I am trying to use CoreFTP 2.1 build 1576 in a Windows XP SP2 workstation and VSFTPd 2.0.7 in a Ubuntu 8.10 server. In the server, I enabled SSL logins, using a self-signed certificate. In the workstation, I setup a connection with AUTH TLS and enabled "SSL transfer" and "SSL listing". FTP transfer mode is passive.
My problem is: for every folder listing or file transferring, CoreFTP hangs for about 10 seconds before the operation finishes, while opening the data connection. The operations don't fail, but the freezes are frustrating users in my server.
But there is one strange thing: using the same workstation and the same server, I can't see hangs while using FileZilla + VSFTPd, neither with CoreFTP + ProFTPd.
I have 2 servers with VSFTPd running and both two experiences that issue.
I did a "strace" in VSFTPd processes in the server and saw the server hanging on the read() operation of the data socket. So I think the server is waiting for something CoreFTP should send...
CoreFTP + VSFTPd + SSL : slow transfers, slow listing
Steps to mount the server and reproduce the bug:
# Download Ubuntu Server 8.10: http://www.ubuntu.com/
# Install it in a computer or a virtual machine
# Within the installed system:
## First, put my configuration file (below) into /etc/vsftpd.conf
## Install VSFTPd and OpenSSL utilities: apt-get install vsftpd openssl
## Make a self-signed certificate: openssl req -new -x509 -nodes -days 3656 -out /etc/vsftpd-cert.crt -keyout /etc/vsftpd-cert.key
# Download Ubuntu Server 8.10: http://www.ubuntu.com/
# Install it in a computer or a virtual machine
# Within the installed system:
## First, put my configuration file (below) into /etc/vsftpd.conf
## Install VSFTPd and OpenSSL utilities: apt-get install vsftpd openssl
## Make a self-signed certificate: openssl req -new -x509 -nodes -days 3656 -out /etc/vsftpd-cert.crt -keyout /etc/vsftpd-cert.key
/etc/vsftpd.conf
# /etc/vsftpd.conf
allow_anon_ssl=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_upload_enable=NO
anon_world_readable_only=YES
anonymous_enable=NO
ascii_download_enable=NO
ascii_upload_enable=NO
async_abor_enable=YES
background=NO
check_shell=YES
chmod_enable=YES
chown_uploads=NO
chroot_list_enable=YES
chroot_local_user=YES
connect_from_port_20=YES
deny_email_enable=NO
dirlist_enable=YES
dirmessage_enable=YES
download_enable=YES
dual_log_enable=YES
force_dot_files=NO
force_local_data_ssl=NO
force_local_logins_ssl=YES
guest_enable=NO
hide_ids=NO
listen=YES
listen_ipv6=NO
local_enable=YES
log_ftp_protocol=YES
ls_recurse_enable=NO
no_anon_password=NO
no_log_lock=NO
one_process_model=NO
passwd_chroot_enable=NO
pasv_enable=YES
pasv_promiscuous=NO
port_enable=YES
port_promiscuous=NO
run_as_launching_user=NO
secure_email_list_enable=NO
session_support=YES
setproctitle_enable=NO
ssl_enable=YES
ssl_sslv2=NO
ssl_sslv3=YES
ssl_tlsv1=YES
syslog_enable=NO
tcp_wrappers=NO
text_userdb_names=NO
tilde_user_enable=NO
use_localtime=NO
use_sendfile=NO
userlist_deny=NO
userlist_enable=NO
virtual_use_local_privs=NO
write_enable=YES
xferlog_enable=YES
xferlog_std_format=NO
accept_timeout=60
anon_max_rate=0
anon_umask=027
connect_timeout=60
data_connection_timeout=300
file_open_mode=0640
ftp_data_port=20
idle_session_timeout=300
listen_port=21
local_max_rate=0
local_umask=027
max_clients=3000
max_per_ip=20
pasv_max_port=10799
pasv_min_port=10000
trans_chunk_size=0
anon_root=
banned_email_file=/etc/vsftpd.banned_emails
banner_file=/etc/issue.net
chown_username=nobody
chroot_list_file=/etc/vsftpd.chroot_list
cmds_allowed=
deny_file=
dsa_cert_file=
email_password_file=/etc/vsftpd.email_passwords
ftp_username=ftp
ftpd_banner=
guest_username=ftp
hide_file=
listen_address=
listen_address6=
local_root=
message_file=.message
nopriv_user=nobody
pam_service_name=vsftpd
pasv_address=
rsa_cert_file=/etc/vsftpd-cert.crt
rsa_private_key_file=/etc/vsftpd-cert.key
secure_chroot_dir=/usr/share/empty
ssl_ciphers=TLSv1:SSLv3
