[jira] [Created] (FTPSERVER-521) Failed to connect to Apache FTP/S server from curl command negotiating TLS 1.3 protocol version

Mon, 10 Jul 2023 00:55:48 -0700 

Roberto Deandrea created FTPSERVER-521:
------------------------------------------

             Summary: Failed to connect to Apache FTP/S server from curl 
command negotiating TLS 1.3 protocol version
                 Key: FTPSERVER-521
                 URL: https://issues.apache.org/jira/browse/FTPSERVER-521
             Project: FtpServer
          Issue Type: Bug
          Components: Server
    Affects Versions: 1.1.4
         Environment: Operating System: Linux x64
uname -a
Linux ITTO-62117757H 5.19.0-46-generic #47~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC 
Wed Jun 21 15:35:31 UTC 2 x86_64 x86_64 x86_64 GNU/Linux

curl client used:
curl -V
curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 
brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) 
libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.14
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps 
mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp 
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 
Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd

JRE used :
usr/lib/jvm/jdk8u372-b07-jre/bin/java -version
openjdk version "1.8.0_372"
OpenJDK Runtime Environment (Temurin)(build 1.8.0_372-b07)
OpenJDK 64-Bit Server VM (Temurin)(build 25.372-b07, mixed mode)


            Reporter: Roberto Deandrea
         Attachments: EmbeddingFtpServer.java, curl.log

I do not succeed connecting curl to Apache FTPS/S server negotiating TLS11.3 
protocol version (curl forcing TLS 1.2 works fine without any problems).

I reproduced the problem with minor changed to EmbeddingFtpServer.java source 
attached to the jira.

In the attached file curl.log you can find the curl client log.

>From curl.log it seems that the TLS 1.3 hanshake ended succesfully, but the 
>client does not receive a reply to the subsequent USER command, times out and 
>closes the connection.

* TLSv1.3 (OUT), TLS handshake, Finished (20)
SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384

> USER spazio
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* server response timeout
* Closing connection 0

 

Do you think this is a problem in the Apache FTPS Server code or inside the 
JSSE layer of the JRE ?

 

Thank you in advance for your cooperation.

Roberto Deandrea

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to