Timeout on Filezilla file transfer using TLS & PROT P

Using the SmartFTP Library it times out when uploading files using TLS encryption and an encrypted data channel (PROT P) to the latest version of the Fillezilla FTP server. If you use a clear command channel then it works. It you use another FTP client, e.g. Filezillas own, with the same settings (TLS + PROT P) then it works. If you try it with SmartFTP client then it fails.

I posted extensive logs in the message you deleted from this forum. I'm not doing it again. It's very easy to duplicate this without me spending another fifteen minutes producing logs which you then delete

Hmm ...

I read your previous post in the Premium Support forum. I personally didn't delete it and the post seems to be disappeared now. I will investigate how why and how this happened.

Regarding the bug report, I appreciate and I will take a look at it in the coming days. It's not needed to post the logs again, I will try to reproduce here. It's no surprise to me that the Filezilla client works with the Filezilla server, but it doesn't mean it's correct.

Thank you and my apologies for the "missing" post.

Regards,
-Mat
SmartFTP


I posted extensive logs in the message you deleted from this forum. I'm not doing it again. It's very easy to duplicate this without me spending another fifteen minutes producing logs which you then delete

Last time i see your posting it was in "SmartFTP Client Support->Premium Support" and edited with only one message and the request to delete it?

-Mike

Any news?

Hello ..

I was able to reproduce the problem with the Filezilla server. But it's the only FTP server with such problems. I haven't done a deeper analysis yet.

Regards,
SmartFTP

Any news now? Thanks

Hello ..

To simplify the problem:
- When no more bytes are available to upload SmartFTP sends a SSL shutdown message to shutdown the SSL channel.
- SmartFTP now expects the other party (server) to acknowledge the SSL shutdown message.

As far as I can see, FileZilla Server doesn't send the SSL shutdown ack message. Therefore the transfer times out.

I just looked at the openssl documentation.
http://developer.apple.com/documentatio ... L_shutdown

The shutdown procedure consists of 2 steps: the sending of the "close
notify" shutdown alert and the reception of the peer's "close notify"
shutdown alert. According to the TLS standard, it is acceptable for an
application to only send its shutdown alert and then close the underly-underlying
ing connection without waiting for the peer's response (this way
resources can be saved, as the process can already terminate or serve
another connection). When the underlying connection shall be used for
more communications, the complete shutdown procedure (bidirectional
"close notify" alerts) must be performed, so that the peers stay syn-synchronized.
chronized.

It seems we don't have to wait for the shutdown ack for data transfers. I will see how this can be changed to make it work with the FileZilla server. But it would be still a good if the peer (server) would acknowledge the "close notify" message. This would make sure all data is correctly transferred and received by the server.

Regards,
-Mat

Hello ..

Workaround implemented in the latest version 1.5.8.8
https://www.smartftp.com/ftplib/download

Please let me know if it works and if you see any negative side effects.
Thanks.

Regards,
-Mat

FYI, this issue will be fixed in the next version of FileZilla Server, see:
http://filezilla.sourceforge.net/forum/ ... php?t=2395

EDIT: Version 0.9.18 of FileZilla Server fixes this:
http://prdownloads.sourceforge.net/file ... e?download

Thanks for the update. I tested with Filezilla and Serv-U and it appears to be working fine on both. Thanks again.

Update: Looks like they've broken implicit SSL connections in the latest beta...sigh...it now times out on file transfers.