- This topic is empty.
April 12, 2010 at 11:18 pm #29988
hello, I am a developer for WebDrive FTP client. A customer of ours is having an issue with directory listings when connecting to your server (latest version) and using AUTH SSL. What I see is that after listing the files from a “LIST” command the winsock recv times out waiting for the server to gracefully close the connection. I have also tried several other FTP clients to make sure this wasn’t a bug in WebDrive client and CoreFTP and MoveitFTP also see the same timeout issue. CoreFTP for example has 2 SSL engines, OpenSSL and WindowsSSL, while using OpenSSL it works however when using the Windows SSL engine it fails with a timeout similar to MoveitFTP and WebDrive. FileZilla seems to work but I believe that is based on the OpenSSL engine. If you have any information on this issue please let me know. Or if you want to get in touch with me please do so via our help desk at http://www.webdrive.comthanks.April 13, 2010 at 5:34 pm #35631imported_SerinParticipant Hello,
I can observe the issue when your client connects with Auth SSL but I haven’t been able to verify that it is a server or client issue yet. I will look into the problem and get back to you.April 13, 2010 at 7:26 pm #35628
ok, please try CoreFTP as well, they have a free version of their FTP client you can download and try it out, just set it to use “Windows SSL” and it should demontrate the same issue.
thanks, — johnApril 13, 2010 at 8:44 pm #35629imported_SerinParticipant
I believe the problem is related to one side or the other not performing a proper TLS/SSL shutdown of the secure connection. Many clients and servers “hang-up” the connection without performing a proper TLS shutdown. Cerberus first issues a TLS/SSL shutdown on its end and then waits for the other side to confirm TLS/SSL shutdown before performing a normal shutdown and close of the socket. I suspect Cerberus might be waiting for WebDrive to respond with a “close notify” (which it probably should be sending) and that perhaps that is the reason the connection stays open. It’s just a quick guess though – I will investigate further.
Quick tests with Core FTP seem to indicate normal connection termination with OpenSSL and Windows SSL. However, Windows SSL does appear to be slower.
GrantApril 13, 2010 at 11:08 pm #35630
ok I am seeing something, on the client side I see a context expired message from the Windows SSL subsystem, but then we still issue a winsock recv call and this is what hangs. I made a change to not ask for any more data after receiving the context expired message and it seems to work. Not sure why we don’t see this with other servers, other server seems to just return 0 on the recv which indicates a graceful shutdown. I’ll have the customer try this fix to see if it works ok for them. — john
- You must be logged in to reply to this topic.