ECONNABORTED: It's the server's fault!

Need help with FileZilla Client? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Locked
Message
Author
User avatar
botg
Site Admin
Posts: 31510
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse
Contact:

ECONNABORTED: It's the server's fault!

#1 Post by botg » 2008-08-08 23:06

Code: Select all

Status: Server did not properly shut down TLS connection
Error:  Could not read from transfer socket: ECONNABORTED - Connection aborted
If you get this error if listing a directory or if downloading a file, it means that your server did not send the SSL/TLS closure notification as required by the SSL/TLS specifications.

Closing the data connection for the transfer connection without an orderly SSL/TLS shutdown violates the specifications. Furthermore, not performing the shutdown is indistinguishable from an attacker sending spoofed FIN TCP packets to the server, leading to truncated, yet apparently complete, successful transfers.

Previous versions of FileZilla did not detect this faulty behavior and were vulnerable to spoofed FIN packets. The most recent version correctly complains about the server.

Partial list of broken servers:
  • FileZilla Server <=0.9.30
  • vsftpd <=2.0.6
  • ProFTPD <=1.3.2rc1
  • Xlight FTP server <=2.861
  • Pure-FTPd <=1.0.38
Partial list of proper servers:
  • FileZilla Server >=0.9.31
  • vsftpd >=2.0.7
  • ProFTPD >=1.3.2rc2
  • Xlight FTP Server >=3.0
  • Pure-FTPd >=1.0.39

User avatar
boco
Contributor
Posts: 24118
Joined: 2006-05-01 03:28
Location: Germany

Re: ECONNABORTED: It's the server's fault!

#2 Post by boco » 2008-09-13 17:52

Please discuss in the new discussion thread. The sticky got rather messed up so let's keep it clean. :wink: Moved all posts there, have fun!

Discussion thread is now read-only.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Do yourself a favor and read Network Configuration.
All FileZilla products fully support IPv6. http://worldipv6launch.org
### END SIGNATURE BLOCK ###

Locked