EldoS | Feel safer!

Software components for data protection, secure storage and transfer

FileZilla and FTPS - GnuTLS error -12

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#16495
Posted: 05/24/2011 08:02:26
by Nicklas Bergfeldt (Standard support level)
Joined: 12/04/2007
Posts: 19

Hello,

Is there anything you can do on your side to accomodate the GnuTLS error received when using latest FileZilla and FTPS?
http://forum.zftpserver.com/viewtopic.php?f=4&t=2603&start=15#p7285

It works just fine with an older version (http://sourceforge.net/projects/filezilla/files/FileZilla_Client/3.3.4.1/FileZilla_3.3.4.1_win32-setup.exe/download), but I though that perhaps there is something that can be done on the server side to accomodate for this...

Best regards
#16496
Posted: 05/24/2011 08:16:42
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

Try to disable TLS1.1 and TLS1.2, as GnuTLS does not support them correctly.
#16497
Posted: 05/24/2011 08:44:07
by Eugene Mayevski (EldoS Corp.)

Also I'd submit this as a bug to Filezilla developers, not to us: this is definitely their bug.


Sincerely yours
Eugene Mayevski
#29305
Posted: 04/21/2014 13:39:57
by Federico Simonetti (Standard support level)
Joined: 12/30/2006
Posts: 6

FileZilla used to use OpenSSL. After the "heartbleed" bug was discovered, they quickly moved to GnuTLS. Probably too quickly. Anyway... GnuTLS apparently breaks compatibility with all FTP servers that use SecureBlackbox as their SSL/TLS stack. Still, it's something to take very seriously, as FileZilla is the most widely adopted FTP(S) client in the world.
Obviously I have reported this to FileZilla's developer too, as he is the one who should address the issue (but, you know, when the mountain doesn't come to you, you have to go to the mountain...).
#29306
Posted: 04/21/2014 14:00:07
by Eugene Mayevski (EldoS Corp.)

They used GnuTLS for years.

Please upgrade to the latest version of SecureBlackbox - we made some improvements several months ago which improved compatibility with other software including those titles that use GnuTLS. But we can not fix third-party open-source stuff when it is broken. Neither we will break standard compliance in favor of buggy implementations.


Sincerely yours
Eugene Mayevski
#29307
Posted: 04/21/2014 14:27:19
by Federico Simonetti (Standard support level)
Joined: 12/30/2006
Posts: 6

I agree not to break standard, of course.
Yet, I regret to inform you that I AM ALREADY using the latest version of SecureBlackbox.
All FileZilla versions prior to 3.8.0 (their latest) used to work smoothly, the latest one keeps raising an exception (-24 decryption has failed).
It's OBVIOUSLY something THEY did. So in an ideal world it's something THEY should fix, and several users - not just me - have already reported the issue to them.
Yet, from your perspective, I think it is always useful to be informed of what is going on, and what has interoperational issues with your library.
#29308
Posted: 04/21/2014 15:05:14
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 450

At first glance at FileZilla changelogs they didn't change much in SSL/TLS stack, only some stuff related to TLS session resumption (maybe this is an issue?).
However, they also have messages in changelog like "Fix another stupid error in the same line as before." so it is really hard to guess what's going on on their side.
Also by EldoS: Solid File System
A virtual file system that offers a feature-rich storage for application documents and data with built-in compression and encryption.

Reply

Statistics

Topic viewed 11144 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!