对于极少数客户,我们在上传任何大于 64 kb 的文件时会遇到问题。服务器操作系统是通过 SSL 运行 vsftpd 的 FreeBSD。当我们将这些客户转移到托管在 Windows 上的 ftps 服务器时,他们没有遇到任何问题。客户端系统运行的是 Windows 操作系统。
我们分析了客户端和服务器上的 wireshark / tcpdump 跟踪,我们的分析如下:
一旦客户端完成文件上传,它就会发送 FIN,但服务器需要时间才能发回 ACK/FIN,届时客户端将重新启动 TCP 握手并再次开始上传文件。我们尝试关闭 TCP 延迟确认、TCP 校验和、服务器上更改的 recvBuf。这些设置都没有任何作用。
附加详细信息:FreeBSD 9.0 发布 vsFtpd 3.0.0
vsFtpd日志
Fri Jun 15 12:22:16 2012 [pid 1092] CONNECT: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:16 2012 [pid 1092] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, not reused, no cert"
Fri Jun 15 12:22:16 2012 [pid 1092] FTP response: Client "xx.xxx.xx.xx", "220 (vsFTPd 3.0.0)"
Fri Jun 15 12:22:16 2012 [pid 1092] FTP command: Client "xx.xxx.xx.xx", "USER ftpuser"
Fri Jun 15 12:22:16 2012 [pid 1092] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "331 Please specify the password."
Fri Jun 15 12:22:16 2012 [pid 1092] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASS <password>"
Fri Jun 15 12:22:16 2012 [pid 1091] [ftpuser] OK LOGIN: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "230 Login successful."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "OPTS UTF8 ON"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Always in UTF8 mode."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PBSZ 0"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PBSZ set to 0."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PROT P"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PROT now Private."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "CWD /usr/home/ftpuser"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "250 Directory successfully changed."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "TYPE I"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Switching to Binary mode."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASV"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xx)."
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "STOR testfile.TIF"
Fri Jun 15 12:22:16 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "150 Ok to send data."
Fri Jun 15 12:22:16 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, reused, no cert"
Fri Jun 15 12:22:17 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: SSL_RECEIVED_SHUTDOWN"
Fri Jun 15 12:22:17 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: 3"
Fri Jun 15 12:22:37 2012 [pid 1096] CONNECT: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:37 2012 [pid 1096] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, not reused, no cert"
Fri Jun 15 12:22:37 2012 [pid 1096] FTP response: Client "xx.xxx.xx.xx", "220 (vsFTPd 3.0.0)"
Fri Jun 15 12:22:37 2012 [pid 1096] FTP command: Client "xx.xxx.xx.xx", "USER ftpuser"
Fri Jun 15 12:22:37 2012 [pid 1096] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "331 Please specify the password."
Fri Jun 15 12:22:37 2012 [pid 1096] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASS <password>"
Fri Jun 15 12:22:37 2012 [pid 1095] [ftpuser] OK LOGIN: Client "xx.xxx.xx.xx"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "230 Login successful."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "OPTS UTF8 ON"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Always in UTF8 mode."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PBSZ 0"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PBSZ set to 0."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PROT P"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 PROT now Private."
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "CWD /usr/home/ftpuser"
Fri Jun 15 12:22:37 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "250 Directory successfully changed."
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "TYPE I"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "200 Switching to Binary mode."
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "PASV"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "227 Entering Passive Mode (xx,xxx,xxx,xx,xxx,xxx)."
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP command: Client "xx.xxx.xx.xx", "LIST"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "150 Here comes the directory listing."
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL version: TLSv1/SSLv3, SSL cipher: AES128-SHA, reused, no cert"
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: NONE"
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: SSL_SENT_SHUTDOWN"
Fri Jun 15 12:22:38 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "SSL shutdown state is: 3"
Fri Jun 15 12:22:38 2012 [pid 1097] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "226 Directory send OK."
Fri Jun 15 12:24:22 2012 [pid 1096] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun 15 12:27:04 2012 [pid 1089] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "Connection terminated without SSL shutdown - buggy client?"
Fri Jun 15 12:27:04 2012 [pid 1090] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "421 Timeout."
Fri Jun 15 12:27:17 2012 [pid 1093] [ftpuser] OK UPLOAD: Client "xx.xxx.xx.xx", "/usr/home/ftpuser/testfile.TIF", 109322 bytes, 0.35Kbyte/sec
Fri Jun 15 12:27:17 2012 [pid 1093] [ftpuser] FTP response: Client "xx.xxx.xx.xx", "226 Transfer complete."
Fri Jun 15 12:27:17 2012 [pid 1092] [ftpuser] DEBUG: Client "xx.xxx.xx.xx", "Connection terminated without SSL shutdown - buggy client?"
谢谢你,巴拉特