Article delegate-en/1656 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A1655@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FTP over SSL
28 May 2002 15:09:31 GMT feedback@delegate.org (Yutaka Sato)


Hi,

For the time being, the answer for your first question only.

On 05/28/02(19:44) you po4dabdyi-uwzfqiwsbzxr.ml@ml.delegate.org wrote
in <_A1655@delegate-en.ML_>
 |1. draft-murray-auth-ftp-ssl-08.txt and RFC-2228 documents are describing 
 |the 'PROT P' command to secure data connection. After successful AUTH TLS 
 |and autentication with USER & PASS, the ftp server expect me to issue a 
 |PBSZ 0 and PROT P commands to force ftp-data to be SSL encrypted. In other 
 |case the data sessions are unencrypted. How to make Delegate to issue 
 |those commands after successful autentication ? (I want nonSSL client to 
 |connect via delegate to SSL enabled server)

Thank you for pointing it out.  It has not been supported and should
(must) be.  Since I am still not determined the right place where
START-TLS relevant codes are put, ie. in filters/sslway.c or in each
protocol interpreters under src/, I'll adopt the easiest solution for
sslway.c.  I hope the enclosed patch will do it.

Cheers,
Yutaka
--
  @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan

*** ../delegate7.9.5/filters/sslway.c	Wed Feb  6 00:27:46 2002
--- sslway.c	Tue May 28 23:35:40 2002
***************
*** 594,599 ****
--- 594,611 ----
  		if( dp = strpbrk(buf,"\r\n") )
  			*dp = 0;
  		ERROR("STARTTLS to server -- %s",buf);
+ 
+ 		if( strcasecmp(proto,"FTP") == 0 ){
+ 			fputs("PBSZ 0\r\n",ts);
+ 			fflush(ts);
+ 			fgets(buf,sizeof(buf),fs);
+ 			TRACE("STARTTLS/FTP PBSZ 0 -> %s",buf);
+ 
+ 			fputs("PROT P\r\n",ts);
+ 			fflush(ts);
+ 			fgets(buf,sizeof(buf),fs);
+ 			TRACE("STARTTLS/FTP PROT P -> %s",buf);
+ 		}
  	}
  	if( do_accSSL && do_accSTLS ){
  	  for( xi = 0; ; xi++ ){

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V