commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niklas Gustavsson <nik...@protocol7.com>
Subject Re: TLS for FTP
Date Sun, 29 Oct 2006 21:08:50 GMT
Rory Winston wrote:
> Susanne
> 
> It may be possible that there is a bug in the FTPSClient impl - can you 
> post a transcript of the FTP commands and responses sent over the wire?

I've now tested this with FtpServer and I think I got a clue as to what 
is going on. But, I would like to confirm my suspicions with you :-) I'm 
CCing the FtpServer list on the discussion.

When using the PROT P command in active mode, the FTP server will try to 
connect using SSL to the client. In this case the server acts as the SSL 
client. However, this seems to fail and we get a cleartext data 
connection. My feeling is that this is because the commons-net 
SSLContext does not set a keystore it can't act as a SSL server. 
However, I haven't tested patching FTPSClient yet so I'm not sure.

If I run in passive mode (where the FTPSClient will act as a SSL client 
and FtpServer as a SSL server also for the data connection) everything 
seems to work as expected.

You can find my simple test case here:
http://svn.apache.org/repos/asf/incubator/ftpserver/ssl-tests/trunk/src/test/org/apache/ftpserver/ssl/DataConnectionTest.java

Note that this tests differs from what Susanne described as I get a into 
problems on a single STOR. This might be because I have some basic 
misconfiguration, is so feel free to point me the right way :-)

/niklas


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message