Perform unidirectional SSL/TLS shutdown on data connections
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
proftpd (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: proftpd
This came up as the result of FileZilla releasing a new version of their client that no longer worked with ProFTPd and other FTP servers due to an adjustment in how that client reacts to TLS/SSL session closes. If the client doesn't receive proper notification, it aborts the session (this is my understanding).
There has been some discussion over whether the client's interpretation and subsequent implementation of the RFC's is correct or not, but perhaps some discussion can be had here and perhaps ultimately a resolution. As it is now, FileZilla >= v3.1.0 can no longer connect to ProFTPd via TLS/SSL.
The upstream bug report is available at http://
The bug has been fixed upstream in proftpd v1.3.2rc2
The changeset of debian to Version: 1.3.1-14 contains this note:
* [PATCH] New 3094.dpatch.
Implements unidirectional shutdown of TLS/SSL sessions which is mandatory
to support recent filezilla and possibly other clients. This will avoid
many headaches for Filezilla >=3.1 users reporting failures in connecting
proftpd servers.
(closes: #498136)
This has been merged, so it should be fixed for Jaunty. Perhaps this fix could be backported to intrepid?