FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
c2d2
504 Command not implemented
Posts: 10
Joined: 2021-07-20 17:37

FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

#1 Post by c2d2 » 2021-07-28 19:10

Logs (debug) from FileZilla Server:

Code: Select all

{Thread:   1} <2021-07-28T19:01:53.121Z> [ST] Settings written to C:\WINDOWS\system32\config\systemprofile\AppData\Local\filezilla-server\settings.xml.
{Thread:   1} <2021-07-28T19:01:57.662Z> [DI] [Ftp Server/Session 12] Session 0x1f6662bbfa0 with ID 12 created.
{Thread:   2} <2021-07-28T19:01:57.673Z> [CO] [Ftp Server/Session 12] AUTH TLS
{Thread:   2} <2021-07-28T19:01:57.673Z> [DD] [Ftp Server/Session 12] securer(1) ENTERING state = 0
{Thread:   2} <2021-07-28T19:01:57.673Z> [DD] [Ftp Server/Session 12] calling tls_layer_->set_certificate_file("c:\wamp64\cert\example.com-key.pem", "c:\wamp64\cert\example.com-crt.pem", "****")
{Thread:   2} <2021-07-28T19:01:57.677Z> [DD] [Ftp Server/Session 12] securer(1) EXITING state = 1
{Thread:   2} <2021-07-28T19:01:57.677Z> [DD] [Ftp Server/Session 12] ~securer(1) ENTERING state = 1
{Thread:   2} <2021-07-28T19:01:57.677Z> [DD] [Ftp Server/Session 12] calling tls_layer_->set_alpn("ftp")
{Thread:   2} <2021-07-28T19:01:57.677Z> [DV] [Ftp Server/Session 12] tls_layer_impl::server_handshake()
{Thread:   2} <2021-07-28T19:01:57.677Z> [DV] [Ftp Server/Session 12] tls_layer_impl::continue_handshake()
{Thread:   2} <2021-07-28T19:01:57.677Z> [DD] [Ftp Server/Session 12] ~securer(1) EXITING state = 2
{Thread:   2} <2021-07-28T19:01:57.677Z> [DD] [Ftp Server/Session 12] tls_layer_impl::on_send()
{Thread:   2} <2021-07-28T19:01:57.677Z> [DV] [Ftp Server/Session 12] tls_layer_impl::continue_handshake()
{Thread:   2} <2021-07-28T19:01:58.726Z> [DD] [Ftp Server/Session 12] tls_layer_impl::on_read()
{Thread:   2} <2021-07-28T19:01:58.726Z> [DV] [Ftp Server/Session 12] tls_layer_impl::continue_handshake()
{Thread:   2} <2021-07-28T19:01:58.726Z> [DD] [Ftp Server/Session 12] TLS handshake: Received CLIENT HELLO
{Thread:   2} <2021-07-28T19:01:58.726Z> [DD] [Ftp Server/Session 12] tls_layer_impl::failure(-8)
{Thread:   2} <2021-07-28T19:01:58.726Z> [ER] [Ftp Server/Session 12] GnuTLS error -8: A packet with illegal or unsupported version was received.
{Thread:   2} <2021-07-28T19:01:58.726Z> [ER] [Ftp Server/Session 12] Control channel closed with error from source 0. Reason: ECONNABORTED - Connection aborted.
{Thread:   1} <2021-07-28T19:01:58.726Z> [ER] [Ftp Server] Session ended with error from source 0. Reason: ECONNABORTED - Connection aborted.
{Thread:   1} <2021-07-28T19:01:58.726Z> [DI] [Ftp Server/Session 12] Session 0x1f6662bbfa0 with ID 12 destroyed.
{Thread:   1} <2021-07-28T19:02:06.929Z> [DD] [Administration Server] tls_layer_impl::on_read()
Totalcommander:

Code: Select all

AUTH TLS
234 Using authentication type TLS.
Could not get server certificate!
SSL_read returned -1, SSL_get_error=1
Socket error: 0
USER
OFFLINE7, error=10050
With TLS 1.2 everything is OK.
Any advice?

PS. I'm using cert from letsencrypt - for sure everything is OK with cert.

PS2. With Filezilla Client everything works on TLS 1.3... so the problem is with Total commander...

User avatar
botg
Site Admin
Posts: 35492
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

#2 Post by botg » 2021-07-28 21:22

Does your third-party client even support TLS 1.3?

c2d2
504 Command not implemented
Posts: 10
Joined: 2021-07-20 17:37

Re: FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

#3 Post by c2d2 » 2021-07-29 05:09

Yes, but I had to update dll's files:
https://www.ghisler.ch/board/viewtopic.php?t=72104
Now everything works on TLS 1.3.
Thank you :-)

User avatar
boco
Contributor
Posts: 26899
Joined: 2006-05-01 03:28
Location: Germany

Re: FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

#4 Post by boco » 2021-07-29 17:22

They use OpenSSL 1.1.1g. Please note that 1.1.1g is outdated, OpenSSL is now at 1.1.1k.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Please do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###

c2d2
504 Command not implemented
Posts: 10
Joined: 2021-07-20 17:37

Re: FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

#5 Post by c2d2 » 2021-07-30 04:31

The problem is where we can find compiled and fresh libaries?

User avatar
boco
Contributor
Posts: 26899
Joined: 2006-05-01 03:28
Location: Germany

Re: FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

#6 Post by boco » 2021-07-30 23:10

He made a special customized version, so you need to ask him for updating it.

The vanilla OpenSSL changed library names (and much more) after 1.02, so, it will not work with TC.
### BEGIN SIGNATURE BLOCK ###
No support requests per PM! You will NOT get any reply!!!
FTP connection problems? Please do yourself a favor and read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
### END SIGNATURE BLOCK ###

User avatar
botg
Site Admin
Posts: 35492
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: FileFileZilla Server 1.0.0-rc5 - TLS 1.3 problem

#7 Post by botg » 2021-07-31 20:34

If only there were other FTP clients out there that were capable of TLS 1.3 :roll:

Post Reply