[Cyberduck-trac] [Cyberduck] #8766: Implement correct SSL shutdown on closing connection

Cyberduck trac at trac.cyberduck.io
Mon Apr 27 08:36:49 UTC 2015

#8766: Implement correct SSL shutdown on closing connection
 Reporter:  jankok           |         Owner:  dkocher
     Type:  defect           |        Status:  assigned
 Priority:  normal           |     Milestone:  4.8
Component:  ftp-tls          |       Version:  4.7
 Severity:  normal           |    Resolution:
 Keywords:  rfc2246 ftp-ssl  |  Architecture:  Intel
 Platform:  Mac OS X 10.10   |

Comment (by dkocher):

 This is described in section [7.2.1. Closure alerts].

    The client and the server must share knowledge that the connection is
    ending in order to avoid a truncation attack. Either party may
    initiate the exchange of closing messages.

        This message notifies the recipient that the sender will not send
        any more messages on this connection. The session becomes
        unresumable if any connection is terminated without proper
        close_notify messages with level equal to warning.

    Either party may initiate a close by sending a close_notify alert.
    Any data received after a closure alert is ignored.


Ticket URL: <https://trac.cyberduck.io/ticket/8766#comment:3>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list