M_R
July 17, 2023, 12:42pm
1
Hi,
how can i solve this issue? I read that is a bug in rclone? Is that true?
rclone version
rclone v1.63.0
os/version: ubuntu 22.04 (64 bit)
os/kernel: 5.15.0-76-generic (x86_64)
os/type: linux
os/arch: amd64
go/version: go1.20.5
go/linking: static
go/tags: none
Problem:
2023/07/14 23:58:24 ERROR : MYFILE******: vfs cache: failed to upload try #6 , will retry in 5m0s: vfs cache: failed to transfer file from cache to remote: update stor: 1 error occurred:
425 Unable to build data connection: TLS session of data connection not resumed.
Reproduce?
Setup FileZilla Server with v1.7.2, mount this FTP with the given command. Try to transfer diffrent files.
Command:
rclone mount MYREMOTE / /home/FTP/ --umask 0 --allow-other --dir-cache-time 24h --attr-timeout 6h --poll-interval 30s --vfs-cache-max-age 3h --vfs-cache-mode full --vfs-read-chunk-size 128M --vfs-read-chunk-size-limit 512M --vfs-cache-max-size 10G --transfers 4 --checkers 4 --ftp-disable-tls13
RClone config:
[MYREMOTE]
type = ftp
host = *** MY HOST ****
user = *********
pass = S****************M
explicit_tls = true
no_check_certificate = true
tls_cache_size = 32
FTP SERVER:
Filezilla FTP Server v1.7.2
Can you upload files to your FTP server using some other tool? E.g. FileZilla client?
Also if possible I would suggest to use SFTP instead - FTP protocol with TLS has tones of issues you can read about on this forum.
asdffdsa
(jojothehumanmonkey)
July 17, 2023, 1:03pm
3
welcome to the forum,
might be easier to test using rclone ls
, not rclone mount
i am able to connect to filezilla server, using TLS v1.3
rclone ls :ftp,explicit_tls,no_check_certificate,host=100.109.123.23,port=2222,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu: -vv
2023/07/17 09:14:28 DEBUG : rclone: Version "v1.62.2" starting with parameters ["rclone" "ls" ":ftp,explicit_tls,no_check_certificate,host=100.109.123.23,port=2222,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu:" "-vv"]
2023/07/17 09:14:28 DEBUG : Creating backend with remote ":ftp,explicit_tls,no_check_certificate,host=100.109.123.23,port=2222,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu:"
2023/07/17 09:14:28 DEBUG : Using config file from "/home/user01/.config/rclone/rclone.conf"
2023/07/17 09:14:28 DEBUG : :ftp: detected overridden config - adding "{gU6Aj}" suffix to name
2023/07/17 09:14:28 DEBUG : ftp://100.109.123.23:2222: Connecting to FTP server
2023/07/17 09:14:28 DEBUG : ftp://100.109.123.23:2222: dial("tcp","100.109.123.23:2222")
2023/07/17 09:14:28 DEBUG : ftp://100.109.123.23:2222: > dial: conn=*fshttp.timeoutConn, err=<nil>
2023/07/17 09:14:28 DEBUG : fs cache: renaming cache item ":ftp,explicit_tls,no_check_certificate,host=100.109.123.23,port=2222,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu,user=user,pass=hCqzUJfyTpEMVVT_Q3htQenZ7pIKVdgu:" to be canonical ":ftp{gU6Aj}:"
2023/07/17 09:14:28 DEBUG : ftp://100.109.123.23:2222: dial("tcp","100.109.123.23:54442")
2023/07/17 09:14:28 DEBUG : ftp://100.109.123.23:2222: > dial: conn=*tls.Conn, err=<nil>
1 file.ext
M_R
July 17, 2023, 1:16pm
4
I can connect via FileZilla or any Android FTP Client. It works without issues only with Rclone occur this error.
To reproduce this, you have to transfer several files. The LS command works partially, most of the file is visible, but then the error occurs.
Then produce ls
DEBUG output and post here - the clues will be there:
rclone ls remote: -vv
asdffdsa
(jojothehumanmonkey)
July 17, 2023, 1:27pm
6
ok, i was able to reproudce the error running filezilla ftp server on windows.
and the 425
issue is not specifc to rclone.
TLS session of data connection not resumed Error (v1.1.0) - FileZilla Forums
M_R
July 17, 2023, 1:31pm
7
My log.
EDIT: i removed the DOMAIN in the logs
rclone ls ftps-nas: -vv
2023/07/17 15:28:44 DEBUG : rclone: Version "v1.63.0" starting with parameters ["rclone" "ls" "ftps-nas:" "-vv"]
2023/07/17 15:28:44 DEBUG : Creating backend with remote "ftps-nas:"
2023/07/17 15:28:44 DEBUG : Using config file from "/home/dev/.config/rclone/rclone.conf"
2023/07/17 15:28:44 DEBUG : ftp://-MYDOMAIN-:21: Connecting to FTP server
2023/07/17 15:28:44 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:44 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:44 DEBUG : ftp://:21: dial("tcp","95.90.129.161:65349")
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: Connecting to FTP server
2023/07/17 15:28:45 DEBUG : ftp://:21: Connecting to FTP server
2023/07/17 15:28:45 DEBUG : ftp://:21: Connecting to FTP server
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:45 DEBUG : ftp://:21: Connecting to FTP server
2023/07/17 15:28:45 DEBUG : ftp://:21: Connecting to FTP server
2023/07/17 15:28:45 DEBUG : ftp://:21: Connecting to FTP server
2023/07/17 15:28:45 DEBUG : ftp://:21: Connecting to FTP server
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp","95.90.129.161:65385")
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp",":21")
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*fshttp.timeoutConn, err=
2023/07/17 15:28:45 DEBUG : ftp://:21: dial("tcp","95.90.129.161:65392")
2023/07/17 15:28:45 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
^C
2023/07/17 15:27:41 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
2023/07/17 15:27:41 DEBUG : ftp://:21: dial("tcp","95.90.129.161:65325")
2023/07/17 15:27:41 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
2023/07/17 15:27:41 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
2023/07/17 15:27:41 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
2023/07/17 15:27:41 DEBUG : ftp://:21: > dial: conn=*tls.Conn, err=
2023/07/17 15:27:41 ERROR : folder/ABC: error listing: 1 error occurred:
* 425 Unable to build data connection: TLS session of data connection not resumed.
