP failed. Will fallback to normal FTP." );
        }
        else {
            $this->writeLog( "Attempt to connect to ".$sServerAddress.":".$iServerPort." with SSL+FTP Succeeded. Now logging in ..." );
        }
    }
    else {
        $this->writeLog( "This server doesn't support FTPS (FTP with SSL). Will fallback to normal FTP." );
    }
}

//Fallback
if ( !$this->m_oFtpConnection ) {
    $this->m_oFtpConnection = ftp_connect( $sServerAddress, $iServerPort );
}

// login after a successful connection
if ( $this->m_oFtpConnection ) {
    $fLoginResult = ftp_login( $this->m_oFtpConnection, $this->m_aConfig['FTP_USERNAME'], $this->m_aConfig['FTP_PASSWORD'] ); 
    //echo $fLoginResult;
}
else {
    $this->writeLog( "Attempt to connect to ".$sServerAddress.":".$iServerPort." failed." );
}

// check connection
if ( (!$this->m_oFtpConnection) || (!$fLoginResult) ) { 
    $this->writeLog( "FTP connection has failed!" );
} else {
    $this->writeLog( "FTP connection was successful with ".$sServerAddress.":".$iServerPort );
    $fSuccess = true;
}

// Set to Passive connection if login was successful and this setting was set.
if ( $fSuccess && ($this->m_aConfig['FTP_USE_PASSIVE'] == 'YES') ) {
    
    if ( ftp_pasv( $this->m_oFtpConnection, true ) ) {
        $this->writeLog( "FTP connection was set to PASSIVE mode." );
    }
    else {
        $this->writeLog( "Attempted to set FTP connection to PASSIVE mode but failed. Going to continue with copy anyway. If the script fails, review this as a possible source." );
    }
}

The response is successful: (I have replaced my IP with xx values)

Attempt to connect to xx.xx.xx.xx:21 with SSL+FTP Succeeded. Now logging in ...
FTP connection was successful with xx.xx.xx.xx:21
FTP connection was set to PASSIVE mode.

But when the system hits this:

$fSuccess = false;

$sDestinationFile = $this->m_aConfig['FTP_PATH_TO_COPY'] . $insDbFileName;

// upload the file
$fUpload = ftp_put( $this->m_oFtpConnection, $sDestinationFile, $insDbFileName, FTP_BINARY ); 

// check upload status
if (!$fUpload) { 
    $this->writeLog( "FTP upload has failed! Check the log file for errors. Try changing PASSIVE and SSL options in the config." );
    return false;
} else {
    $this->writeLog( "Uploaded $insDbFileName to ".$this->m_aConfig['FTP_SERVER_ADDRESS']." as $sDestinationFile" );
    $fSuccess = true;
}

return $fSuccess;

The response is the error

Warning: ftp_put(): php_connect_nonb() failed: Operation now in progress (115) in
/home/xxxxxxx/public_html/lab/test/perform_mysql_bk.php on line 326

I have read many pages saying this error is caused by the FTP server returning an internal IP address instead of a public, but I have tested with other programs and all runs ok, the FTP server is sending the public IP when the PASV command is executed.

I also tested with curl and I can connect without encryption. But when I use TLS, the system disconnects just after sending PASV and receiving answer from the server "227 Entering passive mode (xxx.xxx.xxx.xxx.198.104)". curl error is 7, can't connect to host... Could be something related with TLS in the server bad configured?

Any ideas?


Solution

  • The similar behavior of PHP code and curl suggests that a firewall is blocking a data connection.

    As unencrypted connection works, it's probable that the firewall is being "smart" by monitoring FTP control connections and automatically forwarding data connection ports found in the control connection. But that cannot work for encrypted sessions, as the firewall cannot monitor them.

    See also the "Smart Firewalls/NATs" section of my guide about network set up for FTP.

    If you need to allow encrypted connection, you will need to talk to the server administrator.