Hi.
Thanks for your reply. I did try that but still dont see anything more that
would be helpful. I see an entry in the filezilla server but says not
logged in.
FTPSClient client = new FTPSClient();
//client.setReaderThread(false);
client.addProtocolCommandListener(new PrintCommandListener(new
PrintWriter(System.out)));
client.connect("127.0.0.1", 990);
regards,
Rory Winston wrote:
>
> Can you attach a PrintCommandListener to the client, so you can see the
> commands being passed over the wire?
>
> FTPSClient client = new FTPSClient( ... );
> client.addProtocolCommandListener(new PrintCommandListener(new
> PrintWriter(System.out)));
>
> Then you can see what is actually happening.
>
> Cheers
> Rory
>
>
>
> M wrote:
>> Hi Rory.
>>
>> I tried the apache Jakarta FTPSClient to connect to filezilla ftps
>> listening
>> on port 990.
>>
>> When I use ftps.connect("localhost", 990); it does not get connected.
>>
>> FTPSClient client = new FTPSClient("JKS","SSL","password","0","P");
>> System.out.println("*****");
>>
>> client.connect("127.0.0.1",990);
>> System.out.println("*****");
>> client.getStatus();
>> System.out.println("*****");
>>
>>
>> Appreciate any tips. Thanks.
>>
>> Here's the code I downloaded from Apache Jakarta:
>>
>> /*
>> * Copyright 2001-2005 The Apache Software Foundation
>> *
>> * Licensed under the Apache License, Version 2.0 (the "License");
>> * you may not use this file except in compliance with the License.
>> * You may obtain a copy of the License at
>> *
>> * http://www.apache.org/licenses/LICENSE-2.0
>> *
>> * Unless required by applicable law or agreed to in writing, software
>> * distributed under the License is distributed on an "AS IS" BASIS,
>> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>> implied.
>> * See the License for the specific language governing permissions and
>> * limitations under the License.
>> */
>>
>>
>> import java.io.BufferedReader;
>> import java.io.BufferedWriter;
>> import java.io.IOException;
>> import java.io.InputStreamReader;
>> import java.io.OutputStreamWriter;
>> import java.net.InetAddress;
>> import java.net.Socket;
>> import java.net.SocketException;
>> import java.security.KeyStore;
>>
>> import javax.net.ssl.KeyManagerFactory;
>> import javax.net.ssl.SSLContext;
>> import javax.net.ssl.SSLSocket;
>> import javax.net.ssl.TrustManager;
>>
>> import org.apache.commons.net.SocketFactory;
>> import org.apache.commons.net.ftp.FTPClient;
>>
>>
>>
>> /**
>> *
>> * This class extends [EMAIL PROTECTED]
>> org.apache.commons.net.ftp.FTPClient} to add
>> * the necessary methods that implement SSL/TLS-FTPS.
>> *
>> */
>> public class FTPSClient extends FTPClient {
>>
>> // Represent the method to the FTP command AUTH...
>> private String sslContext;
>>
>> // Secure context (can be "TLS" or "SSL")
>> private SSLContext context;
>>
>> private String pbsz;
>> private String prot;
>>
>> private BufferedReader _controlInput_;
>>
>> private BufferedWriter _controlOutput_;
>>
>>
>> /**
>> * Default constructor that selects some default options (TLS
>> encryption)
>> *
>> */
>> public FTPSClient() {
>> this("JCEKS", "TLS", "password", "0", "P");
>> }
>>
>>
>> /**
>> *
>> * Constructor that initializes the secure connection.
>> *
>> * @param keyStoreName Type of instance KeyStore, JKS for Java 1.3 y
>> JCEKS
>> for Java 1.4
>> * @param sslContext Type of the instance SSLContext, can be SSL or TLS.
>> * @param password The password to access the KeyStore.
