Andreas Prieß
Sun, 28 Sep 2008 08:24:06 -0700
Hi, just to set the right context, I'm not familiar with debugging C / C++ software at a lower level, but I'm fine with applying patches and sharing my observations. So if I can do something more specific to help, I would need a little hint.
As I understand the problems, there are two things to have a look at: The general problem of missing SSL shutdowns in some situations (only with put operations?) and a problem with corrupted data after trying to use parallel connections for uploads (only with SSL?). That may or may not be somehow the same underlying problem. Alexander V. Lukyanov wrote: > On Fri, Sep 05, 2008 at 07:46:35PM +0200, Andreas Prieß wrote: >> DEBUG: Client "87.178.121.68", "Connection terminated without SSL >> shutdown - buggy client?" > > Could you try attached patch, please? I applied the patch to the lftp version 3.7.4 on a gentoo linux system and here are the results in combination with an vsftpd-2.0.7 FTP server, all connections with encryption on both channels. *** GET single file --- lftp 3.7.4 No errors in debug output of lftp -d or in vsftpd log. --- lftp 3.7.4 with patch applied Same observations as without patch. *** PUT single file --- lftp 3.7.4 No errors in debug output of lftp -d, vsftpd reports: DEBUG: "Connection terminated without SSL shutdown - buggy client?" --- lftp 3.7.4 with patch applied Same observations as without patch: missing SSL shutdown. *** MIRROR (GET) with multiple files --- lftp 3.7.4 No errors in debug output of lftp -d or in vsftpd log. --- lftp 3.7.4 with patch applied Same observations as without patch. *** MIRROR reverse (PUT) with multiple files --- lftp 3.7.4 No errors in debug output of lftp -d, vsftpd reports: DEBUG: "Connection terminated without SSL shutdown - buggy client?" --- lftp 3.7.4 with patch applied Same observations as without patch, missing SSL shutdown. *** MIRROR (GET) with multiple files and --parallel=2 --- lftp 3.7.4 No errors in debug output of lftp -d or in vsftpd log. I see data connections opened by lftp for every download. --- lftp 3.7.4 with patch applied Same observations as without patch. *** MIRROR reverse (PUT) with multiple files and --parallel=2 --- lftp 3.7.4 lftp seems to upload two files in parallel (is this going over one data channel?), man lines like "copy: put rolled back to 13041664, seeking get accordingly" appear. Then: copy: all data received, but get rolled back ---- Closing data socket copy: all data received, but get rolled back <--- 226 File receive OK. ---> PASV copy: put rolled back to 0, seeking get accordingly And the server has recorded only one file upload and the usual SSL error: DEBUG: "Connection terminated without SSL shutdown - buggy client?" OK UPLOAD: "/export/Babylon1.2.tiff", 15752466 bytes, 57.16Kbyte/sec I don't see two connections opened for upload here as I see it for download of two files in parrallel. Maybe another bug with handling of parallel uploads? --- lftp 3.7.4 with patch applied Same strange behaviour as above, seems to use one SSL data connection for two uploads. Uploaded files corrupted! Differ from original ones! There is only one line with a STOR command, but in the status line I see two files changing with theit upload percentage. ---> PASV <--- 227 Entering Passive Mode (85,10,207,80,214,227) ---- Connecting data socket to (85.10.207.80) port 55011 ---- Data connection established ---> STOR Aretha.tif <--- 150 Ok to send data. copy: put rolled back to 65536, seeking get accordingly Certificate depth: 2; subject: /O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/[EMAIL PROTECTED]; issuer: /O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/[EMAIL PROTECTED] Certificate depth: 1; subject: /O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root; issuer: /O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/[EMAIL PROTECTED] Certificate depth: 0; subject: /CN=ftp.metaphysis.net; issuer: /O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root copy: put rolled back to 131072, seeking get accordingly copy: put rolled back to 196608, seeking get accordingly many more of this lines... copy: put rolled back to 3604480, seeking get accordingly copy: put rolled back to 3670016, seeking get accordingly ---- Closing data socket <--- 226 File receive OK. **** SSL_read: wrong version number ---- Closing control socket ---- Connecting to dev.vitacur.de (85.10.207.80) port 21 Aborted Log file of vsftpd server has only one upload recorded with above SSL error message. In the destination directory there is only one file and that file is corrupted and differs from the original! -- HTH Andreas