Opened 16 years ago

Closed 16 years ago

Last modified 10 years ago

#3795 closed Bug report (rejected)

Filezilla Client Not Working with z/VM 5.3 in SSL Mode

Reported by: Robert Hodge Owned by:
Priority: normal Component: FileZilla Client
Keywords: z/VM SSL Cc:
Component version: Operating system type: Windows
Operating system version: XP Professional Version 2002 SP 3


The Windows Filezilla client fails when connecting to a z/VM 5.3 FTP server configured for SSL and FIPS. The z/VM 5.3 FTP server is written to use RFC1123. I have tested Filezilla versions 3.0.9, 3.1.2, and 3.1.3 with the same results. I'm able to successfully connect to the z/VM 5.3 FTP server using the Linux "ftp-ssl" client, the WS_FTP client, the Hummingbird FTP client, and the z/OS FTP client.

The Filezilla client log follows:

16:11:51 Status: Resolving address of
16:11:51 Status: Connecting to
16:11:51 Status: Connection established, waiting for welcome message...
16:11:51 Trace: CFtpControlSocket::OnReceive()
16:11:51 Response: 220-Unauthorized use of this system is prohibited and may result in revocation
16:11:51 Response: of access, disciplinary action and/or legal action. The company reserves
16:11:51 Response: the right to monitor and review user activity, files and electronic
16:11:51 Response: messages. Reminder: Information transmitted to a foreign person on this
16:11:51 Response: network may be subject to applicable Export Control laws. Contact your
16:11:51 Response: Export Coordinator for assistance.
16:11:51 Response: FTPSECUR IBM VM Level 530 at VMTST.DCS.EIS.LMCO.COM, 16:11:50 MDT MONDAY 2008-09-22
16:11:51 Response: 220 Connection will close if idle for more than 5 minutes.
16:11:51 Trace: CFtpControlSocket::SendNextCommand()
16:11:51 Command: AUTH TLS
16:11:51 Trace: CFtpControlSocket::OnReceive()
16:11:51 Response: 234 Security data exchange complete
16:11:51 Status: Initializing TLS...
16:11:51 Trace: CTlsSocket::Handshake()
16:11:51 Trace: CTlsSocket::OnSend()
16:11:51 Trace: CTlsSocket::OnRead()
16:11:51 Trace: CTlsSocket::Handshake()
16:11:51 Trace: CTlsSocket::OnRead()
16:11:51 Trace: CTlsSocket::Handshake()
16:11:51 Trace: GnuTLS error -9: A TLS packet with unexpected length was received.
16:11:51 Status: Server did not properly shut down TLS connection
16:11:51 Trace: CTlsSocket::OnSocketEvent(): close event received
16:11:51 Trace: CRealControlSocket::OnClose(0)
16:11:51 Trace: CFtpControlSocket::ResetOperation(66)
16:11:51 Trace: CControlSocket::ResetOperation(66)
16:11:51 Error: Could not connect to server
16:11:51 Status: Waiting to retry...

Change History (1)

comment:1 by Tim Kosse, 16 years ago

Resolution: rejected
Status: newclosed

Your server is broken, it does not send the connection closure alert as is required by the TLS specifications. You have to upgrade to a proper server. Read for details.

Note: See TracTickets for help on using tickets.