From nobody@FreeBSD.org  Sun May 10 14:29:20 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0C3AE1065675
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 10 May 2009 14:29:20 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id EE3AA8FC13
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 10 May 2009 14:29:19 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n4AETJ7j098375
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 10 May 2009 14:29:19 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id n4AETJh6098374;
	Sun, 10 May 2009 14:29:19 GMT
	(envelope-from nobody)
Message-Id: <200905101429.n4AETJh6098374@www.freebsd.org>
Date: Sun, 10 May 2009 14:29:19 GMT
From: Andreas Schwarz <freebsd.asc@schwarzes.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: vsftpd 421 data timeout (with ssl)
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         134422
>Category:       ports
>Synopsis:       ftp/vsftpd 421 data timeout (with ssl)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    dinoex
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 10 14:30:02 UTC 2009
>Closed-Date:    Thu Jun 04 20:57:48 CEST 2009
>Last-Modified:  Thu Jun 04 20:57:48 CEST 2009
>Originator:     Andreas Schwarz
>Release:        7.2-RELEASE
>Organization:
>Environment:
FreeBSD opossum.schwarzes.net 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May  8 22:50:50 CEST 2009     root@opossum.schwarzes.net:/usr/obj/usr/src/sys/opossum.schwarzes.net  i386
>Description:
After upgrading vsftpd from 2.0.7 to 2.1.0 transfers (download or upload 
via ssl) will be interrupted after 300s (idle timeout for data), 
log message "421 Data timeout". It seems that the idle timer is not reset
when packets transmitted via ssl. When setting "data_connection_timeout"
to a high value the problem does not occur (because timeout never reached).

I've tested this behavior with lftp (freebsd) and filezilla (windows),
depending on the client the transmission continues (if the client is able
reconnect).

I'm not sure if this is a general or FreeBSD port specific bug.

>How-To-Repeat:
Start a down or upload which takes longer then the default idle timeout
and watch the logfile.
>Fix:
Not really a fix, set "data_connection_timeout" (vsfptd.conf) to 
a high value.


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->dinoex 
Responsible-Changed-By: pav 
Responsible-Changed-When: Mon May 11 20:46:22 UTC 2009 
Responsible-Changed-Why:  
Assign to maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=134422 
State-Changed-From-To: open->feedback 
State-Changed-By: dinoex 
State-Changed-When: Wed May 20 13:39:50 CEST 2009 
State-Changed-Why:  
From: ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.1.0/FAQ 

Q) Help! SSL data connections are not working. 
A) As of v2.1.0, vsftpd only accepts data connections that are reused sessions 
of the control connection. This is a security measure. Unfortunately, not all 
FTP clients reuse sessions (e.g. curl). You can disable this requirement by 
changing require_ssl_reuse to NO. 

Does this fix the problem or not? 


http://www.freebsd.org/cgi/query-pr.cgi?pr=134422 

From: Andreas Schwarz <Andreas.Schwarz@schwarzes.net>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/134422: ftp/vsftpd 421 data timeout (with ssl)
Date: Wed, 20 May 2009 23:20:11 +0200

 No, this is another problem (or feature), which is different from the bug I've reported
 (for compatibility reasons (with filezilla) require_ssl_reuse=NO is already set). SSL data
 connections are working until the timout is reached.
 
State-Changed-From-To: feedback->analyzed 
State-Changed-By: dinoex 
State-Changed-When: Thu May 21 05:59:39 CEST 2009 
State-Changed-Why:  
- Send a mail upstream 
this might be a general problem. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=134422 
State-Changed-From-To: analyzed->patched 
State-Changed-By: dinoex 
State-Changed-When: Sat May 30 22:36:22 CEST 2009 
State-Changed-Why:  
Please test the new version 2.1.2 

http://www.freebsd.org/cgi/query-pr.cgi?pr=134422 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/134422: commit references a PR
Date: Sat, 30 May 2009 20:36:13 +0000 (UTC)

 dinoex      2009-05-30 20:35:59 UTC
 
   FreeBSD ports repository
 
   Modified files:
     ftp/vsftpd           Makefile distinfo 
   Log:
   - update to 2.1.2
   Bugfix 421 Data timeout
   PR:             134422
   
   Revision  Changes    Path
   1.36      +1 -1      ports/ftp/vsftpd/Makefile
   1.19      +3 -3      ports/ftp/vsftpd/distinfo
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 

From: Andreas Schwarz <freebsd.asc@schwarzes.net>
To: bug-followup@FreeBSD.org
Cc: dinoex@FreeBSD.org
Subject: Re: ports/134422: ftp/vsftpd 421 data timeout (with ssl)
Date: Thu, 04 Jun 2009 03:00:27 +0200

 I made a test with a 1 GB sized testfile, no timeouts anymore. In the changelog 
 of vsftp 2.1.1 the fix is described.
 
  - Fix NASTY regression whereby data transfer timeouts would fire incorrectly under SSL transfers. In addition, the transfer rate caps were not working under SSL transfers. Reported by several people.
 
 
State-Changed-From-To: patched->closed 
State-Changed-By: dinoex 
State-Changed-When: Thu Jun 4 20:57:10 CEST 2009 
State-Changed-Why:  
Problem fixed with update, thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=134422 
>Unformatted:
