ftp icon indicating copy to clipboard operation
ftp copied to clipboard

Published 20 hours ago verified publisher icon jlaffaye

Fix hang when using ExplicitTLS to certain servers.

Open ncw opened this issue 3 years ago • 3 comments
trafficstars

In #282 it was discovered that doing the tls Handshake immediately on connection causes some FTP servers (proftpd and pureftpd) to hang.

The exact cause of this is unknown, but this patch works around the problem by not doing the Handsake initially, and only doing it at the end if we were attempting to upload a zero length file.

Doing the Handshake at the end was originally added in a4e9650823896675 however it got reverted in 212daf295f0e6ae4 which used tls.DialWithDialer to do the handshake. Unfortunately tls.DialWithDialer seems to trigger the hanging bug.

See: https://forum.rclone.org/t/rclone-ftps-explicit-rclone-touch-empty-files-proftpd-unable-to-build-data-connection-operation-not-permitted/22522 See: https://github.com/rclone/rclone/issues/6426#issuecomment-1243993039 Fixes #282

ncw avatar Sep 16 '22 15:09 ncw

Coverage Status

Coverage decreased (-2.0%) to 72.521% when pulling 5da37698fc590b6252507d769934a3e1e202956f on ncw:fix-282-tls-handshake-hang into 6512c2a4ae1a4090fd6e9a10f98bb11aebe3c44f on jlaffaye:master.

coveralls avatar Sep 16 '22 15:09 coveralls

Can you please add a comment in the code to explain why we setup the connection with tls.Client and not tls.Dial ? So we dont forget about this in the future.

jlaffaye avatar Sep 19 '22 21:09 jlaffaye

I've put a comment in explaining the reasoning.

ncw avatar Sep 20 '22 10:09 ncw

Encountered this bug today with pure-ftpd server - the proposed fix worked for me.

eliasdaler avatar Oct 04 '22 11:10 eliasdaler

Tackled this as well - any chance we can merge the PR ?

dany74q avatar Oct 14 '22 06:10 dany74q

I have updated the code with a bit more documentation.

Unfortunately I'm going to have to hard fork flaffaye for the rclone v1.60 release with this patch in - I'll move the rclone back as soon as this gets merged and released.

ncw avatar Oct 14 '22 10:10 ncw

facing the same issue, @ncw When are you planning to merge this one?

mohsek avatar Oct 25 '22 09:10 mohsek

@mohsek not my call! I have merged a fix for this in rclone 1.60 github.com/rclone/[email protected]

ncw avatar Oct 25 '22 14:10 ncw

I had the same error with the hanging connection

So i tried to use this one No i get an EOF error... Filezilla has no problems uploading files with Explicit TLS. But i am not sure if this is the server or the lib....

Server is pureftp

` 220-You are user number 2 of 5 allowed.

220-Local time is now 17:46. Server port: 21.

220-This is a private system - No anonymous login

220-IPv6 connections are also welcome on this server.

220 You will be disconnected after 15 minutes of inactivity.

AUTH TLS

234 AUTH TLS OK.

USER xxxx

331 User admin OK. Password required

PASS xxxx

230 OK. Current directory is /

FEAT

211-Extensions supported:

EPRT

IDLE

MDTM

SIZE

MFMT

REST STREAM

MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;

MLSD

AUTH TLS

PBSZ

PROT

UTF8

TVFS

ESTA

PASV

EPSV

SPSV

211 End.

TYPE I

200 TYPE is now 8-bit binary

OPTS UTF8 ON

200 OK, UTF-8 enabled

PBSZ 0

200 PBSZ=0

PROT P

200 Data protection level set to "private"

EPSV

229 Extended Passive mode OK (|||30005|)

STOR myfile

150 Accepted data connection

1 error occurred: * EOF `

theGuen avatar Nov 22 '22 18:11 theGuen

@jlaffaye any chance we could get this merged?

funkyshu avatar Dec 21 '22 22:12 funkyshu

Oops totally forgot about this PR

jlaffaye avatar Feb 08 '23 16:02 jlaffaye