FTP "TLS SessionResumption" error with Filezilla

Anahata · 5 November 2024 13:33

Problem Description

A customer who uses ftp via Filezilla to upload and retrieve webspace files is getting an error message about security and TLS session resumption.

He’s using Windows Filezilla, and I get a similar message with Linux Filezilla.

Research elsewhere suggests this appears to be an issue with Filezilla and pure-ftpd, that doesn’t happen with other clients or other servers.

One forum poster elsewhere suggests disabling SNI for pure-ftpd, but it appears to be disabled anyway in a Sympl installation.

How serious is it?
I don’t want to install e.g. pro-ftpd as it won’t be compatible with the Sympl ftp integration and would be a lot of effort to make it work in a similar way.
I don’t have more than a handful of ftp users.
Has a later version of pure-ftpd fixed this?

Any Error Messages

Pop up box says:
Insecure data connection
This server does not support TLS session resumption on the data connection.
TLS resumption on the data connection is an important security feature
to protect against data connection stealing attacks.
If you continue, transferred files may be intercepted or their contents replaced
by an attacker
There’s a tick box for “Always allow insecure data connections for this server in future sessions”

Environment

Sympl Version: 12
Sympl Testing Version: no
Debian Version: 12
Hardware Type: VPS
Hosted With: Bitfolk

compassweb · 6 November 2024 20:34

I experienced and reported a similar issue a while back. But the post failed to gain traction.

SFTP Login Issues - Support - Sympl

Anahata · 6 November 2024 21:07

Did you mean SFTP (a different file transfer protocol that runs over ssh) or FTPS, which my problem relates to, and is old school FTP with TLS support?

Kelduum · 6 November 2024 22:42

Can you confirm which versions of Filezilla work and which don’t? Once I can replicate the issue, I should be able to see if there’s a fix or workaround.

As far as security goes, missing TLS Session Resumption is pretty low risk, but worth investigating.

Anahata · 6 November 2024 23:34

I’m using Filezilla 3.63.0 on Debian 12. Starting with a clean slate, if I connect to the site I first get a request to verify the certificate, then when I accept it I get the error box above.

I don’t know which version of Filezilla (if any) doesn’t show this error.

I’m reassured that it’s low risk, which is also what I told my client.

PS
Original customer report said Filezilla produced this message:
“Warning! You have previously connected to this server that supports TLS
session resumption for data connection.”
It also mentioned a sever hostname that I don’t use any more, and he hasn’t actually used FTP for a while; what this means is that he would have previously been connecting to an earlier Debian version - either 11 or (if it was a very long time ago) 10, with whichever pure-ftpd version (or other ftp server) Sympl used in those versions.

Anahata · 7 November 2024 10:48

Customer’s Filezilla info:

Version:          3.67.0

Build information:
  Compiled for:   x86_64-w64-mingw32
  Compiled on:    x86_64-pc-linux-gnu
  Build date:     2024-04-15
  Compiled with:  x86_64-w64-mingw32-gcc (GCC) 12-win32
  Compiler flags:  -O2 -g -Wall -Wextra -Wno-deprecated-copy
-ffunction-sections -fdata-sections -Wno-cast-function-type

Linked against:
  wxWidgets:      3.2.4
  SQLite:         3.39.4
  GnuTLS:         3.8.4

Operating system:
  Name:           Windows 10 (build 19045), 64-bit edition
  Version:        10.0
  Platform:       64-bit system
  CPU features:   sse sse2 sse3 ssse3 sse4.1 sse4.2 avx avx2 aes pclmulqdq
rdrnd bmi bmi2 adx lm

Kelduum · 7 November 2024 16:16

I’ve managed to replicate this, but theres so sign of TLS Session Resumption configuration for ether Pure-FTP (which is what Sympl uses) or any relevant configuration within Filezilla.

After spending waaay too long looking into this and the proof of concept, its very low risk, as an attacker would have to connect from the same IP address, and correctly guess which of the 16,384 ports the server has just opened for the client, and connect before the client does (which in most cases is a fraction of a second), so to do this effectively you’d likely need to be on the same hardware as the normal user.

So while it’s theoretically possible in some specific configurations, its not really probable in Sympl - the fact Sympl uses a large range of ports for connections in (making it difficult to guess the port), and supports IPv6 connections (negating issues with IPs being shared between machines), along with the majority of operating systems nowadays having memory access limited to administrators it’s unlikely to be an issue.

For now I can only really suggest users check the box to ignore this problem in the future, but that would also likely skip other, more important things like certificate validation, but unfortunately that’s down to the client being used - most if not all warnings about this seem to be related to Filezilla, so it may be their own FTP server (not used by Sympl) was particularly vulnerable to this, in some configurations, but it’s not really possible to be sure.

For now, I’ll log this as an issue, and it can be looked at again for the next Debian release.

Longer term, support for things like properly jailed SFTP/SSH are on the wishlist, but they’re less easy to do in the same way that FTP allows.

Anahata · 7 November 2024 17:02

Thanks Paul. The effort you have put into this is much appreciated!