Opened 11 years ago

Last modified 5 years ago

#1426 closed Bug report

FileZilla Server does not always perform SSL shutdown

Reported by: kbrownx1 Owned by:
Priority: normal Component: Other
Keywords: Cc: kbrownx1, Ray Van Dolson, Tim Kosse
Component version: Operating system type:
Operating system version:

Description

The server is FileZilla Server 0.9.26 beta running on Windows 2003 R2 (64-bit) Passive mode set up on ports 9900-9905.
The client is FileZilla Client 3.1.0.1 running on Windows Vista Business

I connected to site using Implicit SSL/TLS mode of FTP. I tried to list a folder with 61 files in it. The client reports:


Status: Retrieving directory listing...
Command: CWD Images
Response: 250 CWD successful. "/~surfmo/WebSites/Surfmo/Images" is current directory.
Command: PWD
Response: 257 "/~surfmo/WebSites/Surfmo/Images" is current directory.
Command: PASV
Response: 227 Entering Passive Mode (208,101,5,8,38,173)
Command: LIST -a
Response: 150 Connection accepted
Status: Server did not properly shut down TLS connection
Error: Transfer connection interrupted: ECONNABORTED - Connection aborted
Response: 226 Transfer OK
Error: Failed to retrieve directory listing


The server log indicates a success:


(000163) 2008.07.29 12:50:36 - kbrown (216.139.38.11)> 150 Connection accepted
(000163) 2008.07.29 12:50:37 - kbrown (216.139.38.11)> SSL connection for data connection established
(000163) 2008.07.29 12:50:37 - kbrown (216.139.38.11)> 226 Transfer OK
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> CWD Images2
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> 250 CWD successful. "/~surfmo/WebSites/Surfmo/Images2" is current directory.
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> PWD
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> 257 "/~surfmo/WebSites/Surfmo/Images2" is current directory.
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> PASV
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> 227 Entering Passive Mode (208,101,5,8,38,174)
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> LIST -a
(000163) 2008.07.29 12:50:41 - kbrown (216.139.38.11)> 150 Connection accepted
(000163) 2008.07.29 12:50:42 - kbrown (216.139.38.11)> SSL connection for data connection established
(000163) 2008.07.29 12:50:42 - kbrown (216.139.38.11)> 226 Transfer OK


If I remove 1 file (60) or if I add one file (62) the list comes back OK.

The server is FileZilla Server 0.9.26 beta running on Windows 2003 R2 (64-bit)
The client is FileZilla Client 3.1.0.1 running on Windows Vista Business

I created another folder with 61 images though with different file content. This one worked without problems:


Status: Retrieving directory listing...
Command: CWD Images3
Response: 250 CWD successful. "/~surfmo/WebSites/Surfmo/Images3" is current directory.
Command: PWD
Response: 257 "/~surfmo/WebSites/Surfmo/Images3" is current directory.
Command: PASV
Response: 227 Entering Passive Mode (208,101,5,8,38,172)
Command: LIST -a
Response: 150 Connection accepted
Response: 226 Transfer OK
Status: Directory listing successful


I copied the same directory to a Linux (CentOS 5) server, with 61 of the same files. The Linux server using SSH File Transfer Protocol, I have no trouble retrieving this directory from my FileZilla Client, as seen in the client log:


