vsftpd - Faulty file transfer with TLSv1.3 & AES128
by triplum.fm from LinuxQuestions.org on (#6H0KC)
Hello everyone,
I have an issue with vsftpd and TLSv1.3, affecting both vsftpd-3.0.3 and vsftpd-3.0.5. I can easily establish a connection and transfer files over TLSv1.3 with TLS_AES_256_GCM_SHA384 using gFTP and lftp. The same applies to TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384.
However, the problem arises as my Android smartphones or apps establish the connection (when configured to TLSv1.3) only with TLS_AES_128_GCM_SHA256. Although they can successfully log in to the server, it is not possible to transfer files completely. In particular, images are only partially transferred, displaying only parts of the image.
This issue affects all tested Android FTP clients, and I've tested it on both a Samsung M52 (Android 13) and a Xiaomi 9T Pro (LineageOS 20). The server is running on Debian Bookworm.
Does anyone know exactly where the problem lies?
I have an issue with vsftpd and TLSv1.3, affecting both vsftpd-3.0.3 and vsftpd-3.0.5. I can easily establish a connection and transfer files over TLSv1.3 with TLS_AES_256_GCM_SHA384 using gFTP and lftp. The same applies to TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384.
However, the problem arises as my Android smartphones or apps establish the connection (when configured to TLSv1.3) only with TLS_AES_128_GCM_SHA256. Although they can successfully log in to the server, it is not possible to transfer files completely. In particular, images are only partially transferred, displaying only parts of the image.
This issue affects all tested Android FTP clients, and I've tested it on both a Samsung M52 (Android 13) and a Xiaomi 9T Pro (LineageOS 20). The server is running on Debian Bookworm.
Does anyone know exactly where the problem lies?