Article delegate-en/3172 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3171@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Implicit SSL protection of the FTP session
29 Mar 2006 04:39:03 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A3171@delegate-en.ML_> on 03/29/06(10:55:26)
you Marcelo Spohn <pjygabdyi-vob2jtqrbvor.ml@ml.delegate.org> wrote:
 |I'm having a hard time trying to make some FTPS clients to open a data
 |connection through a Delegate FTPS proxy. (The login process goes
 |smooth; no problems with the control connnection.) The problem seems to
 |be that the FTPS clients are using implicit SSL protection of the FTP
 |session, i.e., they don't seem to be using AUTH TLS or AUTH SSL. Does
 |Delegate support such type of clients?

I forgot to care the case of implicit FTPS without negotiation when I
introduced STLS.  The enclosed patch will solve the problem.  

Cheers,
Yutaka
--
  D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** ../delegate9.1.1/src/stls.c	Sat Mar 25 11:33:51 2006
--- src/stls.c	Wed Mar 29 13:36:34 2006
***************
*** 197,202 ****
--- 197,207 ----
  			syslog_ERROR("## STLS ## IMPLICIT SSL ON %d,%d,%d,%d\n",
  				ClientSock,FromC,ToC,fcl);
  			if( 0 <= fcl ){
+ 				if( strncaseeq(CLNT_PROTO,"ftp",3) ){
+ 					if( FromC == ClientSock ){ 
+ 						ClientSock = dup(ClientSock);
+ 					}
+ 				}
  				dup2(fcl,FromC);
  				close(fcl);
  				ClientFlags |= PF_STLS_ON;

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V