FileZilla Server - Building Custom Version And Need Help Building OpenSSL

Moderator: Project members

Post Reply
Message
Author
s7g2vp2
500 Command not understood
Posts: 3
Joined: 2015-04-23 17:22

FileZilla Server - Building Custom Version And Need Help Building OpenSSL

#1 Post by s7g2vp2 » 2015-04-23 17:48

Hi.

I am trying to build a custom version of FileZilla Server so that I can re-enable SSLv3. Yes, I know all about the security issues but it is for use by a legacy application that currently cannot handle TLS. I want to do this using the latest FileZilla Server source code so that I get all other fixes.

With some work I have managed to build FileZilla Server using VS2013 and it appears to run okay.

I have also identified the line of code that I need to update:
pSSL_set_cipher_list(m_ssl, "DEFAULT:!eNULL:!aNULL:!DES:!3DES:!WEAK:!EXP:!LOW:!MD5:!RC4");

However, when I change this to allow RC4 I receive an SSLv3 handshake error. To solve this I think I also need to re-build OpenSSL with SSLv3 enabled.

Unfortunately, all of my attempts to re-build OpenSSL have resulted in FileZilla complaining that it cannot load the SSL libraries. In fact, the only SSL DLLs it seems to like are the ones that are provided with the FileZilla Server installer.


Is it possible for someone to provide me with the build script for OpenSSL (or the entire OpenSSL source + build files) that works with FileZilla Server or if they are not being built as part of the project, the original site where the libraries are being sourced from?


Thanks.
Kev.

User avatar
botg
Site Admin
Posts: 32554
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse
Contact:

Re: FileZilla Server - Building Custom Version And Need Help Building OpenSSL

#2 Post by botg » 2015-04-23 20:07

SSLv3 support has been compiled out of the libraries shipped with FZS.

When building a custom OpenSSL, make sure to link it statically against the VS runtime libraries.

s7g2vp2
500 Command not understood
Posts: 3
Joined: 2015-04-23 17:22

Re: FileZilla Server - Building Custom Version And Need Help Building OpenSSL

#3 Post by s7g2vp2 » 2015-04-24 16:49

Thanks for confirming this.

I now just need to get the compilation of OpenSSL correct. Currently, I am using these instructions:
http://p-nand-q.com/programming/windows ... _2013.html

OpenSSL and Filezilla both compile okay and the new libeay32.dll & ssleay32.dll files are copied. However, when FileZilla receives the AUTH command it reports that it cannot find the libraries.

Are you compiling OpenSSL via a different method?

User avatar
botg
Site Admin
Posts: 32554
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse
Contact:

Re: FileZilla Server - Building Custom Version And Need Help Building OpenSSL

#4 Post by botg » 2015-04-24 18:38

That guide is severely outdated. Please just follow what's written in OpenSSL's INSTALL.W32, replacing /MD with /MT in the .mak

s7g2vp2
500 Command not understood
Posts: 3
Joined: 2015-04-23 17:22

Re: FileZilla Server - Building Custom Version And Need Help Building OpenSSL

#5 Post by s7g2vp2 » 2015-04-30 14:48

OK.

I've now have OpenSSL building correctly and have also successfully re-enabled SSLv3 within FileZilla Server.

Thanks for your help.

User avatar
boco
Contributor
Posts: 24875
Joined: 2006-05-01 03:28
Location: Germany

Re: FileZilla Server - Building Custom Version And Need Help Building OpenSSL

#6 Post by boco » 2015-05-01 07:49

Please do not distribute.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Do yourself a favor and read Network Configuration.
All FileZilla products fully support IPv6. http://worldipv6launch.org
### END SIGNATURE BLOCK ###

Post Reply