Status: Connecting to lnx.xpresmo.com:14223...
Response: fzSftp started
Command: open "kbrown@…" 14223
Command: Pass:
Status: Connected to lnx.xpresmo.com
Status: Retrieving directory listing...
Command: pwd
Response: Current directory is: "/home/kbrown"
Command: ls
Status: Listing directory /home/kbrown
Status: Calculating timezone offset of server...
Command: mtime ".elinks"
Response: 1217227823
Status: Timezone offsets: Server: -25223 seconds. Local: -25200 seconds. Difference: 23 seconds.
Status: Directory listing successful
Status: Retrieving directory listing...
Command: cd "/var/www/PublisherServer/~dt/WebSites/Surfmo"
Response: New directory is: "/var/www/PublisherServer/~dt/WebSites/Surfmo"
Command: ls
Status: Listing directory /var/www/PublisherServer/~dt/WebSites/Surfmo
Status: Directory listing successful
Status: Retrieving directory listing...
Command: cd "/var/www/PublisherServer/~dt/WebSites/Surfmo/Images2"
Response: New directory is: "/var/www/PublisherServer/~dt/WebSites/Surfmo/Images2"
Command: ls
Status: Listing directory /var/www/PublisherServer/~dt/WebSites/Surfmo/Images2
Status: Directory listing successful


If I now copy the Linux directory back to the Win2003 server and try to access it again via Implicit SSL/TLS mode, I get the same ECONNABORTED message:


Command: CWD Images2
Response: 250 CWD successful. "/~surfmo/WebSites/Surfmo/Images2" is current directory.
Command: PWD
Response: 257 "/~surfmo/WebSites/Surfmo/Images2" is current directory.
Command: PASV
Response: 227 Entering Passive Mode (208,101,5,8,38,174)
Command: LIST -a
Response: 150 Connection accepted
Response: 226 Transfer OK
Status: Server did not properly shut down TLS connection
Error: Transfer connection interrupted: ECONNABORTED - Connection aborted
Error: Failed to retrieve directory listing


If I use another FTP client (I have WS_FTP Pro), using the Implicit SSL/TLS mode, I have no trouble retrieving this folder as seen in the WS_FTP Pro log:


[2008.07.29 13:07:04.738] CWD Surfmo
[2008.07.29 13:07:04.904] 250 CWD successful. "/~surfmo/WebSites/Surfmo" is current directory.
[2008.07.29 13:07:04.904] PWD
[2008.07.29 13:07:04.966] 257 "/~surfmo/WebSites/Surfmo" is current directory.
[2008.07.29 13:07:04.968] PASV
[2008.07.29 13:07:05.029] 227 Entering Passive Mode (208,101,5,8,38,175)
[2008.07.29 13:07:05.030] connecting data channel to 208.101.5.8:38,175(9903)
[2008.07.29 13:07:05.158] data channel connected to 208.101.5.8:38,175(9903)
[2008.07.29 13:07:05.158] LIST
[2008.07.29 13:07:05.220] 150 Connection accepted
2008.07.29 13:07:05.761] # transferred 1471 bytes in 0.030 seconds, 383.073 Kbps ( 47.884 Kbps), transfer succeeded.
[2008.07.29 13:07:05.761] 226 Transfer OK
[2008.07.29 13:07:09.067] CWD Images2
[2008.07.29 13:07:09.124] 250 CWD successful. "/~surfmo/WebSites/Surfmo/Images2" is current directory.
[2008.07.29 13:07:09.145] PWD
[2008.07.29 13:07:09.206] 257 "/~surfmo/WebSites/Surfmo/Images2" is current directory.
[2008.07.29 13:07:09.208] PASV
[2008.07.29 13:07:09.411] 227 Entering Passive Mode (208,101,5,8,38,176)
[2008.07.29 13:07:09.411] connecting data channel to 208.101.5.8:38,176(9904)
[2008.07.29 13:07:09.571] data channel connected to 208.101.5.8:38,176(9904)
[2008.07.29 13:07:09.572] LIST
[2008.07.29 13:07:09.633] 150 Connection accepted
2008.07.29 13:07:10.172] # transferred 4053 bytes in 0.084 seconds, 376.953 Kbps ( 47.119 Kbps), transfer succeeded.
[2008.07.29 13:07:10.172] 226 Transfer OK


So the evidence points to a problem with the FileZilla client using Implicit SSL/TLS mode.

