#3795 closed Bug report (rejected)
Filezilla Client Not Working with z/VM 5.3 in SSL Mode
| Reported by: | Robert Hodge | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | FileZilla Client |
| Keywords: | z/VM SSL | Cc: | |
| Component version: | Operating system type: | Windows | |
| Operating system version: | XP Professional Version 2002 SP 3 |
Description
The Windows Filezilla client fails when connecting to a z/VM 5.3 FTP server configured for SSL and FIPS. The z/VM 5.3 FTP server is written to use RFC1123. I have tested Filezilla versions 3.0.9, 3.1.2, and 3.1.3 with the same results. I'm able to successfully connect to the z/VM 5.3 FTP server using the Linux "ftp-ssl" client, the WS_FTP client, the Hummingbird FTP client, and the z/OS FTP client.
The Filezilla client log follows:
16:11:51 Status: Resolving address of vmtst.dcs.eis.lmco.com
16:11:51 Status: Connecting to xxx.xxx.xxx.xxx:2121...
16:11:51 Status: Connection established, waiting for welcome message...
16:11:51 Trace: CFtpControlSocket::OnReceive()
16:11:51 Response: 220-Unauthorized use of this system is prohibited and may result in revocation
16:11:51 Response: of access, disciplinary action and/or legal action. The company reserves
16:11:51 Response: the right to monitor and review user activity, files and electronic
16:11:51 Response: messages. Reminder: Information transmitted to a foreign person on this
16:11:51 Response: network may be subject to applicable Export Control laws. Contact your
16:11:51 Response: Export Coordinator for assistance.
16:11:51 Response: FTPSECUR IBM VM Level 530 at VMTST.DCS.EIS.LMCO.COM, 16:11:50 MDT MONDAY 2008-09-22
16:11:51 Response: 220 Connection will close if idle for more than 5 minutes.
16:11:51 Trace: CFtpControlSocket::SendNextCommand()
16:11:51 Command: AUTH TLS
16:11:51 Trace: CFtpControlSocket::OnReceive()
16:11:51 Response: 234 Security data exchange complete
16:11:51 Status: Initializing TLS...
16:11:51 Trace: CTlsSocket::Handshake()
16:11:51 Trace: CTlsSocket::OnSend()
16:11:51 Trace: CTlsSocket::OnRead()
16:11:51 Trace: CTlsSocket::Handshake()
16:11:51 Trace: CTlsSocket::OnRead()
16:11:51 Trace: CTlsSocket::Handshake()
16:11:51 Trace: GnuTLS error -9: A TLS packet with unexpected length was received.
16:11:51 Status: Server did not properly shut down TLS connection
16:11:51 Trace: CTlsSocket::OnSocketEvent(): close event received
16:11:51 Trace: CRealControlSocket::OnClose(0)
16:11:51 Trace: CFtpControlSocket::ResetOperation(66)
16:11:51 Trace: CControlSocket::ResetOperation(66)
16:11:51 Error: Could not connect to server
16:11:51 Status: Waiting to retry...
Your server is broken, it does not send the connection closure alert as is required by the TLS specifications. You have to upgrade to a proper server. Read http://forum.filezilla-project.org/viewtopic.php?f=2&t=7688 for details.