nUpdate icon indicating copy to clipboard operation
nUpdate copied to clipboard

Published 20 hours ago verified publisher icon dbforge

SSL sessions not reused by nUpdate Administration client

Open FireEmerald opened this issue 5 years ago • 3 comments

A common ftp package for linux is proftp.

However nUpdate Administration does throw a error when connecting to such a server with default configuration.

I traced the error down and the problem seems like nUpdate Administration client did not reuse SSL session and therefore get's a rejecting data connection.

The workaround then, is to add the TLSOption to your configuration, i.e.:

  # Relax the requirement that the SSL session be reused for data transfers
  TLSOptions NoSessionReuseRequired

This is more a information for you - perhaps take a closer look how you handle ssl sessions.

FireEmerald avatar Dec 14 '19 19:12 FireEmerald

Hi,

thanks for the hint and workaround. Indeed SSL is not handled as good as it should now. The validation callback just always evaluates to true. Have to do something about that.

Best, Dominic

dbforge avatar Dec 15 '19 10:12 dbforge

Did you improved the session handling or just closed the issue?

FireEmerald avatar Aug 25 '20 14:08 FireEmerald

Hi,

I just closed the issue so that it is not hanging around there forever. I have currently no time to provide a change to that for v3.x and I am not sure, when and if I'll publish new updates to v3.x unless there is a secflaw. My focus would actually rely on v4 where everything has changed in any case. If you want to further investigate and let this issue open, let me know.

Best, Dominic

dbforge avatar Aug 25 '20 14:08 dbforge