lftp
lftp copied to clipboard
Published
20 hours ago •
lavv17
lavv17
450 Transfer aborted. Link to file server lost
LFTP does not work properly.
We are getting errors like "450 Transfer aborted. Link to file server lost" How can this be fixed? Is this a client issue, a server issue, lftp issue?
lftp -v
LFTP | Version 4.8.4 | Copyright (c) 1996-2017 Alexander V. Lukyanov
...
Libraries used: GnuTLS 3.6.13, idn2 2.2.0, Readline 8.0, zlib 1.2.11
We use lftp inside the github action, and the latest version is 4.8.4 if installed via apt-get.
Our script looks like this:
lftp -u "$USER","$PASSWORD" $HOST <<EOF
debug
set ssl:check-hostname yes
set sftp:auto-confirm yes
set ftp:ssl-force true
mirror --verbose --reverse --only-newer --delete $UPLOAD $REMOTE $IGNORE;
exit
EOF
(changed IPs and Domain names)
Example 1 (with debug 3)
---- Connecting to ******.******.com (123.345.456.67) port 21
<--- 220 ProFTPD Server (ProFTPD) [123.345.456.67]
<--- 230 User the-user-ftp logged in
Removing old file `.htaccess'
Transferring file `.htaccess'
Transferring file `index.php'
<--- 450 Transfer aborted. Link to file server lost
<--- 451 index.php: Append/Restart not permitted, try again
---- Switching to NOREST mode
<--- 450 Transfer aborted. Link to file server lost
<--- 450 Transfer aborted. Link to file server lost
<--- 450 Transfer aborted. Link to file server lost
<--- 450 Transfer aborted. Link to file server lost
<--- 450 Transfer aborted. Link to file server lost
<--- 450 Transfer aborted. Link to file server lost
...and so on forever
Example 2 (with just debug)
---- Connecting to our-company.com (123.345.456.67) port 21
<--- 220 ProFTPD Server (ProFTPD) [123.345.456.67]
---> FEAT
<--- 211-Features:
<--- AUTH TLS
<--- CCC
<--- CLNT
<--- EPRT
<--- EPSV
<--- HOST
<--- LANG de-DE.UTF-8*
<--- MDTM
<--- MFF modify;UNIX.group;UNIX.mode;
<--- MFMT
<--- MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.groupname*;UNIX.mode*;UNIX.owner*;UNIX.ownername*;
<--- PBSZ
<--- PROT
<--- REST STREAM
<--- SIZE
<--- SSCN
<--- TVFS
<--- UTF8
<--- 211 End
---> AUTH TLS
<--- 234 AUTH TLS successful
---> CLNT lftp/4.8.4
Certificate: CN=our-company.com
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
<--- 200 OK
---> LANG
<--- 200 Using default language de_DE.UTF-8
---> OPTS UTF8 ON
<--- 200 UTF8 set to on
---> HOST our-company.com
<--- 504 our-company.com: Unknown hostname provided
---> USER ftp-username
<--- 331 Password required for ftp-username
---> PASS ***
<--- 230 User ftp-username logged in
---> OPTS MLST modify;perm;size;type;UNIX.group;UNIX.mode;UNIX.owner
<--- 200 MLST OPTS modify;perm;size;type;UNIX.group;UNIX.mode;
---> PWD
<--- 257 "/" is the current directory
---> PBSZ 0
<--- 200 PBSZ 0 successful
---> PROT P
<--- 200 Protection set to Private
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,249,41).
---- Connecting data socket to (123.345.456.67) port 63785
---- Data connection established
---> MLSD
<--- 150 Opening BINARY mode data connection for MLSD
Certificate: CN=our-company.com
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Got EOF on data connection
---- Closing data socket
<--- 226 Transfer complete
---> TYPE I
<--- 200 Type set to I
Removing old file `.htaccess'
---> DELE .htaccess
Transferring file `.htaccess'
<--- 250 DELE command successful
---> PROT C
<--- 534 Unwilling to accept security parameters
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,252,194).
