[NOT i-MSCP RELATED] ProFTPd 1.3.5 with TLS enable = Slow directory display

  • Hi,



    Just a quick notice about ProFTPd and TLS enabled.


    If your version of it is "1.3.5", you probably have a know bug with "mod_tls" which seems to force the server to redo the certificate exchange with the client.
    In short, all folder changes take in general 5 to 10 seconds.


    Actually, Debian 8.1 is impacted as well as the latest Ubuntu stable version which didn't mention the fix in the changelog of the package.


    Official fix has been applied in version 1.3.5a (and the actual testing version 1.3.6rc1).



    The best way to fix this should be to recompile the whole ProFTPd application, or if you want to keep the version provided by your package manager, disable the TLS if this is too annoying for you.




    Bogue 4108 - SSL handshakes for data connections sometimes stall for 3-30 seconds
    The file involve in the fix of that bug (ProFTPd Github)

  • If your version of it is "1.3.5", you probably have a know bug with "mod_tls" which seems to force the server to redo the certificate exchange with the client.
    In short, all folder changes take in general 5 to 10 seconds.


    @Athar


    What if you set the TLSRenegotiate parameter to none ?

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • I saw this possible solution @Nuxwin and this doesn't change anything :( (at least for me, maybe the parameter was wrong on my side too).


    I'll give a new try with the original .SO file.



    Tested, changed nothing (BTW, TLSRenegotiate has "none" by default :) when not used)
    I did a screen record, for those who want to see the side effect of this bug and have some minutes to loose :D

    Edited once, last by Athar ().

  • @Athar


    I'll add support for vsftpd in near future because proftpd suck !

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

  • Hi,
    how can i update to 1.3.5a? I've update my server to jessie and now my ftp connections are very slow with tls.
    The parameter TLSRenegotiate is set to none.
    Thanks