[
https://issues.apache.org/jira/browse/FTPSERVER-244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12658200#action_12658200
]
Niklas Gustavsson commented on FTPSERVER-244:
---------------------------------------------
While I generally agree that the data connection should have defaulted to
secure, I think we're now at a stage where we need to make this configurable.
How about we add an implict SSL setting for the data connection as well, this
defaults to false but we encourage users to set this to true if they set
implicit SSL to true for the listener?
Jörg, do you feel like hacking on this, my time is very limited at the moment?
> Automatically do SSL on passive ports, if Session is implict FTPS
> -----------------------------------------------------------------
>
> Key: FTPSERVER-244
> URL: https://issues.apache.org/jira/browse/FTPSERVER-244
> Project: FtpServer
> Issue Type: Bug
> Affects Versions: 1.0.0-M4
> Environment: Client PowerTCP alias DartFTP, implicit FTPS
> Reporter: Jörg Schubert
> Attachments: patch_ServerSocket_3.txt
>
>
> I had some trouble with DartFTP as client in implicit ftps mode. The client
> expects, that the data channel is automatically secure, when the control
> channel is ssl. It does not issue a PROT command.
> I know there is no clean spec for implicit ftps.
> I fixed it in the constructor of IODataConnectionFactory, but maybe this
> behaviour should be configurable:
> public IODataConnectionFactory(final FtpServerContext serverContext,
> final FtpIoSession session) {
> this.session = session;
> this.serverContext = serverContext;
> // implicitly preset security
> this.secure=session.isSecure();
> }
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
