450 TLS session of data connection has not resumed

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Message
Author
User avatar
botg
Site Admin
Posts: 35507
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: 450 TLS session of data connection has not resumed

#16 Post by botg » 2015-07-09 17:41

The way FileZilla Server uses session resumption does not impact PFS in any significant way.
Session IDs [...] To support session resumption via session IDs the server must maintain a cache that maps past session IDs to those sessions’ secret states. The cache itself is the main weak spot, stealing the cache contents allows to decrypt all sessions whose session IDs are contained in it.
With OpenSSL the session cache is bound to the SSL context. In FileZilla Server, each control connection has its own SSL context which, including cache, gets destroyed when closing the control connection.

If an attacker can read the session cache the system is already compromised. There is no reason to assume that the attacker cannot read everything else. With the cache existing only while the control connection is alive, the attacker can at that point just as well read the connection's private key from the active session without bothering the cache.
Session Tickets [...] The second mechanism to resume a TLS session are Session Tickets. This extension transmits the server’s secret state to the client, encrypted with a key only known to the server. That ticket key is protecting the TLS connection now and in the future and is the weak spot an attacker will target.
Again, the server's secret state including the ticket keyis bound to the context. If the control connection gets destroyed, the secret is lost and past tickets lose their validity. While I can't speak for all clients, FileZilla Client too forgets about its session ticket if the control connection gets closed.

DraySpencer
500 Command not understood
Posts: 4
Joined: 2014-02-11 04:08
First name: Dray
Last name: Spencer

Re: 450 TLS session of data connection has not resumed

#17 Post by DraySpencer » 2016-05-23 14:24

botg wrote:It appears your client does not support TLS session resumption. Please contact your client vendor so that TLS session resumption can be implemented in your client.
Been running FileZilla server for years and always like to take the opportunity to thank you for the software and your constant upgrades and hard work.

After years we recently upgraded our system to Windows 10 and installed 0.9.57 beta and we have the same problem. I have checked the AndFTP support site and it seems they have been made aware of the issue ( http://tinyurl.com/gu5jfth ). I realize that it is not a good idea to turn off the TLS session resumption feature in our server but does anyone out there know how we can resume using our android devices in the field without turning off this feature. Any other client suggestions? Not using FileZilla server software is not an option for us.

Thanks again!

User avatar
botg
Site Admin
Posts: 35507
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: 450 TLS session of data connection has not resumed

#18 Post by botg » 2016-05-23 16:35

DraySpencer wrote:I have checked the AndFTP support site and it seems they have been made aware of the issue ( http://tinyurl.com/gu5jfth ).
from the linked URL wrote:AndFTP doesn't support TLS/SSL session reuse because underlying network layer of Android OS does not allow it.
Really? Looking at https://developer.android.com/reference ... ctory.html I see many references to SSL session caching.

I realize that it is not a good idea to turn off the TLS session resumption feature in our server but does anyone out there know how we can resume using our android devices in the field without turning off this feature
I'm not familiar with the Android FTP landscape.

Not using FileZilla server software is not an option for us.
Using any other FTP server would result in the same problem, unless the server doesn't implement this security feature.

DraySpencer
500 Command not understood
Posts: 4
Joined: 2014-02-11 04:08
First name: Dray
Last name: Spencer

Re: 450 TLS session of data connection has not resumed

#19 Post by DraySpencer » 2016-05-23 17:06

botg wrote:
from the linked URL wrote:AndFTP doesn't support TLS/SSL session reuse because underlying network layer of Android OS does not allow it.
Really? Looking at https://developer.android.com/reference ... ctory.html I see many references to SSL session caching.
Yes we notice the many references also....
We will just have to keep our laptops with us in the field at this time until they update their app...there is always a workaround.

Thanks again!
Last edited by botg on 2016-05-23 19:54, edited 1 time in total.
Reason: Fixed quoting tags

Moritz
500 Command not understood
Posts: 2
Joined: 2019-10-17 08:59

Re: 450 TLS session of data connection has not resumed

#20 Post by Moritz » 2019-10-17 09:13

Hey guys,
sorry for warming up a rather old thread but I ran into some weird issues and think this is the most closely related threat that I found so far.

We have been running a 0.9.60 beta installation of FileZilla for some time. We have a small data transfer tool that we hand out to clients that connects to our FTP server and allows them to automatically send over files that then in turn get processed further on our server. This has been running fine until after a restart of the server for maintenance today the clients reported errors and the logs showed te "data connection has not resumed" error. As far as I can tell nothing has changed in the configuration either on the server or on the clients. Indeed unchecking the force PROT P option fixed the problem and our clients are sending data again. The strange thing is that they are still using PROT P to secure the data connection with or without the option being checked. See the excerpt from the logfile when force PROT P was enabled as an example:

Code: Select all

(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> Connected on port 990, sending welcome message...
(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> 220-FileZilla Server 0.9.60 beta
(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)
(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> 220 Please visit https://filezilla-project.org/
(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> TLS connection established
(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> USER testing
(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> 331 Password required for testing
(000042) 17/10/2019 15:26:20 - (not logged in) (192.168.5.78)> PASS *******
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 230 Logged on
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> PBSZ 0
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 200 PBSZ=0
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> PROT P
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 200 Protection level set to P
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> FEAT
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 211-Features:
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  MDTM
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  REST STREAM
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  SIZE
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  MLST type*;size*;modify*;
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  MLSD
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  AUTH SSL
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  AUTH TLS
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  PROT
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  PBSZ
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  UTF8
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  CLNT
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  MFMT
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  EPSV
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)>  EPRT
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 211 End
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> OPTS UTF8 ON
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 202 UTF8 mode is always enabled. No need to send this command.
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> SYST
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 215 UNIX emulated by FileZilla
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> PWD
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 257 "/" is current directory.
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> SIZE /Microsoft Word-Dokument (neu)_f747c049-5e49-46a1-9c7b-5c5df5ce304e.docx
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 550 File not found
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> EPSV
(000042) 17/10/2019 15:26:20 - testing (192.168.5.78)> 229 Entering Extended Passive Mode (|||50695|)
(000042) 17/10/2019 15:26:21 - testing (192.168.5.78)> STOR Microsoft Word-Dokument (neu)_f747c049-5e49-46a1-9c7b-5c5df5ce304e.docx
(000042) 17/10/2019 15:26:21 - testing (192.168.5.78)> 150 Opening data channel for file upload to server of "/Microsoft Word-Dokument (neu)_f747c049-5e49-46a1-9c7b-5c5df5ce304e.docx"
(000042) 17/10/2019 15:26:21 - testing (192.168.5.78)> 450 TLS session of data connection has not resumed or the session does not match the control connection
(000042) 17/10/2019 15:26:21 - testing (192.168.5.78)> disconnected.
This puzzles me as the problem does not seem to be related to the client's inability to support PROT P and things were working fine until this morning when we rebooted the server... Any insights would be appreciated!

Also as a side-note: Thanks for developing this awesome piece of software! I really like it and appreciate all the time and effort you must have put into it!

Best regards,


Moritz

User avatar
botg
Site Admin
Posts: 35507
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: 450 TLS session of data connection has not resumed

#21 Post by botg » 2019-10-17 12:28

Make sure your client does not only use TLS on the data connection, but also re-used the same session as the corresponding control connection.

Post Reply