>> * @param pbsz Protection buffer size (Use 0 to indicate streaming)
>> * @param prot The protection level for the data channel
>> */
>> public FTPSClient(String keyStoreName, String sslContext, String
>> password,
>> String pbsz, String prot) {
>> this.sslContext = sslContext;
>> this.pbsz = pbsz;
>> this.prot = prot;
>>
>> try {
>> KeyStore keyStore = KeyStore.getInstance(keyStoreName);
>>
>> keyStore.load(null, password.toCharArray());
>>
>> KeyManagerFactory keyManagerFactory =
>> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
>>
>> keyManagerFactory.init(keyStore,
>> password.toCharArray());
>>
>> this.context = SSLContext.getInstance(sslContext);
>>
>> this.context.init(
>> keyManagerFactory.getKeyManagers(),
>> new TrustManager[] { (TrustManager) new
>> FTPSTrustManager() }, null
>> );
>> } catch (Exception e) {
>> e.printStackTrace();
>> }
>> }
>>
>> /**
>> * @see
>> org.apache.commons.net.SocketClient#connect(java.net.InetAddress,
>> int, java.net.InetAddress, int)
>> */
>> public void connect(InetAddress address, int port, InetAddress
>> localAddress, int localPort) throws SocketException, IOException
>> {
>> System.out.println("***** In 1 ********");
>> super.connect(address, port, localAddress, localPort);
>>
>> this.secure(this.pbsz,this.prot);
>> }
>>
>> /**
>> * @see
>> org.apache.commons.net.SocketClient#connect(java.net.InetAddress,
>> int)
>> */
>> public void connect(InetAddress address, int port) throws
>> SocketException,
>> IOException
>> {
>> System.out.println("***** In 2 ********");
>> super.connect(address, port);
>>
>> this.secure(this.pbsz,this.prot);
>> }
>>
>> /**
>> * @see org.apache.commons.net.SocketClient#connect(java.lang.String,
>> int,
>> java.net.InetAddress, int)
>> */
>> public void connect(String address, int port, InetAddress localAddress,
>> int
>> localPort) throws SocketException, IOException
>> {
>> System.out.println("***** In 3 ********");
>> super.connect(address, port, localAddress, localPort);
>>
>> this.secure(this.pbsz,this.prot);
>> }
>>
>> /**
>> * @see org.apache.commons.net.SocketClient#connect(java.lang.String,
>> int)
>> */
>> public void connect(String address, int port) throws SocketException,
>> IOException
>> {
>> System.out.println("FTPSClient***** In 4 ********");
>> System.out.println("Address=" + address);
>> System.out.println("Port=" + port);
>> super.connect(address, port);
>>
>> this.secure(this.pbsz,this.prot);
>> }
>>
>> /**
>> *
>> * Initialize the secure connection with the FTP server, throw the AUTH
>> SSL
>> o TLS command.
>> * Get the socket with the server, starting the "handshake" making the
>> socket, with a layer of securety,
>> * and initializing the stream of connection.
>> *
>> *
>> * @param pbsz Protection Buffer Size: "0" is a good value
>> * @param prot Data Channel Protection Level:
>> * Posible values:
>> * C - Clear
>> * S - Safe
>> * E - Confidential
>> * P - PrivateType of secure connection
>> *
>> * @throws IOException If there is any problem with the connection.
