commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernd Eckenfels (JIRA)" <>
Subject [jira] [Commented] (NET-426) FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
Date Mon, 05 Dec 2016 20:07:59 GMT


Bernd Eckenfels commented on NET-426:

BTW: I am discussing this Java JSSE shortcoming on OpenJDK security-dev here:

> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>                 Key: NET-426
>                 URL:
>             Project: Commons Net
>          Issue Type: Bug
>          Components: FTP
>    Affects Versions: 3.0.1
>            Reporter: Ketan
>             Fix For: 3.1, 3.2
>         Attachments: FTPSClient.patch, FTPSClient.patch
>   Original Estimate: 1h
>  Remaining Estimate: 1h
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which
create SSLSocket for data connection.  But there is no hook to customize the SSLSocket before
startHandshake is called.  
> I need to know the remote host ip and port, which i can get for socket, and do custom
setup to try to reuse SSL sessions from control connection socket.  Since the socket factory
uses createSocket() method, I can't just use custom socket factory since I don't know the
host and port.  I can't just override the _openDataConnection_() method in my class since
that will call the startHandshake().  
> So it would be nice if you can provide hook, much like _connectAction_(), but for data
connection before handshake is started.  You can pass the new data socket as argument to this
hook method so one can get remote host and port information.  

This message was sent by Atlassian JIRA

View raw message