---- Connecting data socket to (123.345.456.67) port 64706
---- Data connection established
---> ALLO 3207
<--- 202 No storage allocation necessary
---> STOR .htaccess
<--- 150 Opening BINARY mode data connection for .htaccess
Certificate: CN=our-company.com
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Closing data socket
<--- 226 Transfer complete
---> MFMT 20210224125038 .htaccess
<--- 213 Modify=20210224125038; .htaccess
---> DELE index.php
Removing old file `index.php'
Transferring file `index.php'
<--- 250 DELE command successful
---> PROT C
<--- 534 Unwilling to accept security parameters
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,229,159).
---- Connecting data socket to (123.345.456.67) port 58783
---- Data connection established
---> STOR index.php
<--- 150 Opening BINARY mode data connection for index.php
Certificate: CN=our-company.com
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Closing data socket
<--- 450 Transfer aborted. Link to file server lost
---> SIZE index.php
<--- 213 16384
---> PROT C
copy: put rolled back to 16384, seeking get accordingly
<--- 534 Unwilling to accept security parameters
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,224,54).
---- Connecting data socket to (123.345.456.67) port 57398
---- Data connection established
---> REST 16384
<--- 350 Restarting at 16384. Send STORE or RETRIEVE to initiate transfer
---> STOR index.php
<--- 451 index.php: Append/Restart not permitted, try again
---- Closing data socket
---- Switching to NOREST mode
---> PROT C
copy: put rolled back to 0, seeking get accordingly
<--- 534 Unwilling to accept security parameters
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,224,227).
---- Connecting data socket to (123.345.456.67) port 57571
---- Data connection established
---> REST 0
<--- 350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer
---> STOR index.php
<--- 150 Opening BINARY mode data connection for index.php
Certificate: CN=our-company.com
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Closing data socket
<--- 450 Transfer aborted. Link to file server lost
---> PROT C
copy: put rolled back to 0, seeking get accordingly
<--- 534 Unwilling to accept security parameters
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,195,70).
---- Connecting data socket to (123.345.456.67) port 49990
---- Data connection established
---> STOR index.php
<--- 150 Opening BINARY mode data connection for index.php
Certificate: CN=our-company.com
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Closing data socket
<--- 450 Transfer aborted. Link to file server lost
---> PROT C
copy: put rolled back to 0, seeking get accordingly
<--- 534 Unwilling to accept security parameters
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,202,1).
---- Connecting data socket to (123.345.456.67) port 51713
---- Data connection established
---> STOR index.php
<--- 150 Opening BINARY mode data connection for index.php
Certificate: CN=our-company.com
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Closing data socket
<--- 450 Transfer aborted. Link to file server lost
---> PROT C
copy: put rolled back to 0, seeking get accordingly
<--- 534 Unwilling to accept security parameters
---> PASV
<--- 227 Entering Passive Mode (123,345,456,67,194,133).
---- Connecting data socket to (123.345.456.67) port 49797
---- Data connection established
---> STOR index.php
<--- 150 Opening BINARY mode data connection for index.php
...and so on trying the same file again and again and again and again
Looks like I have the same issue on uploading files with lftp and proftpd (debian 10, proftpd 1.3.6). I am not sure if it's a lftp or proftpd issue or both?
The strange thing is that a few files are getting transfered but then lftp stucks with "450 Transfer aborted. Link to file server lost"
Uploads with filezilla and the same data are working.
Proftpd is configured with TLS1.2 only, but does accept connections with TLS1.3 also.
lftp on Linux Mint:
LFTP | Version 4.8.4 | Copyright (c) 1996-2017 Alexander V. Lukyanov
LFTP is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with LFTP. If not, see <http://www.gnu.org/licenses/>.
Send bug reports and questions to the mailing list <[email protected]>.
