Ubuntu
vsftpd package

Bug #1160372
Comment #113

Comment 113 for bug 1160372

Revision history for this message

In Novell/SUSE Bugzilla #786024, moenchmeyer (rm-anracon) wrote on 2013-06-06:

#113

Hi, I am using Opensue 12.3 64 Bit. Freshly installed and updated to the latest packages from the update repository.

In my opinion the problems regarding the present version 3.0.2-4.5.1 of vsftp are far from resolved. As other related bugs as

https://bugzilla.novell.com/show_bug.cgi?id=806758

were marked as duplicates of this one I post my findings here.

Bug 1
******
I still need
seccomp_sandbox=NO
to connect, when TLS is enabled. With this option set to NO everything works as expected.

However, if seccomp_sandbox=YES I get the following messages in Filezilla when trying too connect from a remote system which also runs under OS 12.3:

Status: TLS/SSL-Verbindung hergestellt.
Antwort: 331 Please specify the password.
Befehl: PASS *******
Antwort: 230 Login successful.
Befehl: SYST
Antwort: 215 UNIX Type: L8
Befehl: FEAT
Antwort: 211-Features:
Antwort: AUTH TLS
Antwort: EPRT
Antwort: EPSV
Antwort: MDTM
Antwort: PASV
Antwort: PBSZ
Antwort: PROT
Antwort: REST STREAM
Antwort: SIZE
Antwort: TVFS
Antwort: UTF8
Antwort: 211 End
Befehl: OPTS UTF8 ON
Antwort: 200 Always in UTF8 mode.
Befehl: PBSZ 0
Antwort: 200 PBSZ set to 0.
Befehl: PROT P
Antwort: 200 PROT now Private.
Status: Verbunden
Status: Empfange Verzeichnisinhalt...
Befehl: CWD /
Antwort: 250 Directory successfully changed.
Befehl: PWD
Antwort: 257 "/"
Befehl: TYPE I
Antwort: 200 Switching to Binary mode.
Befehl: PASV
Fehler: GnuTLS error -15: Ein unerwartetes TLS-Paket wurde empfangen.
Fehler: Verbindung zum Server getrennt: ECONNABORTED - Connection aborted
Fehler: Verzeichnisinhalt konnte nicht empfangen werden

Bug 2 (maybe related)
******
2) Even with "seccomp_sandbox=NO", but switching to

syslog_enable=YES

I get the following message in filezilla:

Status: Connecting to 192.168.0.37:21...
Status: Connection established, waiting for welcome message...
Response: 500 OOPS: priv_sock_get_cmd
Error: Critical error
Error: Could not connect to server

Bug 3:
******
From some OS 12.3 remote systems I cannot connect in case the following option is not set to NO:

require_ssl_reuse=NO

So all in all vsftp still shows major deficiencies on Opensuse 12.3 which were not present in OS 12.2.

Any ideas what I could do ?

Hi, I am using Opensue 12.3 64 Bit. Freshly installed and updated to the latest packages from the update repository.

In my opinion the problems regarding the present version 3.0.2-4.5.1 of vsftp are far from resolved. As other related bugs as

https://bugzilla.novell.com/show_bug.cgi?id=806758

were marked as duplicates of this one I post my findings here.

Bug 1 
******
I still need 
seccomp_sandbox=NO
to connect, when TLS is enabled. With this option set to NO everything works as expected.

However, if seccomp_sandbox=YES I get the following messages in Filezilla when trying too connect from a remote system which also runs under OS 12.3:

Status:	TLS/SSL-Verbindung hergestellt.
Antwort:	331 Please specify the password.
Befehl:	PASS *******
Antwort:	230 Login successful.
Befehl:	SYST
Antwort:	215 UNIX Type: L8
Befehl:	FEAT
Antwort:	211-Features:
Antwort:	 AUTH TLS
Antwort:	 EPRT
Antwort:	 EPSV
Antwort:	 MDTM
Antwort:	 PASV
Antwort:	 PBSZ
Antwort:	 PROT
Antwort:	 REST STREAM
Antwort:	 SIZE
Antwort:	 TVFS
Antwort:	 UTF8
Antwort:	211 End
Befehl:	OPTS UTF8 ON
Antwort:	200 Always in UTF8 mode.
Befehl:	PBSZ 0
Antwort:	200 PBSZ set to 0.
Befehl:	PROT P
Antwort:	200 PROT now Private.
Status:	Verbunden
Status:	Empfange Verzeichnisinhalt...
Befehl:	CWD /
Antwort:	250 Directory successfully changed.
Befehl:	PWD
Antwort:	257 "/"
Befehl:	TYPE I
Antwort:	200 Switching to Binary mode.
Befehl:	PASV
Fehler:	GnuTLS error -15: Ein unerwartetes TLS-Paket wurde empfangen.
Fehler:	Verbindung zum Server getrennt: ECONNABORTED - Connection aborted
Fehler:	Verzeichnisinhalt konnte nicht empfangen werden

Bug 2 (maybe related) 
******
2) Even with "seccomp_sandbox=NO", but switching to

syslog_enable=YES

I get the following message in filezilla:

Status:	Connecting to 192.168.0.37:21...
Status:	Connection established, waiting for welcome message...
Response:	500 OOPS: priv_sock_get_cmd
Error:	Critical error
Error:	Could not connect to server

Bug 3: 
******
From some OS 12.3 remote systems I cannot connect in case the following option is not set to NO:

require_ssl_reuse=NO

So all in all vsftp still shows major deficiencies on Opensuse 12.3 which were not present in OS 12.2.

Any ideas what I could do ?

Ubuntuvsftpd package

Comment 113 for bug 1160372

Ubuntu
vsftpd package