Opened 11 years ago

Last modified 11 years ago

#3647 closed Bug report

Since version 3.1.0.1 : No TLS connection (3.0.11.1 No Prob)

Reported by: marcodeboer Owned by:
Priority: normal Component: FileZilla Client
Keywords: Cc: marcodeboer, Tim Kosse
Component version: Operating system type:
Operating system version:

Description

Status: Connecting to 82.72.239.134:2121...
Status: Connection established, waiting for welcome message...
Response: 220 NASFTPD Turbo station 2.x 1.3.1rc2 Server (ProFTPD) [192.168.0.8]
Command: AUTH TLS
Response: 234 AUTH TLS successful
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER admin
Status: TLS/SSL connection established.
Response: 331 Password required for admin
Command: PASS
Response: 230 User admin logged in
Command: OPTS UTF8 ON
Response: 200 UTF8 set to on
Command: PBSZ 0
Response: 200 PBSZ 0 successful
Command: PROT P
Response: 200 Protection set to Private
Status: Connected
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (82,72,239,134,219,201).
Command: LIST
Response: 150 Opening ASCII mode data connection for file list
Status: Server did not properly shut down TLS connection
Error: Could not read from transfer socket: ECONNABORTED - Connection aborted
Response: 226 Transfer complete
Error: Failed to retrieve directory listing

Attachments (1)

Log.txt (3.9 KB) - added by marcodeboer 11 years ago.
Complete logging level 3

Download all attachments as: .zip

Change History (3)

Changed 11 years ago by marcodeboer

Attachment: Log.txt added

Complete logging level 3

comment:1 Changed 11 years ago by marcodeboer

FileZilla 3.1.0.1
Windows XP SP3
See logging file attached

Since the new version I got this problem : NO connection to QNAP TS-409 Pro !
If I downgrade again to 3.0.11.1 everything is working fine !

File Added: Log.txt

comment:2 Changed 11 years ago by Tim Kosse

Your server is broken, it does not send the closure alert on the data connection as is required by the SSL/TLS specifications. Since this faulty behavior is indistinguishable from an attacker sending spoofed FIN TCP packets, FileZilla has to assume the worst and fail the transfer. You need to upgrade to a proper server that does perform an orderly SSL/TLS shutdown.

Note: See TracTickets for help on using tickets.