[Cyberduck-trac] [Cyberduck] #3012: TLS Renegotiation fails
Cyberduck
trac at trac.cyberduck.ch
Tue Aug 24 14:23:22 CEST 2010
#3012: TLS Renegotiation fails
--------------------------+-------------------------------------------------
Reporter: anonymous | Owner: dkocher
Type: defect | Status: new
Priority: normal | Milestone:
Component: ftp-tls | Version: 3.1.2
Severity: critical | Resolution:
Keywords: | Platform:
Architecture: |
--------------------------+-------------------------------------------------
Description changed by dkocher:
Old description:
> According to mod_gnutls documentation of ProFTPd, GnuTLS requires a TLS
> Renegotiation after 1GB of transferred data by default.
>
> From
> http://www.proftpd.org/docs/directives/linked/config_ref_TLSRenegotiate.html:
> "By default, mod_tls will perform renegotiations if supported, on the
> control channel after 4 hours, and on the data channel after one gigabyte
> of transferred data. The default timeout for a renegotiation is 30
> seconds."
>
> When transferring a single file larger than 1GB through ftps:// Cyberduck
> will cancel the tranfer reporting a permission error.
>
> Expected behavior: Cyberduck should comply with the renegotation request
> on the TLS data channel
>
> Workaround: Set "TLSRenegotiate none" in proftpd.conf
New description:
According to mod_gnutls documentation of ProFTPd, GnuTLS requires a TLS
Renegotiation after 1GB of transferred data by default.
From
http://www.proftpd.org/docs/directives/linked/config_ref_TLSRenegotiate.html:
> By default, mod_tls will perform renegotiations if supported, on the
control channel after 4 hours, and on the data channel after one gigabyte
of transferred data. The default timeout for a renegotiation is 30
seconds.
When transferring a single file larger than 1GB through `ftps://`
Cyberduck will cancel the tranfer reporting a permission error.
Expected behavior: Cyberduck should comply with the renegotation request
on the TLS data channel
Workaround: Set `TLSRenegotiate none` in ''proftpd.conf''
--
--
Ticket URL: <http://trac.cyberduck.ch/ticket/3012#comment:3>
Cyberduck <http://cyberduck.ch>
FTP, SFTP, WebDAV, Cloud Files, Google Docs, Azure and S3 Browser for Mac OS X.
More information about the Cyberduck-trac
mailing list