>> */
>> protected void secure(String pbsz, String prot) throws IOException {
>> this.sendCommand("AUTH", sslContext);
>>
>> SSLSocket socket =
>> (SSLSocket)this.context.getSocketFactory().createSocket(this._socket_,
>> this.getRemoteAddress().getHostAddress(), this.getRemotePort(), true);
>>
>> socket.startHandshake();
>>
>> this._socket_ = socket;
>>
>> this._controlInput_ = new BufferedReader(new
>> InputStreamReader(socket.getInputStream(), getControlEncoding()));
>> this._controlOutput_ = new BufferedWriter(new
>> OutputStreamWriter(socket.getOutputStream(), getControlEncoding()));
>>
>> this.setSocketFactory( new FTPSSocketFactory(this.context));
>>
>> this.sendCommand("PBSZ", pbsz);
>> this.sendCommand("PROT", prot);
>> }
>>
>> /**
>> * @see
>> org.apache.commons.net.ftp.FTPCliente#_openDataConnection_(java.lang.String,
>> int)
>> */
>> protected Socket _openDataConnection_(int command, String arg) throws
>> IOException {
>> Socket socket = super._openDataConnection_(command, arg);
>> if (socket != null) {
>> ((SSLSocket)socket).startHandshake();
>> }
>> return socket;
>> }
>>
>> }
>>
>>
>>
>>
>> Regards,
>>
>>
>>
>> Rory Winston wrote:
>>
>>> Stevw
>>>
>>> I think that's a great suggestion. It moves us forward without
>>> necessarily sacrificing backwards compatability.
>>>
>>> I have had a look at the classes written by Jose and Paul, and
>>> incorporated them into my local branch copy. I had to make one minor
>>> change to get them to work, but other than that they seem to work well.
>>> I set up a test FTPS server using FileZilla on my local machine and
>>> wrote some client code:
>>>
>>> FtpsClient client = new FtpsClient();
>>>
>>> client.connect("127.0.0.1");
>>> client.addProtocolCommandListener(new
>>> PrintCommandListener(new PrintWriter(System.out)));
>>> client.login("user", "pass");
>>> client.cwd("test");
>>>
>>> for (FTPFile file : client.listFiles()) {
>>> System.out.println(file.getName());
>>> }
>>>
>>> OutputStream out = new
>>> FileOutputStream("c:\\temp\\test.war");
>>> client.retrieveFile("test.war", out);
>>> client.disconnect();
>>>
>>> and it seems to work a treat. If we are agreed that we should go down
>>> this parallel branch route, then I can move the JDK_1_4_BRANCH to
>>> something more sensible (i.e. Daniel's suggestion a while back to make
>>> the 1.4+ branch version 2), maybe NET_2_0_0. We can use the com.sun.*
>>> stuff for the 1.3 branch (which will probably be our 1.5.0 release)?
>>>
>>> Rory
>>>
>>> Steve Cohen wrote:
>>>
>>>
>>>> Thank you for this explanation. It is good to actually look at the
>>>> code instead of making assumptions, which is what I have been doing.
>>>>
>>>> The JSSE's jar does not provide javax.net.ssl versions of the
>>>> com.sun.net.ssl interfaces And, after doing a little research, I find
>>>> that there are differences between JSSE 1.0.3 and the packages in JDK
>>>> 1.4, such that there is no backward compatibility. Basically, JSSE
>>>> 1.0.x is a prototype, a hack through which Sun worked out the bugs,
>>>> culminating in the better implementation that they released in 1.4.
>>>> They did not just move the JSSE.jar code into JDK 1.4. They also
>>>> improved it.
>>>>
>>>> Since these are new classes for us, I think it makes little sense to
>>>> tie into backward compatibility from the start, when that backward
>>>> compatibility is already out of date. I don't think there is a clean
>>>> way to have one code base that will work the way we'd like it for both
>>>> cases.
>>>>
>>>> Therefore, I think the solution for this is for Jakarta Commons Net to
>>>> take Rory Winston's suggestion and start a new branch of Commons Net
>>>> for JDK 1.4 only (for this and other reasons) and maintain two
>>>> branches for awhile, the current HEAD branch for 1.3 compatibility and
>>>> the new branch for 1.4. The new branch can use the javax.ssl.net
>>>> classes, the old one can use com.sun.net.
>>>>
>>>>
>>>> Jose Juan Montiel wrote:
>>>>
>>>>
>>>>> Hi Steve,
>>>>>
>>>>>
>>>>>
>>>>>> What I think you're missing is that if you put jsse.jar on your
>>>>>> classpath, you can use javax.net.ssl with java 1.3.
