Old 07-04-2002, 11:23 AM   #1
Screami
Junior Member
 
Join Date: Jul 2002
Posts: 2
Default [SSL] command order, PROT issue

Hi all,

I am not sure if this is considered a bug. rfc2228 says command order should not play any role and "clients SHOULD be coded in such a manner as to allow the timing of the AUTH, PBSZ and PROT
commands to be flexible and dictated by the server".

Since I use an open source ftp server, changing the source to accept ffxps order is not a big deal, but probably you could make this point (PBSZ/PROT, USER/PASS order) configurable in some way?!
E.g. bsdftpd-ssl usually replies to a PBSZ/PROT before USER/PASS with "503 Use AUTH command first." One could even use that reply to auto-sense the behaviour of ffxp, but I am not sure about other ftp server replies, so it´s probably not that easy. Some sort of checkbox in SSL options would do fine for me, too...


Another point I consider a bug is: AUTH SSL should not issue a PROT command, since ftp-data it is protected anyway by the implicit nature of the AUTH SSL mode. Even if the checkbox "encrypted data" is checked, ffxp should not send PROT.
Of course it´s just a cosmetic issue having "PROT command only allowed in TLS mode" in the logs, but if ffxp claims being rfc2228 compliant, it should not do that, I think.


-screami
Screami is offline  
Old 07-04-2002, 04:38 PM   #2
bigstar
FlashFXP Developer
FlashFXP Administrator
ioFTPD Beta Tester
 
bigstar's Avatar
 
Join Date: Oct 2001
Posts: 8,012
Default

I've never read rfc2228 so I guess FlashFXP is not rfc2228 compliant. Our SSL support was developed for us by a 3rd party.

Quote:
E.g. bsdftpd-ssl usually replies to a PBSZ/PROT before USER/PASS with "503 Use AUTH command first."
I don't understand the logic of this error message. AUTH SSL should be sent prior to the PBSZ/PROT.

Our SSL support is crude and very limited. I'm not sure if FlashFXP can be this flexible.
bigstar is offline  
 

Tags
auth, command, order, prot, ssl

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 04:51 AM.

Parts of this site powered by vBulletin Mods & Addons from DragonByte Technologies Ltd. (Details)