I've gone ahead and attached your patch to the JIRA bug. On Thu Jan 22 2015 at 12:02:37 John Hartnup <john.hart...@gmail.com> wrote:
> Actually there is already a bug record: > https://issues.apache.org/jira/browse/FTPSERVER-459 > > > On Thu Jan 22 2015 at 12:00:19 John Hartnup <john.hart...@gmail.com> > wrote: > >> The last commit to the project was Nov 2012 -- is anyone actively >> maintaining this project? >> https://git-wip-us.apache.org/repos/asf?p=mina-ftpserver.git;a=summary >> >> That said, it may be worth raising a bug at https://issues.apache.org/ >> jira/browse/FTPSERVER/ -- you can attach your patch there -- I guess >> that would save the committer (assuming one comes along) some time. >> >> On Thu Jan 22 2015 at 08:01:47 juergen sorg <j.s...@fz-juelich.de> wrote: >> >>> hi erick, hi david, >>> >>> you can find ftp server sources including changes to support >>> en/disabling certain ssl protocols here: >>> >>> http://icg4003-v3.icg.kfa-juelich.de/weatherradargif/apache- >>> ftpserver-1.0.6.patchj.tar.gz >>> >>> here a list of changed classes: >>> >>> - SslConfiguration >>> - SslConfigurationFactory >>> - NioListener >>> - AUTH >>> - ListenerBeanDefinitionParser >>> - ftpserver-1.0.xsd >>> >>> gruss juergen >>> >>> On 21/01/15 17:23, David Latorre wrote: >>> > As Erick says, you need to invoke SSLFilter.setEnabledProtocols() >>> . If >>> > you are willing to provide a patch in order to expose the >>> EnabledProtocols >>> > method in the Listener configuration, we will be happy to integrate >>> it >>> > into the FTPServer code . >>> > >>> > >>> > Kindest regards, >>> > >>> > >>> > >>> > 2015-01-21 12:13 GMT+01:00 Erick Lichtas <elich...@linoma.com>: >>> > >>> >> Hello, >>> >> >>> >> I'm not sure how much work has been done with this on the project with >>> >> this lately, but what needs to be added is an option that allows the >>> >> 'enabled ssl protocols' to be set on the mina SSLFilter in a few >>> spots. >>> >> Basically, every place in the code that calls >>> >> sslFilter.setEnabledCipherSuites(..) should also/instead call >>> >> sslFilter.setEnabledProtocols(..). If such is done, you can >>> granularly >>> >> control which SSL/TLS protocols are enabled on the server. And this >>> works >>> >> well for the Oracle and IBM jvms. >>> >> >>> >> Regards, >>> >> Erick >>> >> >>> >> -----Original Message----- >>> >> From: juergen sorg [mailto:j.s...@fz-juelich.de] >>> >> Sent: Wednesday, January 21, 2015 12:58 AM >>> >> To: ftpserver-users@mina.apache.org >>> >> Subject: disable sslv3 >>> >> >>> >> hi, >>> >> >>> >> is it possible to disable some SSL and TLS versions in apache mina ftp >>> >> server? >>> >> i read the documentation, but there is only the option to choose >>> between >>> >> SSL or TLS. and if i specifiy TLS in the configuration (spring confign >>> >> file) then the same protocols are enabled as i use SSL (i could >>> connect >>> >> by using openssl client with SSLv3, TLSv1 TLSv1.1 TLSv1.2 >>> >> >>> >> thanks in advance >>> >> >>> >> gruss juergen >>> >> >>> >> >>> > >>> >>> >>>
