vsftpd complains about missing TLS 1.3 session reuse when reusing FTP connection #4654
Comments
|
I don't know why it happens or what the problem is. But yes, very curious that directory listings are somehow handled differently?! |
|
If i'm at the wrong spot, please correct me. We have switched out FTP-Server and the new one makes TLS session reuse mandatory. This is working fine with the local installation of curl on my mac with the following version: In wich version was this fixed? I am not sure if i am looking in the right place because the entry from 6be2804 is still there on the latest tag of curl which is far newer than my local installation. |
When reusing a connection to an vsftp server, e. g. to download several files, the second operation fails.
Example command line:
The first download works fine, and for the second donwload, the control channel connection is reused. But then, vsftp complains about missing session reuse for the data channel for the second file:
See vsftp-session-reuse-required-verbose-output.txt for more details.
Is this a bug in vsftp? Or is the bugfix for #3002 not working when reusing a connection?
It works when limiting TLS to max version 1.2:
And for some reason, the problem does not occur when performing file listings instead of file downloads:
curl/libcurl version
curl 7.68.0-DEV (x86_64-pc-linux-gnu) libcurl/7.68.0-DEV OpenSSL/1.1.1d zlib/1.2.11
Release-Date: [unreleased]
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL TLS-SRP UnixSockets
operating system
Debian 10
also reproducible on Windows 10
The text was updated successfully, but these errors were encountered: