Description of problem: When using lftp to connect to a drftpd server, I cannot get a directory listing. Openssl seems to be the problem. I have sent mail to lftp and they say openssl is at fault. I have many distributions of linux running and they all work except Fedora 9. Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1. Connect to ftp site 2. Type ls 3. Actual results: > ---> LIST > <--- 150 File status okay; about to open data connection. > **** SSL_connect: sslv3 alert unexpected message > ---- Closing data socket > <--- 425 Unexpected end of handshake data over and over and over Expected results: dir listing Additional info:
Did they give any hints why they think OpenSSL is at fault in this problem?
No they didn't. All I know, is I have the following Linux OS's running and they all work fine with lftp. Ubuntu 8, CentOS 5.2, Debian Lenny, Arch Linux. Fedora 8 worked fine before. Fedora 9 and Fedora Rawhide do not work. Any suggestions in how to pinpoint?
Can you please try the newest rawhide build? You can get it from koji here: http://koji.fedoraproject.org/koji/taskinfo?taskID=769464
(In reply to comment #3) > Can you please try the newest rawhide build? > > You can get it from koji here: > http://koji.fedoraproject.org/koji/taskinfo?taskID=769464 Not sure how that would help. lftp would have to be recompiled against the rawhide openssl-dev package. I did try installing a complete rawhide in vmware and the problem was still there.
Please try to update the openssl package in the rawhide install with that one from the link from Koji and try again. Thank you.
(In reply to comment #5) > Please try to update the openssl package in the rawhide install with that one > from the link from Koji and try again. > Thank you. Running rawhide [nix4me@localhost ~]$ uname -a Linux localhost.localdomain 2.6.27-0.244.rc2.git1.fc10.x86_64 #1 SMP Fri Aug 8 13:14:06 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux try lftp: lftp nix4me:/> ls FileCopy(0x717d80) enters state INITIAL FileCopy(0x717d80) enters state DO_COPY ---> PRET LIST <--- 200 OK, will use master for upcoming transfer ---> PASV <--- 227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xx). ---- Connecting data socket to (xx.xxx.xxx.xx) port 55587 ---- Data connection established ---> LIST <--- 150 File status okay; about to open data connection. **** SSL_connect: sslv3 alert unexpected message ---- Closing data socket <--- 425 Unexpected end of handshake data ---> PRET LIST <--- 200 OK, will use master for upcoming transfer ---> PASV <--- 227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xxx). ---- Connecting data socket to (xx.xxx.xxx.xx) port 59572 ---- Data connection established ---> LIST <--- 150 File status okay; about to open data connection. **** SSL_connect: sslv3 alert unexpected message ---- Closing data socket <--- 425 Unexpected end of handshake data Try to upgrade to openssl from above link: The package openssl-0.9.8g-11.fc10.x86_64 is already installed broke.
Looking at the lftp sources, we should not link it to openssl at all because there is a license conflict between OpenSSL and GPL licenses. Please change lftp build to link to GNUTLS instead.
What exactly should i try next? Compile this thing myself against gnutls? I need this fixed so I am willing to help pinpoint the problem.
Ok, I fixed it on my rawhide install. I compiled the development lftp source against gnutls-devel and it works. Here are the details. lftp-3.7.1-1.fc10.src.rpm gnutls-devel.x86_64 installed ./configure --with-gnutls --without-openssl make make install Next I will try on a Fedora 9 install and report results.
That was it. Lftp is now working on my Fedora 9 vmware install. Here are the details: lftp-3.6.3-2.fc9.src.rpm downloaded from a mirror gnutls-devel.x86_64 installed ./configure --with-gnutls --without-openssl make make install Works fine. Looks like the Lftp package needs to be recompiled against gnutls and pushed to the repositories. Thanks for the help, and I hope I helped get the problem solved.
This is done. The gnutls comeback solves this problem and license conflict too.