FtpServer
  1. FtpServer
  2. FTPSERVER-420

When picking a passive port, use "random port" from the pool instead of "lowest port"

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.0.6, 1.1.0
    • Component/s: Core
    • Labels:
      None

      Description

      As discussed on the mailing list < http://www.mail-archive.com/ftpserver-users@mina.apache.org/msg01635.html >, passive ports are allocated from the pool based on the lowest available port from the list. This may cause problems with some firewalls or clients that may not release the port as quickly as the server expects. It is also a minor security risk to provide an easily guessable port for passive connections.

      Discussion on the list centered around other options to allocate ports, focusing on a random port assignment from the available pool.

      1. PassivePorts.java.diff
        5 kB
        Allen Firstenberg
      2. DataConnectionConfigurationFactory.java.diff
        0.6 kB
        Allen Firstenberg
      3. PassivePorts.java
        8 kB
        Allen Firstenberg
      4. PassivePortsTest.java
        10 kB
        Allen Firstenberg

        Activity

        Niklas Gustavsson made changes -
        Status Open [ 1 ] Closed [ 6 ]
        Assignee Niklas Gustavsson [ niklas ]
        Fix Version/s 1.0.6 [ 12315314 ]
        Fix Version/s 1.1.0 [ 12313458 ]
        Resolution Fixed [ 1 ]
        Allen Firstenberg made changes -
        Description As discussed on the mailing list <http://www.mail-archive.com/ftpserver-users@mina.apache.org/msg01635.html&gt;, passive ports are allocated from the pool based on the lowest available port from the list. This may cause problems with some firewalls or clients that may not release the port as quickly as the server expects. It is also a minor security risk to provide an easily guessable port for passive connections.

        Discussion on the list centered around other options to allocate ports, focusing on a random port assignment from the available pool.
        As discussed on the mailing list < http://www.mail-archive.com/ftpserver-users@mina.apache.org/msg01635.html >, passive ports are allocated from the pool based on the lowest available port from the list. This may cause problems with some firewalls or clients that may not release the port as quickly as the server expects. It is also a minor security risk to provide an easily guessable port for passive connections.

        Discussion on the list centered around other options to allocate ports, focusing on a random port assignment from the available pool.
        Allen Firstenberg made changes -
        Attachment PassivePortsTest.java [ 12482856 ]
        Allen Firstenberg made changes -
        Attachment PassivePortsTest.class [ 12482855 ]
        Allen Firstenberg made changes -
        Comment [ Whoops. Thanks for that reminder. Now attached. ]
        Allen Firstenberg made changes -
        Attachment PassivePortsTest.class [ 12482855 ]
        Allen Firstenberg made changes -
        Attachment PassivePorts.java [ 12482842 ]
        Allen Firstenberg made changes -
        Field Original Value New Value
        Attachment PassivePorts.java.diff [ 12482840 ]
        Attachment DataConnectionConfigurationFactory.java.diff [ 12482841 ]
        Allen Firstenberg created issue -

          People

          • Assignee:
            Niklas Gustavsson
            Reporter:
            Allen Firstenberg
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development