Change History (5)

comment:1 Changed 11 years ago by kbrownx1

This is the Debug level 3 listing during the failure:

Status: Retrieving directory listing...
Trace: CFtpControlSocket::SendNextCommand()
Trace: CFtpControlSocket::ChangeDirSend()
Command: CWD /~surfmo/WebSites/Surfmo/Images2
Trace: CFtpControlSocket::OnReceive()
Response: 250 CWD successful. "/~surfmo/WebSites/Surfmo/Images2" is current directory.
Trace: CFtpControlSocket::SendNextCommand()
Trace: CFtpControlSocket::ChangeDirSend()
Command: PWD
Trace: CFtpControlSocket::OnReceive()
Response: 257 "/~surfmo/WebSites/Surfmo/Images2" is current directory.
Trace: CFtpControlSocket::ResetOperation(0)
Trace: CControlSocket::ResetOperation(0)
Trace: CFtpControlSocket::ParseSubcommandResult(0)
Trace: CFtpControlSocket::ListSubcommandResult()
Trace: CFtpControlSocket::SendNextCommand()
Trace: CFtpControlSocket::TransferSend()
Command: PASV
Trace: CFtpControlSocket::OnReceive()
Response: 227 Entering Passive Mode (208,101,5,8,38,177)
Trace: CFtpControlSocket::TransferParseResponse()
Trace: CFtpControlSocket::SendNextCommand()
Trace: CFtpControlSocket::TransferSend()
Command: LIST -a
Trace: CTransferSocket::OnConnect
Trace: CTlsSocket::Handshake()
Trace: Skipping socket event 4, id mismatch.
Trace: CTlsSocket::Handshake()
Trace: CFtpControlSocket::OnReceive()
Response: 150 Connection accepted
Trace: CFtpControlSocket::TransferParseResponse()
Trace: CFtpControlSocket::SendNextCommand()
Trace: CFtpControlSocket::TransferSend()
Trace: CTlsSocket::Handshake()
Trace: CTlsSocket::Handshake()
Trace: Handshake successful
Trace: Cipher: AES-128-CBC, MAC: SHA1
Trace: CTransferSocket::OnConnect
Trace: GnuTLS error -9: A TLS packet with unexpected length was received.
Status: Server did not properly shut down TLS connection
Trace: CTlsSocket::OnSocketEvent(): close event received
Trace: CTransferSocket::OnClose(10053)
Error: Transfer connection interrupted: ECONNABORTED - Connection aborted
Trace: CTransferSocket::TransferEnd(3)
Trace: Skipping socket event 5, no socket or id mismatch.
Trace: CFtpControlSocket::OnReceive()
Response: 226 Transfer OK
Trace: CFtpControlSocket::TransferParseResponse()
Trace: CFtpControlSocket::SendNextCommand()
Trace: CFtpControlSocket::TransferSend()
Trace: CFtpControlSocket::TransferEnd()
Trace: CFtpControlSocket::ResetOperation(2)
Trace: CControlSocket::ResetOperation(2)
Trace: CFtpControlSocket::ParseSubcommandResult(2)
Trace: CFtpControlSocket::ListSubcommandResult()
Trace: CFtpControlSocket::ResetOperation(2)
Trace: CControlSocket::ResetOperation(2)
Error: Failed to retrieve directory listing

comment:2 Changed 11 years ago by Ray Van Dolson

I'm getting this same issue with Explicit TLS/SSL mode connecting to a ProFTPd 1.3.1 server (everything works perfectly if I revert to 3.0.11.1).

Also see:

http://forum.filezilla-project.org/viewtopic.php?f=2&t=7559
http://marc.info/?t=121731645900003&r=1&w=2

comment:3 Changed 11 years ago by kbrownx1

I also verified that the problem does not occur if I revert back to 3.0.11.1.

comment:4 Changed 11 years ago by Tim Kosse

This will be fixed in FileZilla Server 0.9.27 which will be released later today.

comment:5 Changed 11 years ago by Tim Kosse

Get 0.9.27

Note: See TracTickets for help on using tickets.