Bug 457280

Summary: Perform unidirectional SSL/TLS shutdown on data connections
Product: [Fedora] Fedora EPEL Reporter: Ray Van Dolson <rvandolson>
Component: proftpdAssignee: Matthias Saou <matthias>
Status: CLOSED NEXTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: el4CC: nix4me
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://bugs.proftpd.org/show_bug.cgi?id=3094
Whiteboard:
Fixed In Version: 1.3.1-8 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-02 15:26:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Ray Van Dolson 2008-07-30 16:38:05 UTC
A recent release of the FileZilla FTP client triggered this issue.  ProFTPd
needs to handle SSL shutdown in data connections somewhat differently.  See:

  http://bugs.proftpd.org/show_bug.cgi?id=3094
  http://marc.info/?t=121736602800002&r=1&w=2

There is a patch available for ProFTPd 1.3.1 and I have tested it briefly and it
appears to address the issue.  My SRPM is available here:

  http://rayvd.fedorapeople.org/proftpd/proftpd-1.3.1-4.1.src.rpm

For those who need a quick solution.

I am hoping ProFTPd will release this shortly "officially", but if not perhaps
this patch could be considered for inclusion in 1.3.1-5 (I guess 1.3.1-4 still
has never been released).

Comment 1 Ray Van Dolson 2008-08-21 00:12:48 UTC
Hi Matthias.  I encountered another issue with mod_tls that caused the daemon to crash in certain situations when SIGHUP's were sent.  This was causing the server to die whenever logrotate ran (definitely not a good thing).  ProFTPD came up with a patch for me, and my updated version is here:

  http://rayvd.fedorapeople.org/proftpd/proftpd-1.3.1-4.3.src.rpm

This includes both the patch for the SSL shutdown issue mentioned above as well as the fix for the SIGHUP issue.

The SIGHUP issue upstream bz is:

  http://bugs.proftpd.org/show_bug.cgi?id=3098

Do you have time to take a look at this and perhaps do a release?  If not, let me know -- I'd be happy to co-maintain this package.

Thanks.

Comment 2 Mark 2008-08-29 19:38:57 UTC
Any progress on new rpms?  My clients are still complaining about filezilla not working with my servers.

Comment 3 Ray Van Dolson 2008-09-03 16:29:30 UTC
I've contacted Matthias to see if he'd like to do a co-maintain on this package.  You can use my SRPM above if you like in the interim.

Comment 4 Matthias Saou 2009-01-02 15:26:18 UTC
I've tested and included all 3 patches in the updated proftpd packages which should be pushed to all current branches shortly. Note that I've put 1.3.2rc3 on devel, which normally already includes these fixes.