Cyberduck Mountain Duck CLI

#10276 closed defect (fixed)

Disable extended master secret extension to allow session reuse for data connections

Reported by: uwallrodt Owned by: dkocher
Priority: normal Milestone: 6.4.6
Component: ftp-tls Version: Nightly Build
Severity: blocker Keywords: FTP-SSL, OS X 10.13
Cc: Architecture: Intel
Platform: macOS 10.13

Description (last modified by dkocher)

After the update to Version 6.4.4 (27722) the FTP-SSL connection stalls after "Login successful". Unsecure ftp connections still works.

See log below:


220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 1 of 50 allowed.
220-Local time is now 07:42. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 30 minutes of inactivity.
AUTH TLS
234 AUTH TLS OK.
USER xxxx@xxx.xx
331 User xxxx@xxx.xx OK. Password required
PASS ***********
230 OK. Current restricted directory is /
PBSZ 0
200 PBSZ=0
PROT P
200 Data protection level set to "private"
FEAT
211-Extensions supported:
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 AUTH TLS
 PBSZ
 PROT
 UTF8
 TVFS
 ESTA
 PASV
 EPSV
 SPSV
 ESTP
211 End.
OPTS UTF8 ON
200 OK, UTF-8 enabled
SYST
215 UNIX Type: L8
CWD /
250 OK. Current directory is /
TYPE A
200 TYPE is now ASCII
PASV
227 Entering Passive Mode (123,45,67,89,123,45)
220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 07:42. Server port: 21.
220-This is a private system - No anonymous login
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 30 minutes of inactivity.
AUTH TLS
234 AUTH TLS OK.
USER xxxx@xxx.xx
331 User xxxx@xxx.xx OK. Password required
PASS ***********
230 OK. Current restricted directory is /
PBSZ 0
200 PBSZ=0
PROT P
200 Data protection level set to "private"
FEAT
211-Extensions supported:
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 AUTH TLS
 PBSZ
 PROT
 UTF8
 TVFS
 ESTA
 PASV
 EPSV
 SPSV
 ESTP
211 End.
OPTS UTF8 ON
200 OK, UTF-8 enabled
SYST
215 UNIX Type: L8
CWD /
250 OK. Current directory is /


.....and here it hangs forever unfortunately and finally fails:


Operation timed out (Connection timed out). The connection attempt was rejected. The server may be down, or your network may not be properly configured.


The server side does not show any errors only multiple login and logout events:


Mar 15 07:42:21 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:42:21 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:42:21 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:42:33 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:42:34 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:42:34 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:42:44 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:42:46 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:42:46 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:42:46 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:42:59 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:42:59 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:42:59 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:43:11 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:43:12 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:43:12 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:43:23 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:43:24 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:43:24 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:43:44 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:43:44 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:43:45 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:43:58 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:43:58 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:43:58 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:44:11 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:44:11 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:44:11 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:44:11 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:11 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:11 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:11 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:11 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:11 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:11 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:34 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] New connection from 123.456.78.90
Mar 15 07:44:34 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
Mar 15 07:44:35 obfuscated pure-ftpd: (?@123.456.78.90) [INFO] xxxx@xxx.xx is now logged in
Mar 15 07:44:52 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.
Mar 15 07:44:52 obfuscated pure-ftpd: (xxxx@xxx.xx@123.456.78.90) [INFO] Logout.

Change History (11)

comment:1 Changed on Mar 14, 2018 at 9:01:45 PM by dkocher

  • Component changed from core to ftp
  • Description modified (diff)
  • Owner set to dkocher

comment:2 Changed on Mar 14, 2018 at 9:03:55 PM by dkocher

  • Milestone changed from 6.4.4 to 7.0

Ticket retargeted after milestone closed

comment:3 Changed on Mar 21, 2018 at 9:52:14 AM by yla

Caused by the JRE update in Cyberduck (8u162) and the added extended master secret extension support. From the release notes

Added TLS session hash and extended master secret extension support Support has been added for the TLS session hash and extended master secret extension (RFC 7627) in JDK JSSE provider. Note that in general, server certificate change is restricted if endpoint identification is not enabled and the previous handshake is a session-resumption abbreviated initial handshake, unless the identities represented by both certificates can be regarded as the same. However, if the extension is enabled or negotiated, the server certificate changing restriction is not necessary and will be discarded accordingly. In case of compatibility issues, an application may disable negotiation of this extension by setting the System Property jdk.tls.useExtendedMasterSecret to false in the JDK. By setting the System Property jdk.tls.allowLegacyResumption to false, an application can reject abbreviated handshaking when the session hash and extended master secret extension is not negotiated. By setting the System Property jdk.tls.allowLegacyMasterSecret to false, an application can reject connections that do not support the session hash and extended master secret extension.

As of this version the client does not reuse cached SSL connections (due to security considerations) for the data connection which is mandatory by some FTP servers (#5087). These requirements are contradictory. Disabling the extension seems the only solution at this point.

comment:4 Changed on Mar 21, 2018 at 12:04:17 PM by yla

  • Resolution set to fixed
  • Status changed from new to closed

Fixed in r44045. Available in the latest snapshot build.

comment:5 Changed on Mar 21, 2018 at 9:32:06 PM by dkocher

  • Component changed from ftp to ftp-tls
  • Summary changed from FTP-SSL on OS X 10.13.3 not listing files to Disable extended master secret extension to allow session reuse for data connections

comment:6 Changed on Mar 24, 2018 at 9:08:03 PM by dkocher

  • Milestone changed from 7.0 to 6.4.5

comment:7 Changed on Apr 2, 2018 at 7:23:45 PM by dkocher

#10295 closed as duplicate.

comment:8 Changed on Apr 2, 2018 at 7:24:07 PM by dkocher

#10286 closed as duplicate.

comment:9 Changed on Apr 3, 2018 at 9:29:42 PM by dkocher

#10290 closed as duplicate.

comment:10 Changed on Apr 5, 2018 at 7:02:39 PM by dkocher

  • Milestone changed from 6.4.5 to 6.4.6

Milestone renamed

comment:11 Changed on Dec 17, 2018 at 8:32:17 PM by dkocher

Addendum for tests in r45838.

Note: See TracTickets for help on using tickets.
swiss made software