** Description changed:
+ [Impact]
+
+ * Currently pure-ftpd in bionic, without any further special care, just
+ can't work with modern programs connecting with TLS 1.3 or such.
+
+ [Test Plan]
+
+ * install pure-ftpd
+ * create a cert in /etc/ssl/private/pure-ftpd.pem
+ * echo 1 > /etc/pure-ftpd/conf/TLS
+ * try to connect.
+
+ Currently the connection fails with "ERROR TLS renegotiation" in the
+ pure-ftpd logs.
+
+ [Where problems could occur]
+
+ * I suspect that if the upgrade went well connections would just fail.
+
+ [Other Info]
+
+ These patches have been released with fedora 29; also seb128 already
+ proposed them in a PPA package, but for whatever reason he didn't care
+ of actually uploading the changes to ubuntu proper. Meaning the changes
+ are actually quite tested; plus the patches come from upstream.
+
+ FTR, I have a vested interest in this update, as at dayjob I've got some
+ 18.04 servers that are also running a patched pure-ftpd just for this.
+
+ [ Original Report ]
+
Secure (TLS) connections to Pure-FTPd do not work when the OpenSSL 1.1.1
library is installed. My installation was working perfectly until the
system-wide OpenSSL 1.1.1 update was made available a couple days ago.
Now, after running apt upgrade, clients are unable to establish TLS
connections, as the TLS negotiation tries a couple times and then
cancels out.
The current stable version of Pure-FTPd from the developer is 1.0.49,
but the apt repository only has version 1.0.46. According to the patch
notes (https://www.pureftpd.org/project/pure-ftpd/news/), there have
been some OpenSSL-related changes made since the 1.0.46 release.
However, there are also some other major changes, so this may not be the
case of a simple update.
Ubuntu Server version:
Description: Ubuntu 18.04.2 LTS
Release: 18.04
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: pure-ftpd-mysql 1.0.46-1build1
ProcVersionSignature: Ubuntu 4.15.0-51.55-generic 4.15.18
Uname: Linux 4.15.0-51-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.6
Architecture: amd64
Date: Sun Jun 16 16:51:56 2019
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: pure-ftpd
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.pure-ftpd.db.mysql.conf: [modified]
mtime.conffile..etc.pure-ftpd.db.mysql.conf: 2019-05-03T23:51:59.782344
** Changed in: pure-ftpd (Ubuntu Bionic)
Assignee: (unassigned) => Mattia Rizzolo (mapreri)
** Changed in: pure-ftpd (Ubuntu Bionic)
Status: Confirmed => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832998
Title:
Pure-FTPd Breaks with OpenSSL v1.1.1
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pure-ftpd/+bug/1832998/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
