Opened 4 years ago
Closed 4 years ago
Last modified 4 years ago
#11837 closed Bug report (rejected)
Unable to connect via ftpes:// on 3.40.0
|Reported by:||Disassembler||Owned by:|
|Keywords:||gnutls, ftpes, pureftpd||Cc:|
|Component version:||3.40.0||Operating system type:||Windows|
|Operating system version:||10|
After update to 3.40.0, I'm unable to connect from a Windows machine to several servers via ftpes:// protocol (FTP over Explicit TLS) on port 21. The connections work on 3.39.0 and in other software (WinSCP).
The server to which I'm trying to connect uses Pure-FTPd 1.0.46 linked against GnuTLS 3.5.18 (stock configuration on Ubuntu 18.04) and username+password authentication. TLS certificate is valid.
Messages from 3.39.0:
Status: Resolving address of ftp.example.com Status: Connecting to 22.214.171.124:21... Status: Connection established, waiting for welcome message... Status: Initializing TLS... Status: Verifying certificate... Status: TLS connection established. Status: Logged in Status: Retrieving directory listing... Status: Directory listing of "/" successful
Messages from 3.40.0:
Status: Resolving address of ftp.example.com Status: Connecting to 126.96.36.199:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 1 of 50 allowed. Response: 220-Local time is now 15:44. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command: AUTH TLS Response: 234 AUTH TLS OK. Status: Initializing TLS... Status: Verifying certificate... Status: TLS connection established. Command: USER username Error: Could not connect to server
On subsequent try, this message is additionally reported
Error: GnuTLS error -110: The TLS connection was non-properly terminated. Status: Server did not properly shut down TLS connection
My wild guess is that it has something to do with recent GnuTLS libs upgrade in 3.40.0.
Change History (5)
by , 4 years ago
comment:1 by , 4 years ago
|Status:||new → closed|
comment:2 by , 4 years ago
Contact your server administrator or server hosting provider for assistance to have the your server fixed.
comment:3 by , 4 years ago
Yeah, I'm digging deeper and it indeed looks like server misconfiguration. Pure-FTPd is linked against OpenSSL, not GnuTLS and I have custom-compiled OpenSSL 1.1.1a, so the TLS 1.3 ciphersuites are offered but in fact not supported by PureFTPd itself :/ Apologies for undue alarm.
comment:4 by , 4 years ago
The server to which I'm trying to connect uses Pure-FTPd 1.0.46 linked against GnuTLS 3.5.18
Please note that Pure-FTPd uses OpenSSL as TLS library, it does not use GnuTLS.
That's a known bug in Pure-FTPd. See https://github.com/jedisct1/pure-ftpd/issues/94