Bug 458595 - openssl is causing lftp to fail directory listings
openssl is causing lftp to fail directory listings
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: lftp (Show other bugs)
9
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jiri Skala
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-08-10 13:52 EDT by Mark
Modified: 2014-11-09 17:31 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-02 06:30:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark 2008-08-10 13:52:20 EDT
Description of problem: When using lftp to connect to a drftpd server, I cannot get a directory listing.  Openssl seems to be the problem.  I have sent mail to lftp and they say openssl is at fault.  I have many distributions of linux running and they all work except Fedora 9.


Version-Release number of selected component (if applicable):


How reproducible: 100%


Steps to Reproduce:
1. Connect to ftp site
2. Type ls
3.
  
Actual results: > ---> LIST
> <--- 150 File status okay; about to open data connection.
> **** SSL_connect: sslv3 alert unexpected message
> ---- Closing data socket
> <--- 425 Unexpected end of handshake data

over and over and over


Expected results: dir listing


Additional info:
Comment 1 Tomas Mraz 2008-08-10 14:19:18 EDT
Did they give any hints why they think OpenSSL is at fault in this problem?
Comment 2 Mark 2008-08-10 15:08:10 EDT
No they didn't.  All I know, is I have the following Linux OS's running and they all work fine with lftp.  Ubuntu 8, CentOS 5.2, Debian Lenny, Arch Linux.

Fedora 8 worked fine before.

Fedora 9 and Fedora Rawhide do not work.

Any suggestions in how to pinpoint?
Comment 3 Tomas Mraz 2008-08-10 16:59:41 EDT
Can you please try the newest rawhide build?

You can get it from koji here:
http://koji.fedoraproject.org/koji/taskinfo?taskID=769464
Comment 4 Mark 2008-08-10 17:51:53 EDT
(In reply to comment #3)
> Can you please try the newest rawhide build?
> 
> You can get it from koji here:
> http://koji.fedoraproject.org/koji/taskinfo?taskID=769464

Not sure how that would help.  lftp would have to be recompiled against the rawhide openssl-dev package.

I did try installing a complete rawhide in vmware and the problem was still there.
Comment 5 Tomas Mraz 2008-08-11 02:56:19 EDT
Please try to update the openssl package in the rawhide install with that one from the link from Koji and try again.
Thank you.
Comment 6 Mark 2008-08-11 20:37:10 EDT
(In reply to comment #5)
> Please try to update the openssl package in the rawhide install with that one
> from the link from Koji and try again.
> Thank you.

Running rawhide

[nix4me@localhost ~]$ uname -a
Linux localhost.localdomain 2.6.27-0.244.rc2.git1.fc10.x86_64 #1 SMP Fri Aug 8 13:14:06 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux

try lftp:

lftp nix4me@somesite.net:/> ls
FileCopy(0x717d80) enters state INITIAL
FileCopy(0x717d80) enters state DO_COPY
---> PRET LIST 
<--- 200 OK, will use master for upcoming transfer
---> PASV
<--- 227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xx).
---- Connecting data socket to (xx.xxx.xxx.xx) port 55587
---- Data connection established       
---> LIST
<--- 150 File status okay; about to open data connection.
**** SSL_connect: sslv3 alert unexpected message
---- Closing data socket
<--- 425 Unexpected end of handshake data
---> PRET LIST                     
<--- 200 OK, will use master for upcoming transfer
---> PASV
<--- 227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xxx).
---- Connecting data socket to (xx.xxx.xxx.xx) port 59572
---- Data connection established       
---> LIST
<--- 150 File status okay; about to open data connection.
**** SSL_connect: sslv3 alert unexpected message
---- Closing data socket
<--- 425 Unexpected end of handshake data

Try to upgrade to openssl from above link:

The package openssl-0.9.8g-11.fc10.x86_64 is already installed

broke.
Comment 7 Tomas Mraz 2008-08-12 03:54:01 EDT
Looking at the lftp sources, we should not link it to openssl at all because there is a license conflict between OpenSSL and GPL licenses.

Please change lftp build to link to GNUTLS instead.
Comment 8 Mark 2008-08-12 19:09:27 EDT
What exactly should i try next?  Compile this thing myself against gnutls?  I need this fixed so I am willing to help pinpoint the problem.
Comment 9 Mark 2008-08-12 20:04:34 EDT
Ok, I fixed it on my rawhide install.  I compiled the development lftp source against gnutls-devel and it works.  Here are the details.

lftp-3.7.1-1.fc10.src.rpm

gnutls-devel.x86_64 installed

./configure --with-gnutls --without-openssl

make

make install




Next I will try on a Fedora 9 install and report results.
Comment 10 Mark 2008-08-12 20:41:35 EDT
That was it.  Lftp is now working on my Fedora 9 vmware install.  Here are the details:

lftp-3.6.3-2.fc9.src.rpm downloaded from a mirror

gnutls-devel.x86_64 installed

./configure --with-gnutls --without-openssl
make
make install

Works fine.

Looks like the Lftp package needs to be recompiled against gnutls and pushed to the repositories.  Thanks for the help, and I hope I helped get the problem solved.
Comment 11 Jiri Skala 2008-10-02 06:30:45 EDT
This is done. The gnutls comeback solves this problem and license conflict too.

Note You need to log in before you can comment on or make changes to this bug.