proftpd zkracuje soubory pri ssl

Jan Jirasko - konference jj-k na alpy.cz
Neděle Leden 4 19:50:24 CET 2004 

Dobry vecer,

mam proftpd s mod_tls, mod_sql_mysql a stava se mi nasledujici vec:

pri zabezpecenem spojeni na datovem kanalu obcas dochazi ke zkracovani prenasenych souboru.
Pokud neni datovy kanal zabezpeceny, tak jsou vsechny prenosy vporadku.

Z logu vypada vse ok.

Verze: proftpd-1.2.9, openssl-0.9.7c

>>> proftpd.conf

ServerName              "ftp"
ServerType              standalone
DefaultServer           on
DeferWelcome            off

Bind                    x.x.x.x
Port                    21
Umask                   137 027
TimeoutLogin            120
TimeoutIdle             600
TimeoutNoTransfer       900
TimeoutStalled          3600
MaxInstances            30

User                    ftp
Group                   www
DefaultRoot             ~

UseReverseDNS           off

ScoreboardFile          /var/run/proftpd.score

TransferLog             /var/log/proftpd/xferlog
LogFormat         default "%h %l %u %t \"%r\" %s %b"
LogFormat         auth    "%v [%P] %h %t \"%r\" %s"
LogFormat         write   "%h %l %u %t \"%r\" %s %b"

ServerAdmin             admin na xxx.cz
MaxLoginAttempts        2
RequireValidShell       no
MaxClients              50

# Global settings
<Global>
  DisplayLogin          welcome.msg
  DisplayFirstChdir     readme
  AllowOverwrite        yes
  IdentLookups          off
  ExtendedLog           /var/log/proftpd/access.log WRITE,READ write
  ExtendedLog           /var/log/proftpd/auth.log AUTH auth
  SQLConnectInfo        ftpdb na localhost:3306 user pass
  SQLAuthTypes          Backend Plaintext
  SQLUserInfo           user userid passwd uid gid homedir shell
  SQLUserWhereClause    "LoginAllowed = 1"
  RequireValidShell     off
  SQLAuthenticate       users groups usersetfast groupsetfast
  SQLGroupInfo          groupt groupname gid members
  SQLNamedQuery         getcount SELECT "count,userid from user where userid='%u'"
  SQLNamedQuery         updatecount UPDATE "count=count+1 WHERE userid='%u'" user
  SQLNamedQuery         insertfileinfo INSERT "'%f', %b, '%u@%v', now()" filehistory
  SQLShowInfo           PASS "230" "You've logged on %{getcount} times, %u"
  SQLLog                PASS updatecount
  SQLLog                RETR, STOR insertfileinfo
  SQLRatios             on
  SQLRatioStats         on
</Global>

# SSL
<IfModule mod_tls.c>
    TLSEngine on
    TLSRequired ctrl
    TLSLog /var/log/proftpd/tls.log
    TLSProtocol TLSv1
    TLSRSACertificateFile /usr/share/ssl/certs/cert.crt
    TLSRSACertificateKeyFile /usr/share/ssl/private/cert.key
    TLSCipherSuite "RSA"
    TLSProtocol SSLv23
    TLSVerifyClient off
</IfModule>

<VirtualHost x.x.x.x>
    ServerName "Secure ftp"
    Port        990
    TLSEngine   on
    TLSRequired on
    TLSRSACertificateFile /usr/share/ssl/certs/cert.crt
    TLSRSACertificateKeyFile /usr/share/ssl/private/cert.key
    Umask       137 027
    DefaultRoot ~
    TransferLog /var/log/proftpd/xferlog.ssl
    TLSCipherSuite "RSA"
    TLSVerifyClient off
</VirtualHost>

<<< proftpd.conf

Bohuzel FileZilla nepodporuje nesifrovany prenos na datovem kanale pri sifrovani na prikazovem kanale a kuli bezpecnosti by bylo dobre, aby hesla byla sifrovana.

Ma nekdo nejaky napad jak vyresit ono zkracovani souboru?

Dekuji

Jan Jirasko

Další informace o konferenci Linux