>>>>>>
>>>>>
>>>>> maybe i don't explain well, sorry.
>>>>>
>>>>> The three classes of com.sun.net.ssl that are used for implement FTPS
>>>>> (in the way that Paul did and I modified, maybe there is another...)
>>>>> are...
>>>>>
>>>>> com.sun.net.ssl.KeyManagerFactory
>>>>> (http://java.sun.com/products/jsse/doc/apidoc/com/sun/net/ssl/KeyManagerFactory.html)
>>>>>
>>>>>
>>>>>
>>>>> com.sun.net.ssl.SSLContext
>>>>> (http://java.sun.com/products/jsse/doc/apidoc/com/sun/net/ssl/SSLContext.html)
>>>>>
>>>>>
>>>>>
>>>>> com.sun.net.ssl.TrustManager
>>>>> (http://java.sun.com/products/jsse/doc/apidoc/com/sun/net/ssl/TrustManager.html)
>>>>>
>>>>>
>>>>>
>>>>> This classes in JSSE are only in the package com.sun.net.ssl, and
>>>>> although in JSSE 1.0.3 there are a packege javax.net.ssl, it doesn't
>>>>> contain this classes, it contains javax.net.ssl.SSLSocket, a classes
>>>>> soon used, to implement FTPS.
>>>>>
>>>>>
>>>>>
>>>>>> And the commons-net team would prefer to go that way because Sun
>>>>>> says that
>>>>>> com.sun.net may go away with some future release, but not
>>>>>> javax.net. Yes, this
>>>>>> would be a small inconvenience for java 1.3 users, but the stability
>>>>>> is worth it.
>>>>>>
>>>>>
>>>>> This three classes in JDK 1.4.2, were move to
>>>>>
>>>>> javax.net.ssl.KeyManagerFactory
>>>>> (http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/KeyManagerFactory.html)
>>>>>
>>>>>
>>>>>
>>>>> javax.net.ssl.SSLContext
>>>>> (http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/SSLContext.html)
>>>>>
>>>>> javax.net.ssl.TrustManager
>>>>> (http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/TrustManager.html)
>>>>>
>>>>>
>>>>> But if you download for example JDK 1.4.2 and look inside of (jre/lib)
>>>>> you'll find jsse.jar, the jar where still are com.sun.net.ssl. Sun,
>>>>> still mantain compatiblity with JDK 1.3.
>>>>>
>>>>> And still in JDK 1.5, you'll find jre/lib/jsse.jar.
>>>>>
>>>>> But when jsse.jar desapear, i offer to modified code...
>>>>>
>>>>> In other way if use javax.net.ssl.KeyManagerFactory ,
>>>>> javax.net.ssl.SSLContext, javax.net.ssl.TrustManager, ftps don't work
>>>>> under JDK 1.3.
>>>>>
>>>>> I hope explain better, this time.
>>>>>
>>>>> Then, make that you consider appropiate...
>>>>>
>>>>> Thanks all, for your time.
>>>>>
>>>>> --
>>>>> The whole purpose of places like Starbucks is
>>>>> for people with no decision-making ability
>>>>> whatsoever to make six decisions just to buy
>>>>> one cup of coffee. Short, tall, light, dark, caf,
>>>>> decaf, low-fat, non-fat, etc. So people who
>>>>> don't know what the hell they're doing or who
>>>>> on earth they are can, for only $2.95, get not
>>>>> just a cup of coffee but an absolutely defining
>>>>> sense of self: Tall. Decaf. Cappuccino.
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>>>
>>>>>
>>>>>
>>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>>
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>>>
>>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/-net--JSSE-classes-in-FTPS-WAS-Re%3A--net--FTPS-submission---legal-issues-tf1019716.html#a6315924
Sent from the Commons - Dev forum at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
