curl-library
about TLS session resumption with openssl
Date: Wed, 2 Nov 2016 17:02:54 +0800 (CST)
Hi all friends,
I upgraded curl from 7.37 to 7.50.3, and work with openssl-1.0.2d, and then the client cannot connect to filezilla server through ftps.
Got error log from curl as following:
* Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 21 (#0)
< 220-FileZilla Server 0.9.57 beta
< 220-written by Tim Kosse (Tim.Kosse_at_gmx.de)
< 220 Please visit https://filezilla-project.org/
> AUTH TLS
< 234 Using authentication type TLS
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* SSL connection using TLSv1.1 / ECDHE-RSA-AES256-SHA
* Server certificate:
* subject: C=86; ST=shanghai; L=shanghai; O=abc; OU=abc
* start date: Mar 22 02:30:51 2016 GMT
* expire date: Mar 22 02:30:51 2017 GMT
* issuer: C=86; ST=shanghai; L=shanghai; O=abc; OU=abc
* SSL certificate verify result: self signed certificate (18), continuing anyway.
> USER hci
< 331 Password required for hci
> PASS ******
< 230 Logged on
> PBSZ 0
< 200 PBSZ=0
> PROT P
< 200 Protection level set to P
> PWD
< 257 "/" is current directory.
* Entry path is '/'
> CWD ar14061\ibdir
* ftp_perform ends with SECONDARY: 0
< 250 CWD successful. "/ar14061/ibdir" is current directory.
> EPRT |2|::1|34150|
< 200 Port command successful
* Connect data stream actively
> TYPE A
< 200 Type set to A
> nlst
< 150 Opening data channel for directory listing of "/ar14061/ibdir"
* Maxdownload = -1
* Preparing for accepting server on data port
* Checking for server connect
* Ready to accept data connection from server
* Connection accepted from server
* Doing the SSL/TLS handshake on the data stream
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* Unknown SSL protocol error in connection to localhost:21
* Closing connection 0
It works fine with curl-7.37.0 but failed with curl-7.50.3.
And with curl7.50.3, it works if I un-tick "Require TLC session resumption on data connection..." in filezilla server.
Is there any different between 7.50 and 7.37 for TLS session resumption with openssl?
Any idea about this?
Thanks!
-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2016-11-02