Bug 176315 - lftp has ssl problems with proftpd, older and newer lftp works
lftp has ssl problems with proftpd, older and newer lftp works
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: lftp (Show other bugs)
4
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Maros Barabas
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-12-21 05:40 EST by Jani Ollikainen
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version: FC5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-09-21 22:16:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jani Ollikainen 2005-12-21 05:40:21 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7

Description of problem:
When I use lftp to take ssl-ftp connection with one proftpd site it gives error
doing ls:

<nothing related>
drwxr-x---  28 ftpuser    ftpuser        4096 Dec 19 09:58 .
**** gnutls_record_recv: A TLS packet with unexpected length was received.
---> ABOR
---- Closing aborted data socket
---- Closing control socket
ls: Fatal error: gnutls_record_recv: A TLS packet with unexpected length was received.

Tried newest 3.3.5 from source and compiled it. It works.
Tested 3.0.6 from rhel4 machine. It works.

So it seems that lftp 3.2. is the problem..


Version-Release number of selected component (if applicable):
lftp-3.2.1-4_FC4

How reproducible:
Always

Steps to Reproduce:
1. Open proftpd ssl ftp site
2. Do ls
3.
  

Actual Results:  Got error saying:
ls: Fatal error: gnutls_record_recv: A TLS packet with unexpected length was received.

Expected Results:  I should have got the directory listing.

Additional info:
Comment 1 Jani Ollikainen 2005-12-21 06:03:31 EST
It seems that the problem lies if lftp uses gnutls or openssl.
OpenSSL works and GNUtls doesn't..

Tested source 3.2.1 and compiled with both libs:
Gnutls: error
Openssl: works.

lftp --version:
FC4:
Libraries used: Readline 5.0
3.2.1 compiled from source:
Libraries used: Readline 5.0, Expat 1.95.8, GnuTLS 1.0.25
3.2.1 compiled from source (./configure --with-openssl):
Libraries used: Readline 5.0, Expat 1.95.8, OpenSSL 0.9.7f 22 Mar 2005

From proftpd logs i heard that those choose different ciphers, so i cannot
really know if this is a bug in proftpd or lftp. 
Comment 2 Jani Ollikainen 2005-12-21 06:21:23 EST
Some more still..

Tested 3.3.5 with openssl/gnutls. Same versions as above with gnutls and openssl.
OpenSSL works nicely. GNUtls works kinda but not still nicely.
GNUtls can print dir listing but it comes VERY SLOWLY and when the last
directory is listed it just hangs. Ctrl-c prints Interrupt and then i can do ls
again, but same thing happens..

This test would make me to blame lftp more than gnutls/proftpd...

Comment 3 Jason Vas Dias 2005-12-21 15:28:43 EST
Thanks for pointing this out.

The .spec file had always been using the configure argument '--with-ssl', which
does not seem to be supported by lftp anymore (yet configure did not complain ); 
even though the .spec file also added the includes and library path for openssl,
configure disabled openssl support by default and used gnutls .

lftp.spec now uses '--with-openssl=/usr' and the gnutls libs Requires have
disappeared , in lftp-3.3.5-4 (FC5) and lftp-3.2.1-10 (FC4) .

Comment 4 Fedora Update System 2005-12-21 16:09:35 EST
From User-Agent: XML-RPC

lftp-3.2.1-10_FC4 has been pushed for FC4, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 5 Fedora Update System 2006-01-09 13:58:56 EST
From User-Agent: XML-RPC

lftp-3.2.1-10_FC4 has been pushed for FC4, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 6 Bill Nottingham 2006-09-21 22:16:26 EDT
Closing bugs in MODIFIED state from prior Fedora releases. If this bug persists
in a current Fedora release (such as Fedora Core 5 or later), please reopen and
set the version appropriately.

Note You need to log in before you can comment on or make changes to this bug.