Libraries used: GnuTLS 3.6.13, idn2 2.2.0, Readline 8.0, zlib 1.2.11
lftp on alpine: docker image https://github.com/minidocks/images/tree/master/lftp:
LFTP | Version 4.9.2 | Copyright (c) 1996-2020 Alexander V. Lukyanov
LFTP is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with LFTP. If not, see <http://www.gnu.org/licenses/>.
Send bug reports and questions to the mailing list <[email protected]>.
Libraries used: Readline 8.1
same results:
---- Data connection established
---> STOR bootstrap-grid.css
<--- 150 Opening BINARY mode data connection for bootstrap-grid.css
Certificate: CN=HOSTREMOVED
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: C=US,O=Internet Security Research Group,CN=ISRG Root X1
Checking against: C=US,O=Internet Security Research Group,CN=ISRG Root X1
Trusted
Certificate: C=US,O=Internet Security Research Group,CN=ISRG Root X1
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Closing data socket
<--- 450 Transfer aborted. Link to file server lost
---> SIZE bootstrap-grid.css
<--- 550 bootstrap-grid.css: No such file or directory
---> PROT C
copy: put rolled back to 0, seeking get accordingly
<--- 534 Unwilling to accept security parameters
---> EPSV
<--- 229 Entering Extended Passive Mode (|||32145|)
---- Connecting data socket to (IPv6REMOVED) port 32145
---- Data connection established
---> STOR bootstrap-grid.css
<--- 150 Opening BINARY mode data connection for bootstrap-grid.css
Certificate: CN=HOSTREMOVED
Issued by: C=US,O=Let's Encrypt,CN=R3
Checking against: C=US,O=Let's Encrypt,CN=R3
Trusted
Certificate: C=US,O=Let's Encrypt,CN=R3
Issued by: C=US,O=Internet Security Research Group,CN=ISRG Root X1
Checking against: C=US,O=Internet Security Research Group,CN=ISRG Root X1
Trusted
Certificate: C=US,O=Internet Security Research Group,CN=ISRG Root X1
Issued by: O=Digital Signature Trust Co.,CN=DST Root CA X3
Trusted
---- Closing data socket
^CInterrupt
<--- 450 Transfer aborted. Link to file server lost
Same here. I use MacOS Catalina, lftp 4.9.2 and it happens with both variants (gnutls and openssl - tested with macports and homebrew).
Not sure if this is related: https://github.com/proftpd/proftpd/issues/959
Interestingly it works on GHA with this action: https://github.com/kevinpainchaud/simple-ftp-deploy-action
Maybe someone can check the image and the settings of the lftp version there (I don't have Docker on my local machine).
I've checked what set -a outputs in the container:
--- lftp-working 2021-07-25 01:13:06.000000000 +0200
+++ lftp-broken 2021-07-25 01:11:57.000000000 +0200
@@ -45,8 +45,8 @@
set cmd:verify-host yes
set cmd:verify-path yes
set cmd:verify-path-cached no
-set color:dir-colors ""
-set color:use-color auto
+set color:dir-colors "no=00:fi=00:di=01;34:ln=00;36:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31:ex=00;32:*.cmd=00;32:*.exe=01;32:*.com=01;32:*.bat=01;32:*.btm=01;32:*.dll=01;32:*.tar=00;31:*.tbz=00;31:*.tgz=00;31:*.rpm=00;31:*.deb=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.zoo=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.tb2=00;31:*.tz2=00;31:*.tbz2=00;31:*.avi=01;35:*.bmp=01;35:*.fli=01;35:*.gif=01;35:*.jpg=01;35:*.jpeg=01;35:*.mng=01;35:*.mov=01;35:*.mpg=01;35:*.pcx=01;35:*.pbm=01;35:*.pgm=01;35:*.png=01;35:*.ppm=01;35:*.tga=01;35:*.tif=01;35:*.xbm=01;35:*.xpm=01;35:*.dl=01;35:*.gl=01;35:*.aiff=00;32:*.au=00;32:*.mid=00;32:*.mp3=00;32:*.ogg=00;32:*.voc=00;32:*.wav=00;32:"
