-
Notifications
You must be signed in to change notification settings - Fork 357
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Data connections with ExplicitTLS hang forever #282
Labels
defect
The code does not work as intended
Comments
ncw
added a commit
to ncw/ftp
that referenced
this issue
Sep 16, 2022
In jlaffaye#282 it was discovered that doing the tls Handshake immediately on connection causes some FTP servers (proftpd and pureftpd) to hang. The exact cause of this is unknown, but this patch works around the problem by not doing the Handsake initially, and only doing it at the end if we were attempting to upload a zero length file. Doing the Handshake at the end was originally added in a4e9650 however it got reverted in 212daf2 which used tls.DialWithDialer to do the handshake. Unfortunately tls.DialWithDialer seems to trigger the hanging bug. See: https://forum.rclone.org/t/rclone-ftps-explicit-rclone-touch-empty-files-proftpd-unable-to-build-data-connection-operation-not-permitted/22522 See: rclone/rclone#6426 (comment) Fixes jlaffaye#282
ncw
added a commit
to ncw/ftp
that referenced
this issue
Sep 20, 2022
In jlaffaye#282 it was discovered that doing the tls Handshake immediately on connection causes some FTP servers (proftpd and pureftpd) to hang. The exact cause of this is unknown, but this patch works around the problem by not doing the Handsake initially, and only doing it at the end if we were attempting to upload a zero length file. Doing the Handshake at the end was originally added in a4e9650 however it got reverted in 212daf2 which used tls.DialWithDialer to do the handshake. Unfortunately tls.DialWithDialer seems to trigger the hanging bug. See: https://forum.rclone.org/t/rclone-ftps-explicit-rclone-touch-empty-files-proftpd-unable-to-build-data-connection-operation-not-permitted/22522 See: rclone/rclone#6426 (comment) Fixes jlaffaye#282
ncw
added a commit
to ncw/ftp
that referenced
this issue
Oct 14, 2022
In jlaffaye#282 it was discovered that doing the tls Handshake immediately on connection causes some FTP servers (proftpd and pureftpd) to hang. The exact cause of this is unknown, but this patch works around the problem by not doing the Handsake initially, and only doing it at the end if we were attempting to upload a zero length file. Doing the Handshake at the end was originally added in a4e9650 however it got reverted in 212daf2 which used tls.DialWithDialer to do the handshake. Unfortunately tls.DialWithDialer seems to trigger the hanging bug. See: https://forum.rclone.org/t/rclone-ftps-explicit-rclone-touch-empty-files-proftpd-unable-to-build-data-connection-operation-not-permitted/22522 See: rclone/rclone#6426 (comment) Fixes jlaffaye#282
ncw
added a commit
to ncw/ftp
that referenced
this issue
Oct 14, 2022
In jlaffaye#282 it was discovered that doing the tls Handshake immediately on connection causes some FTP servers (proftpd and pureftpd) to hang. The exact cause of this is unknown, but this patch works around the problem by not doing the Handsake initially, and only doing it at the end if we were attempting to upload a zero length file. Doing the Handshake at the end was originally added in a4e9650 however it got reverted in 212daf2 which used tls.DialWithDialer to do the handshake. Unfortunately tls.DialWithDialer seems to trigger the hanging bug. See: https://forum.rclone.org/t/rclone-ftps-explicit-rclone-touch-empty-files-proftpd-unable-to-build-data-connection-operation-not-permitted/22522 See: rclone/rclone#6426 (comment) Fixes jlaffaye#282
ncw
added a commit
to ncw/ftp
that referenced
this issue
Oct 14, 2022
In jlaffaye#282 it was discovered that doing the tls Handshake immediately on connection causes some FTP servers (proftpd and pureftpd) to hang. The exact cause of this is unknown, but this patch works around the problem by not doing the Handsake initially, and only doing it at the end if we were attempting to upload a zero length file. Doing the Handshake at the end was originally added in a4e9650 however it got reverted in 212daf2 which used tls.DialWithDialer to do the handshake. Unfortunately tls.DialWithDialer seems to trigger the hanging bug. See: https://forum.rclone.org/t/rclone-ftps-explicit-rclone-touch-empty-files-proftpd-unable-to-build-data-connection-operation-not-permitted/22522 See: rclone/rclone#6426 (comment) Fixes jlaffaye#282
ncw
added a commit
to rclone/rclone
that referenced
this issue
Oct 14, 2022
It was discovered that doing the tls Handshake immediately on connection causes some FTP servers (proftpd and pureftpd) to hang. This imports a fix for it by temporarily hard forking jlaffaye/ftp to include the fix submitted as a pull request. See: https://forum.rclone.org/t/rclone-ftps-explicit-rclone-touch-empty-files-proftpd-unable-to-build-data-connection-operation-not-permitted/22522 See: #6426 (comment) See: jlaffaye/ftp#283 See: jlaffaye/ftp#282
@jlaffaye I'm seeing the same hang when using TLS for operations that require to open new data connection on the server. Could this be revisited and merged into the lib? |
Having the same issue with vsftpd server on Debian
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Data connections with TLS Explicit mode seem to be broken
To Reproduce
Using this program to connect hangs on the listing
Expected behavior
I expected to see a listing
FTP server
This is connecting to a Hetzner storage box. I've also had reports of the same problem with pureftpd (See rclone/rclone#6426 )
Debug output
Additional context
I bisected the problem to this commit 212daf2
What appears to be happening is that the connection hangs in the tls Handshake.
If I make this small patch to HEAD everything works fine
BUT if I do a tls.Handshake as well (which is what
tls.DialWithDialer
) does then it hangs upI can only think this is either a bug in Go TLS or a bug in openSSL as used by proftpd and pureftpd, but I'm not sure and I'd appreciate any help!
The text was updated successfully, but these errors were encountered: