Created attachment 201561 [details] tls.c patch to fix 1.3 support I've recently had an issue where users are unable to connect via pure-ftpd when TLS is required and the client attempts to use TLS 1.3. This is mentioned on the pure-ftpd GitHub page in the following issue - https://github.com/jedisct1/pure-ftpd/issues/94 Unfortunately I can't seem to find an obvious way to just disable 1.3 (it's not mentioned in the GitHub issue at least, just that it needs patching - which has to be done manually by the look of it as there hasn't been a new release for over a year. Without the patch I'm seeing the following error, which I also get when I try myself with Filezilla pure-ftpd[8789]: (?@a.b.c.d) [ERROR] TLS renegociation I have attached the patch I created for my own ports tree, based on the fix committed to GitHub (Sorry if line ending are Windows).
A commit references this bug: Author: sunpoet Date: Fri Feb 1 21:42:40 UTC 2019 New revision: 491866 URL: https://svnweb.freebsd.org/changeset/ports/491866 Log: Fix TLS 1.3 compatibility - Bump PORTREVISION for package change Obtained from: https://github.com/jedisct1/pure-ftpd/commit/4a495c61ce22c893aed5ee57f6ce0b43c3be59ad PR: 235354 Reported by: Matt Churchyard <churchers@gmail.com> Changes: head/ftp/pure-ftpd/Makefile head/ftp/pure-ftpd/files/patch-src-tls.c
Committed. Thanks!