commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sebb (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NET-354) FTPSClient not properly supporting CCC and PROT P
Date Thu, 14 Apr 2011 10:29:05 GMT

    [ https://issues.apache.org/jira/browse/NET-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13019770#comment-13019770
] 

Sebb commented on NET-354:
--------------------------

@Leif: Glad to see that CCC over explicit SSL works OK for you.

The FTP jar is a subset, containing FTP + support classes only. Apparently some people wanted
a smaller jar.

The code in the snapshot was built from http://svn.apache.org/repos/asf/commons/proper/net/trunk
and *does* include your patch. FTPSClient should be at r1091783 currently if your workspace
is up to date.

Like you, I'm not sure that CCC should apply to implicit SSL; but if it does, then something
needs to be fixed.

> FTPSClient not properly supporting CCC and PROT P
> -------------------------------------------------
>
>                 Key: NET-354
>                 URL: https://issues.apache.org/jira/browse/NET-354
>             Project: Commons Net
>          Issue Type: Bug
>          Components: FTP
>    Affects Versions: 2.2
>         Environment: Applies to all environments
>            Reporter: Leif John Korshavn
>             Fix For: 3.0
>
>         Attachments: CCCTester.java, CCC_bugs_in_FTPSClient.patch
>
>
> FTPSClient does not behave properly after issuing CCC (Clear Command Channel). Proper
behaviour is to close SSLSocket, but keep underlying connection without SSL open.
> To achieve this, the SSLSocket should be created with "false", like this on line 255
(of FTPSClient v2.2)
> SSLSocket socket =
> (SSLSocket) ssf.createSocket(_socket_, ip, port, false);
> Furthermore, on sendCommand CCC, sslSocket must be closed before setting _socket = _plainsocket
on line 493:
>    _socket.close();
>    _socket = _plainsocket;
>    ...
> And finally, it is wrong to set socket factory to null on line 500 of the same method;
this is set properly in exexPROT and should not be reset on CCC.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message