M_R
July 17, 2023, 2:07pm
8
What do you mean with that? With other software i have no issues, only with rclone
good catch:) It pointed me towards rclone problems with resuming TLS sessions I saw in the past.
Given that it works like you say partially I think the most likely culprit here is TLS cache
Increase tls_cache_size
as at the moment you just specify its default value - 32
and test with ls
again
asdffdsa
(jojothehumanmonkey)
July 17, 2023, 2:46pm
10
i has already tested tls_cache_size=1024
, did not make a difference
asdffdsa
(jojothehumanmonkey)
July 17, 2023, 2:56pm
11
the issue occurs with various ftp servers and ftp clients, so not just rclone.
rclone relies on third-party library.
opened 01:29PM - 17 Nov 22 UTC
closed 01:29PM - 22 Nov 22 UTC
defect
**Describe the bug**
I am using Explicit FTPS to connect to a FileZilla Server … (1.5.1). When I'm downloading a file a certain amount of times the server gives me an error and the control connection gets closed.
**To Reproduce**
```
c, err := ftp.Dial("127.0.0.1:21", ftp.DialWithExplicitTLS(&tls.Config{
ClientSessionCache: tls.NewLRUClientSessionCache(0),
InsecureSkipVerify: true,
ServerName: "test",
}))
if err != nil {
log.Fatal(err)
}
err = c.Login("user", "pass")
if err != nil {
log.Fatal(err)
}
for i := 0; i < 200; i++ {
fmt.Println("Round " + fmt.Sprint(i))
r, err := c.Retr("/testfile.txt")
if err != nil {
panic(err)
}
buf, _ := ioutil.ReadAll(r)
println(string(buf))
r.Close()
}
```
**Expected behavior**
I would expect that no matter how many files I download, the control connection will not be closed. When I am connecting without TLS this is no problem. Also using WinSCP to connect to the Server or a FileZilla Client works fine.
**FTP server**
- Name and version: FileZilla 1.5.1
**Debug output**
The go FTP Client gives me the following error:
```
panic: write tcp 127.0.0.1:61864->127.0.0.1:21: wsasend: An existing connection was forcibly closed by the remote host.
```
The FileZilla Server gives me the following error:

**Additional Content**
In the example above TLS v1.3 is used. I have also tried setting the Version to TLS v1.2. When I am doing so it takes a lot more files to download until I get an error. Here I get the following error:

This issue also happens with the List command.
rclone is actually using fork of this ftp package... as in the past they were rather slow with fixes.
ncw
(Nick Craig-Wood)
July 17, 2023, 6:49pm
13
Trying disable_tls13 = true
might be worth a go.
Also try the latest beta as it is running the next go version and maybe stuff is fixed there.
1 Like
M_R
July 18, 2023, 8:32am
14
Its not working, als already use this command / option
It's a bit disappointing , such a big language like GO and it's not possible to make an FTPS connection.
I want a 100% clean working solution. Should i open an issue here? Issues · jlaffaye/ftp · GitHub
EDIT: issue created 425 Unable to build data connection: TLS session of data connection not resumed · Issue #342 · jlaffaye/ftp · GitHub
M_R
August 9, 2023, 8:50am
15
ncw
(Nick Craig-Wood)
August 9, 2023, 1:27pm
16
In the issue we see
This is not an issue with this package. You need to setup TLS resumption on your &tls.Config:
ServerName must be correct
SessionTicketsDisabled must be false (this is default)
ClientSessionCache must be non-nil (e.g., tls.NewLRUClientSessionCache(0)
)
I think 2 and 3 are satisfied, however 1 is not
This most likely is the cause of the problem if the ServerName does not match. It depends on exactly why you are using no_check_certificate
though.
M_R
August 9, 2023, 2:38pm
17
Ah ok. The domain is from no-ip a free domain that is setup to my local ip. So i thought i need to disable certificate check but i will try it. Thanks
I guess the implication is that these “tls.config” settings are within rclone?
Can end users of rclone do anything to set this ServerName setting?
Or is a change in rclone required to enable this?
For me, this error happens when I try rclone sync from Ubuntu pointing to a Windows server running FileZilla server with —ftp-explicit-tls set along with other config all on the command line.
It does not happen when I try the same settings except pointing at Linux servers running PureFTP.
Using passive settings in FileZilla with host name set to the same as the name in the LetsEncrypt certificate, which is the same as the reverse DNS of the sever IP
Maybe there’s another place in FileZilla where I need to set the ServerName?
rclone also works fine connecting to FileZilla but without enabling explict TLS.
Also fine with concurrency set to 1 (was just using default)
Does NOT work when concurrency set to 2
Presumably, rclone is not or cannot share the TLS settings for all connections?
(default concurrency is fine for explict TLS connections to PureFTP servers though, so it's strange it seems to be only FileZilla server to have this problem, though I've only connected to PureFTP and FileZilla so there may be others too)
tried concurrency 2 tls cache size 64 and disable tls13 still does not work; same with beta rclone