user_config_dir=
user_sub_token=
userlist_file=/etc/vsftpd.user_list
vsftpd_log_file=/var/log/vsftpd.log
xferlog_file=/var/log/xferlog
allow_anon_ssl=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
anon_upload_enable=NO
anon_world_readable_only=YES
anonymous_enable=NO
ascii_download_enable=NO
ascii_upload_enable=NO
async_abor_enable=YES
background=NO
check_shell=YES
chmod_enable=YES
chown_uploads=NO
chroot_list_enable=YES
chroot_local_user=YES
connect_from_port_20=YES
deny_email_enable=NO
dirlist_enable=YES
dirmessage_enable=YES
download_enable=YES
dual_log_enable=YES
force_dot_files=NO
force_local_data_ssl=NO
force_local_logins_ssl=YES
guest_enable=NO
hide_ids=NO
listen=YES
listen_ipv6=NO
local_enable=YES
log_ftp_protocol=YES
ls_recurse_enable=NO
no_anon_password=NO
no_log_lock=NO
one_process_model=NO
passwd_chroot_enable=NO
pasv_enable=YES
pasv_promiscuous=NO
port_enable=YES
port_promiscuous=NO
run_as_launching_user=NO
secure_email_list_enable=NO
session_support=YES
setproctitle_enable=NO
ssl_enable=YES
ssl_sslv2=NO
ssl_sslv3=YES
ssl_tlsv1=YES
syslog_enable=NO
tcp_wrappers=NO
text_userdb_names=NO
tilde_user_enable=NO
use_localtime=NO
use_sendfile=NO
userlist_deny=NO
userlist_enable=NO
virtual_use_local_privs=NO
write_enable=YES
xferlog_enable=YES
xferlog_std_format=NO
accept_timeout=60
anon_max_rate=0
anon_umask=027
connect_timeout=60
data_connection_timeout=300
file_open_mode=0640
ftp_data_port=20
idle_session_timeout=300
listen_port=21
local_max_rate=0
local_umask=027
max_clients=3000
max_per_ip=20
pasv_max_port=10799
pasv_min_port=10000
trans_chunk_size=0
anon_root=
banned_email_file=/etc/vsftpd.banned_emails
banner_file=/etc/issue.net
chown_username=nobody
chroot_list_file=/etc/vsftpd.chroot_list
cmds_allowed=
deny_file=
dsa_cert_file=
email_password_file=/etc/vsftpd.email_passwords
ftp_username=ftp
ftpd_banner=
guest_username=ftp
hide_file=
listen_address=
listen_address6=
local_root=
message_file=.message
nopriv_user=nobody
pam_service_name=vsftpd
pasv_address=
rsa_cert_file=/etc/vsftpd-cert.crt
rsa_private_key_file=/etc/vsftpd-cert.key
secure_chroot_dir=/usr/share/empty
ssl_ciphers=TLSv1:SSLv3
user_config_dir=
user_sub_token=
userlist_file=/etc/vsftpd.user_list
vsftpd_log_file=/var/log/vsftpd.log
xferlog_file=/var/log/xferlog
Experiencing same problems w/ Cerberus ftpd
Note: I tried posting this as a new thread but it would always go into the recycle bin area.
I'm seeing the same problems but with a different ftpd.
Evaluating Core FTP Pro 2.1 Build 1586 for use in a secure backup solution.
Using Cerberus 2.49a ftpd on XP SP2
When logging in I experience major lags just to get a directory listing - approx. 10 seconds.
LIST
150 Opening data connection
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Transfer complete
Transferred 594 bytes in 10.156 seconds
When transferring files, I also see major hanging and dreadfully slow speeds.
If I turn off SSL/TLS, everything is fast.
Using Filezilla 3.1.6 I have excellent performance for listings and transfers, although it connects/uses TLSv1/SSLv3 128bit.
There are some great features in Coreftp, but I cannot use it unless these SSL issues are resolved.
I'm seeing the same problems but with a different ftpd.
Evaluating Core FTP Pro 2.1 Build 1586 for use in a secure backup solution.
Using Cerberus 2.49a ftpd on XP SP2
When logging in I experience major lags just to get a directory listing - approx. 10 seconds.
LIST
150 Opening data connection
TLSv1, cipher TLSv1/SSLv3 (AES256-SHA) - 256 bit
226 Transfer complete
Transferred 594 bytes in 10.156 seconds
When transferring files, I also see major hanging and dreadfully slow speeds.
If I turn off SSL/TLS, everything is fast.
Using Filezilla 3.1.6 I have excellent performance for listings and transfers, although it connects/uses TLSv1/SSLv3 128bit.
There are some great features in Coreftp, but I cannot use it unless these SSL issues are resolved.