FtpServer
  1. FtpServer
  2. FTPSERVER-244

Automatically do SSL on passive ports, if Session is implict FTPS

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Duplicate
    • Affects Version/s: 1.0.0-M4
    • Fix Version/s: 1.0.0-RC1
    • Component/s: None
    • Labels:
      None
    • Environment:
      Client PowerTCP alias DartFTP, implicit FTPS

      Description

      I had some trouble with DartFTP as client in implicit ftps mode. The client expects, that the data channel is automatically secure, when the control channel is ssl. It does not issue a PROT command.

      I know there is no clean spec for implicit ftps.

      I fixed it in the constructor of IODataConnectionFactory, but maybe this behaviour should be configurable:

      public IODataConnectionFactory(final FtpServerContext serverContext,
      final FtpIoSession session)

      { this.session = session; this.serverContext = serverContext; // implicitly preset security this.secure=session.isSecure(); }

        Activity

        Jörg Schubert created issue -
        Jörg Schubert made changes -
        Field Original Value New Value
        Summary automatically do FTPS on passive ports, if Session is implict FTPS Automatically do SSL on passive ports, if Session is implict FTPS
        Jörg Schubert made changes -
        Attachment patch_ServerSocket_3.txt [ 12396501 ]
        Jörg Schubert made changes -
        Comment [ My next try :-)

        this patch works against current trunk (SVN Revision 726795). And - wow - the fix for FTPSERVER-241 seems to make a mixed usage of SSL and unenrypted traffic on the same port possible. Can anyone test it?

        Configuration:
        A passive Port range is reusable, if any of the port declarations contains an 'r'. example: <passive ports="r2505-2515" />

        Support of a random passive port (<passive ports="0" />) is still broken. And there ist no unit test yet.

        ]
        Hide
        Niklas Gustavsson added a comment -

        While I generally agree that the data connection should have defaulted to secure, I think we're now at a stage where we need to make this configurable. How about we add an implict SSL setting for the data connection as well, this defaults to false but we encourage users to set this to true if they set implicit SSL to true for the listener?

        Jörg, do you feel like hacking on this, my time is very limited at the moment?

        Show
        Niklas Gustavsson added a comment - While I generally agree that the data connection should have defaulted to secure, I think we're now at a stage where we need to make this configurable. How about we add an implict SSL setting for the data connection as well, this defaults to false but we encourage users to set this to true if they set implicit SSL to true for the listener? Jörg, do you feel like hacking on this, my time is very limited at the moment?
        Hide
        Kevin Conaway added a comment -

        FTPSERVER-247 should solve this problem

        Show
        Kevin Conaway added a comment - FTPSERVER-247 should solve this problem
        Jörg Schubert made changes -
        Attachment patch_ServerSocket_3.txt [ 12396501 ]
        Hide
        Niklas Gustavsson added a comment -

        Fixed with the complection of FTPSERVER-247.

        Show
        Niklas Gustavsson added a comment - Fixed with the complection of FTPSERVER-247 .
        Niklas Gustavsson made changes -
        Status Open [ 1 ] Closed [ 6 ]
        Fix Version/s 1.0.0-RC1 [ 12313542 ]
        Resolution Duplicate [ 3 ]
        Assignee Niklas Gustavsson [ niklas ]
        Transition Time In Source Status Execution Times Last Executer Last Execution Date
        Open Open Closed Closed
        6d 21h 43m 1 Niklas Gustavsson 26/Dec/08 10:10

          People

          • Assignee:
            Niklas Gustavsson
            Reporter:
            Jörg Schubert
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development