svn commit: r1332855 - in /mina/ftpserver/trunk/core/src: main/java/org/apache/ftpserver/command/impl/AUTH.java test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java

Tue, 01 May 2012 14:53:24 -0700 

Author: ngn
Date: Tue May  1 21:52:58 2012
New Revision: 1332855

URL: http://svn.apache.org/viewvc?rev=1332855&view=rev
Log:
Correctly set the data connection as protected when using AUTH SSL

Fixes FTPSERVER-431

Also adds support for the TLS-C and TLS-P auth types

Modified:
    
mina/ftpserver/trunk/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
    
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
    
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java

Modified: 
mina/ftpserver/trunk/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
URL: 
http://svn.apache.org/viewvc/mina/ftpserver/trunk/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java?rev=1332855&r1=1332854&r2=1332855&view=diff
==============================================================================
--- 
mina/ftpserver/trunk/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
 (original)
+++ 
mina/ftpserver/trunk/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
 Tue May  1 21:52:58 2012
@@ -50,7 +50,7 @@ public class AUTH extends AbstractComman
 
     private final Logger LOG = LoggerFactory.getLogger(AUTH.class);
 
-    private static final List<String> VALID_AUTH_TYPES = Arrays.asList("SSL", 
"TLS");
+    private static final List<String> VALID_AUTH_TYPES = Arrays.asList("SSL", 
"TLS", "TLS-C", "TLS-P");
 
     /**
      * Execute command
@@ -100,6 +100,12 @@ public class AUTH extends AbstractComman
         // check parameter
         String authType = request.getArgument().toUpperCase();
         if (VALID_AUTH_TYPES.contains(authType)) {
+            if(authType.equals("TLS-C")) {
+                authType = "TLS";
+            } else if(authType.equals("TLS-P")) {
+                authType = "SSL";
+            }
+
             try {
                 secureSession(session, authType);
                 session.write(LocalizedFtpReply.translate(session, request, 
context,
@@ -141,6 +147,9 @@ public class AUTH extends AbstractComman
             session.getFilterChain().addFirst(SSL_SESSION_FILTER_NAME,
                     sslFilter);
 
+            if("SSL".equals(type)) {
+                session.getDataConnection().setSecure(true);
+            }
         } else {
             throw new FtpException("Socket factory SSL not configured");
         }

Modified: 
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
URL: 
http://svn.apache.org/viewvc/mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java?rev=1332855&r1=1332854&r2=1332855&view=diff
==============================================================================
--- 
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
 (original)
+++ 
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
 Tue May  1 21:52:58 2012
@@ -47,12 +47,19 @@ public abstract class ExplicitSecurityTe
         client.login(ADMIN_USERNAME, ADMIN_PASSWORD);
     }
 
+    protected boolean expectDataConnectionSecure() {
+        return getAuthValue().equals("SSL") && !useImplicit();
+    }
+
     /**
      * Tests that we can send command over the command channel. This is, in 
fact
      * already tested by login in setup but an explicit test is good anyways.
      */
     public void testCommandChannel() throws Exception {
         assertTrue(getActiveSession().isSecure());
+
+        assertEquals(expectDataConnectionSecure(), 
getActiveSession().getDataConnection().isSecure());
+
         assertTrue(FTPReply.isPositiveCompletion(client.noop()));
     }
 

Modified: 
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java
URL: 
http://svn.apache.org/viewvc/mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java?rev=1332855&r1=1332854&r2=1332855&view=diff
==============================================================================
--- 
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java
 (original)
+++ 
mina/ftpserver/trunk/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java
 Tue May  1 21:52:58 2012
@@ -61,6 +61,10 @@ public class MinaImplicitDataChannelTest
         return true;
     }
 
+    protected boolean expectDataConnectionSecure() {
+        return true;
+    }
+
     /**
      * Simple test that the {@link ServerDataConnectionFactory#isSecure()} 
      * works as expected

Reply via email to