+set color:use-color true
set dns:SRV-query no
set dns:cache-enable yes
set dns:cache-expire 1h
@@ -183,7 +183,7 @@
set log:enabled no
set log:enabled/xfer yes
set log:file ""
-set log:file/xfer /root/.local/share/lftp/transfer_log
+set log:file/xfer /Users/username/.local/share/lftp/transfer_log
set log:level 9
set log:max-size 1M
set log:prefix-error "**** "
@@ -207,7 +207,7 @@
set mirror:skip-noaccess no
set mirror:sort-by name
set mirror:use-pget-n 0
-set module:path /usr/lib/lftp/4.9.2:/usr/lib/lftp
+set module:path /usr/local/Cellar/lftp/4.9.2_1/lib/lftp/4.9.2:/usr/local/Cellar/lftp/4.9.2_1/lib/lftp
set net:connection-limit 0
set net:connection-limit-timer 5m
set net:connection-takeover yes
@@ -249,6 +249,18 @@
set ssl:priority ""
set ssl:use-sni yes
set ssl:verify-certificate yes
+set torrent:ip ""
+set torrent:ipv6 ""
+set torrent:max-peers 60
+set torrent:port-range 6881-6889
+set torrent:retracker ""
+set torrent:save-metadata yes
+set torrent:seed-max-time 30d
+set torrent:seed-min-peers 3
+set torrent:stop-min-ppr 1.4
+set torrent:stop-on-ratio 2.0
+set torrent:timeout 7d
+set torrent:use-dht yes
set xfer:auto-rename no
set xfer:backup-suffix ~%Y%m%d%H%M%S~
set xfer:buffer-size 0x10000
@@ -266,4 +278,4 @@
set xfer:timeout 1d
set xfer:use-temp-file no
set xfer:verify no
-set xfer:verify-command ""
\ No newline at end of file
+set xfer:verify-command /usr/local/Cellar/lftp/4.9.2_1/share/lftp/verify-file
\ No newline at end of file
The red lines are from the container, the green from my local setup.
lftp -v outputs this in the container:
LFTP | Version 4.9.2 | Copyright (c) 1996-2020 Alexander V. Lukyanov
LFTP is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with LFTP. If not, see <http://www.gnu.org/licenses/>.
Send bug reports and questions to the mailing list <[email protected]>.
Libraries used: Readline 8.1
On my local machine (MacOS) it outputs this:
LFTP | Version 4.9.2 | Copyright (c) 1996-2020 Alexander V. Lukyanov
LFTP is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with LFTP. If not, see <http://www.gnu.org/licenses/>.
Send bug reports and questions to the mailing list <[email protected]>.
Verwendete Libraries:idn2 2.3.2, libiconv 1.11, OpenSSL 1.1.1k 25 Mar 2021, Readline 8.1, zlib 1.2.11
The different default settings are a bit weird. Are these two different builds but the same version number? Also different libraries seem to be used. The one without the problems does not mention openssl at all.
I tried to build from the source and I get not past the ./config.h:2701:11: fatal error: 'trio.h' file not found error =(
You may want to try to build lftp with ./configure --without-openssl --without-gnutls --with-readline=/usr/local/opt/readline/lib to see if that makes a difference (don't forget to change the readline lib path).
Hi! Sorry for "necro bumping", but i recently ran into the same issue. I saw the same kind of problems as described here, when testing proftpd 1.3.6c with TLS and using lftp v4.9.2 as client.
But the problem disappeared after setting TLSSessionTickets on in proftpd config.
TLSv1.3 needs session tickets, but they are disablerd by default in proftpd 1.3.6c.
As described in the proftpd documentation: http://www.proftpd.org/docs/contrib/mod_tls.html#TLSSessionTickets
