[jira] [Commented] (FTPSERVER-521) Failure connecting to Apache FTP/S server from curl command negotiating TLS 1.3 protocol version

Mon, 17 Jul 2023 02:29:58 -0700 


    [ 
https://issues.apache.org/jira/browse/FTPSERVER-521?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17743698#comment-17743698
 ] 

Roberto Deandrea commented on FTPSERVER-521:
--------------------------------------------

Can you please comment about this issue ?

> Failure connecting to Apache FTP/S server from curl command negotiating TLS 
> 1.3 protocol version
> ------------------------------------------------------------------------------------------------
>
>                 Key: FTPSERVER-521
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-521
>             Project: FtpServer
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 1.1.4
>         Environment: Operating System: Linux x64
> uname -a
> Linux ITTO-62117757H 5.19.0-46-generic #47~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC 
> Wed Jun 21 15:35:31 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
> curl client used:
> curl -V
> curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 
> brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) 
> libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.14
> Release-Date: 2022-01-05
> Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps 
> mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp 
> Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 
> Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd
> JRE used :
> usr/lib/jvm/jdk8u372-b07-jre/bin/java -version
> openjdk version "1.8.0_372"
> OpenJDK Runtime Environment (Temurin)(build 1.8.0_372-b07)
> OpenJDK 64-Bit Server VM (Temurin)(build 25.372-b07, mixed mode)
>            Reporter: Roberto Deandrea
>            Priority: Major
>         Attachments: EmbeddingFtpServer.java, curl.log, ftpserver.log
>
>
> I do not succeed connecting curl to Apache FTPS/S server negotiating TLS11.3 
> protocol version (curl forcing TLS 1.2 works fine without any problems).
> I reproduced the problem with minor changed to EmbeddingFtpServer.java source 
> attached to the jira.
> In the attached file curl.log you can find the curl client log.
> From curl.log it seems that the TLS 1.3 hanshake ended succesfully, but the 
> client does not receive a reply to the subsequent USER command, times out and 
> closes the connection.
> * TLSv1.3 (OUT), TLS handshake, Finished (20)
> SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
> > USER spazio
> * TLSv1.2 (IN), TLS header, Supplemental data (23):
> * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
> * server response timeout
> * Closing connection 0
>  
> Do you think this is a problem in the Apache FTPS Server code or inside the 
> JSSE layer of the JRE ?
>  
> Thank you in advance for your cooperation.
> Roberto Deandrea
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

Reply via email to