On Sun, Apr 03, 2005 at 08:36:56AM -0500, Russ Cox wrote: > > > If so, you need to change ftpfs/hget to pushtls after > > > connecting: > > > TLSconn conn; > > > fd = dial(etc.); > > > memset(&conn, 0, sizeof conn); > > > fd = tlsClient(fd, &conn); > > > instead of just calling dial. > > > > Shouldn't this be done by enhancing dial to understand a TLS > > qualifier? How difficult would that be? I'm a lot better at trivial > > changes, maybe I can figure my way around it if it makes sense. > > changing dial? no. writing a tlsdial? > maybe, but it doesn't happen very often. > what's more common is that you connect, > talk plaintext for a little while, and then decide > to start tls. i don't think there are enough > instances yet to know what the common case is. > > russ
It seems to be pretty standard protocol to me. Exchange, verify, encrypt. The original IETF draft is at http://www.ford-hutchinson.com/~fh-1-pfh/draft-murray-auth-ftp-ssl-05.txt and every current popular FTP client implements it, so there should be plenty of source with a friendly license out there. --Devon
pgphDFu5qdFzj.pgp
Description: PGP signature
