[ https://issues.apache.org/jira/browse/NET-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13019770#comment-13019770
]
Sebb commented on NET-354:
--------------------------
@Leif: Glad to see that CCC over explicit SSL works OK for you.
The FTP jar is a subset, containing FTP + support classes only. Apparently some people wanted
a smaller jar.
The code in the snapshot was built from http://svn.apache.org/repos/asf/commons/proper/net/trunk
and *does* include your patch. FTPSClient should be at r1091783 currently if your workspace
is up to date.
Like you, I'm not sure that CCC should apply to implicit SSL; but if it does, then something
needs to be fixed.
> FTPSClient not properly supporting CCC and PROT P
> -------------------------------------------------
>
> Key: NET-354
> URL: https://issues.apache.org/jira/browse/NET-354
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 2.2
> Environment: Applies to all environments
> Reporter: Leif John Korshavn
> Fix For: 3.0
>
> Attachments: CCCTester.java, CCC_bugs_in_FTPSClient.patch
>
>
> FTPSClient does not behave properly after issuing CCC (Clear Command Channel). Proper
behaviour is to close SSLSocket, but keep underlying connection without SSL open.
> To achieve this, the SSLSocket should be created with "false", like this on line 255
(of FTPSClient v2.2)
> SSLSocket socket =
> (SSLSocket) ssf.createSocket(_socket_, ip, port, false);
> Furthermore, on sendCommand CCC, sslSocket must be closed before setting _socket = _plainsocket
on line 493:
> _socket.close();
> _socket = _plainsocket;
> ...
> And finally, it is wrong to set socket factory to null on line 500 of the same method;
this is set properly in exexPROT and should not be reset on CCC.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|