[Cyberduck-trac] [Cyberduck] #8766: Implement correct SSL shutdown on closing connection
Cyberduck
trac at trac.cyberduck.io
Mon Apr 27 08:34:53 UTC 2015
#8766: Implement correct SSL shutdown on closing connection
-----------------------------+-------------------------
Reporter: jankok | Owner: dkocher
Type: defect | Status: assigned
Priority: normal | Milestone: 4.8
Component: ftp-tls | Version: 4.7
Severity: normal | Resolution:
Keywords: rfc2246 ftp-ssl | Architecture: Intel
Platform: Mac OS X 10.10 |
-----------------------------+-------------------------
Description changed by dkocher:
Old description:
> When Cyberduck FTP-SSL closes the FTP connection it doesn't first perform
> the
> SSL shutdown that is expected by the FTP-SSL implementation.
>
> Before closing the TCP connection, a correct TLS shutdown should be
> initiated.
>
> Specification for closing TLS connections:
> http://www.ietf.org/rfc/rfc2246.txt
>
> Correct Behaviour for shutdown is important to ensure TLS' resistance
> against truncation attacks.
New description:
When Cyberduck FTP-SSL closes the FTP connection it doesn't first perform
the
SSL shutdown that is expected by the FTP-SSL implementation.
Before closing the TCP connection, a correct TLS shutdown should be
initiated.
Specification for closing TLS connections in
[http://www.ietf.org/rfc/rfc2246.txt RFC2246]
Correct Behaviour for shutdown is important to ensure TLS' resistance
against truncation attacks.
--
--
Ticket URL: <https://trac.cyberduck.io/ticket/8766#comment:2>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list