FlashFXP Forums - View Single Post

Screami · 07-04-2002, 11:23 AM

Hi all,

I am not sure if this is considered a bug. rfc2228 says command order should not play any role and "clients SHOULD be coded in such a manner as to allow the timing of the AUTH, PBSZ and PROT
commands to be flexible and dictated by the server".

Since I use an open source ftp server, changing the source to accept ffxps order is not a big deal, but probably you could make this point (PBSZ/PROT, USER/PASS order) configurable in some way?!
E.g. bsdftpd-ssl usually replies to a PBSZ/PROT before USER/PASS with "503 Use AUTH command first." One could even use that reply to auto-sense the behaviour of ffxp, but I am not sure about other ftp server replies, so itÂ´s probably not that easy. Some sort of checkbox in SSL options would do fine for me, too...

Another point I consider a bug is: AUTH SSL should not issue a PROT command, since ftp-data it is protected anyway by the implicit nature of the AUTH SSL mode. Even if the checkbox "encrypted data" is checked, ffxp should not send PROT.
Of course itÂ´s just a cosmetic issue having "PROT command only allowed in TLS mode" in the logs, but if ffxp claims being rfc2228 compliant, it should not do that, I think.

-screami

07-04-2002, 11:23 AM
Screami Junior Member Join Date: Jul 2002 Posts: 2	[SSL] command order, PROT issue Hi all, I am not sure if this is considered a bug. rfc2228 says command order should not play any role and "clients SHOULD be coded in such a manner as to allow the timing of the AUTH, PBSZ and PROT commands to be flexible and dictated by the server". Since I use an open source ftp server, changing the source to accept ffxps order is not a big deal, but probably you could make this point (PBSZ/PROT, USER/PASS order) configurable in some way?! E.g. bsdftpd-ssl usually replies to a PBSZ/PROT before USER/PASS with "503 Use AUTH command first." One could even use that reply to auto-sense the behaviour of ffxp, but I am not sure about other ftp server replies, so itÂ´s probably not that easy. Some sort of checkbox in SSL options would do fine for me, too... Another point I consider a bug is: AUTH SSL should not issue a PROT command, since ftp-data it is protected anyway by the implicit nature of the AUTH SSL mode. Even if the checkbox "encrypted data" is checked, ffxp should not send PROT. Of course itÂ´s just a cosmetic issue having "PROT command only allowed in TLS mode" in the logs, but if ffxp claims being rfc2228 compliant, it should not do that, I think. -screami