Version 9.5 breaks FTP Secure TLS Explicit (AUTH TLS)

dmorgan002 · October 7, 2009, 4:23pm

I installed the update to version 9.5 today on my XP machine and have found that connecting using TLS results in an empty file list for the FTP site. I noticed this in the Illuminati version as well but have only been running it for a couple of days so did not get a chance to post about it.

Here is a copy of the connection log.

226-Options: -a -F -l 226 5 matches total Connection closed Initialising SSL BIO... Opening Connection server.com:21 220---------- Welcome to Pure-FTPd [TLS] ---------- 220-You are user number 1 of 50 allowed. 220-Local time is now 09:02. Server port: 21. 220-This is a private system - No anonymous login 220-IPv6 connections are also welcome on this server. 220 You will be disconnected after 15 minutes of inactivity. --> AUTH TLS 234 AUTH TLS OK. Establishing SSL Ctrl Connection TLS/SSL connection established. [TLSv1/SSLv3, cipher AES256-SHA, 256 bits] Unknown Unknown server.name.com ssl@cpanel.net US Unknown Unknown Unknown Unknown Valid From: 2009-2-27 10:6:31 To: 2036-7-14 10:6:31 --> USER user 331 User user OK. Password required --> PASS ... 230-User user has group access to: user 230 OK. Current restricted directory is / --> PBSZ 0 200 PBSZ=0 --> PROT P 534 Fallback to [C] PROT error - setting clear data channel --> PROT C 200 OK --> SYST 215 UNIX Type: L8 --> FEAT 211-Extensions supported: EPRT IDLE MDTM SIZE REST STREAM MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*; MLSD ESTP PASV EPSV SPSV ESTA AUTH TLS PBSZ PROT 211 End. --> REST 100 350 Restarting at 100. But we're in ASCII mode --> REST 0 350 Restarting at 0 --> TYPE I 200 TYPE is now 8-bit binary --> PWD 257 "/" is your current location --> CWD / 250 OK. Current directory is / --> PWD 257 "/" is your current location --> TYPE A 200 TYPE is now ASCII --> PASV 227 Entering Passive Mode (server,ip,#,here,169,166) Waiting for Passive Data port connect Starting SSL DATA connect [DATA: TLSv1/SSLv3, cipher AES256-SHA, 256 bits] SSL DATA connected --> LIST -alF 150 Accepted data connection 226-Options: -a -F -l 226 27 matches total RecvList() - WSAECONNRESET: Connection reset by peer FD_CLOSE - WSAECONNABORTED: Software caused connection abort

I connected using TLS minutes before installing V9.5 and doing a comparison it looks like "PROT error - setting clear data channel" and of course "RecvList() - WSAECONNRESET: Connection reset by peer
FD_CLOSE - WSAECONNABORTED: Software caused connection abort" is new.

I you would like any further information on anything please let me know

Dan

Greg · October 8, 2009, 12:08am

Sounds like the server is a little difficult and fails to accept the directory listing command using the standard Unix style text. Edit the site entry in the address book and change this to just use LIST without the -alf.

I had also been testing some new FTP features for future versions and one of these was to support the strange behaviour of PureFTPd which fails to support Protected Data channels as it is supposed to do. In the current version, non protected data channels should not really be supported. Maybe this has generated some issues here.

Please file an official support request with GP Software via the Support page and contact me directly and I can have a look at the issue in more depth.

dmorgan002 · October 8, 2009, 5:27pm

Hello Greg,

I tried doing what you suggested by unchecking 'Use defaults' under Server commands and putting 'List' into Custom LIST CMD and got the same result.

I will submit the request as you asked now.

Thanks!

Dan