[
https://issues.apache.org/jira/browse/NET-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13019512#comment-13019512
]
Leif John Korshavn commented on NET-354:
----------------------------------------
Interesting case. Are you sure it really is the client that closes the
connection with an exception? Could it be the server refusing to process clear
text commands, and hence shutting the connection down.
Is CCC really supported in implicit mode? In my mind, implicit mode is an
"encrypted only" channel from start to end with even a dedicated port number.
The chapter "Scope of use" in this article confirms my opinion:
http://en.wikipedia.org/wiki/FTPS
Erick, I believe you when you say that CCC works for the subsequent commands
when not explicitly closing down the SSLSocket, I merely want to point out that
this may be a gray area with regards to how specific the specs/rfcs are. You do
know that explicit mode is the recommended mode?
Unfortunately, I am not able to run your test code, as I only use the FTPS
client against a FTP Server on IBM Mainframe, supporting only explicit mode and
with rigid corporate firewalls between me and it. The code with the patch I
submitted is in daily use in test, the application will go live in May.
I am also afraid of simply discarding the SSLSocket object, as this in a long
running server could lead to a significant leakage of resources/open files (I
might be wrong, but...)
> FTPSClient not properly supporting CCC and PROT P
> -------------------------------------------------
>
> Key: NET-354
> URL: https://issues.apache.org/jira/browse/NET-354
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 2.2
> Environment: Applies to all environments
> Reporter: Leif John Korshavn
> Fix For: 3.0
>
> Attachments: CCCTester.java, CCC_bugs_in_FTPSClient.patch
>
>
> FTPSClient does not behave properly after issuing CCC (Clear Command
> Channel). Proper behaviour is to close SSLSocket, but keep underlying
> connection without SSL open.
> To achieve this, the SSLSocket should be created with "false", like this on
> line 255 (of FTPSClient v2.2)
> SSLSocket socket =
> (SSLSocket) ssf.createSocket(_socket_, ip, port, false);
> Furthermore, on sendCommand CCC, sslSocket must be closed before setting
> _socket = _plainsocket on line 493:
> _socket.close();
> _socket = _plainsocket;
> ...
> And finally, it is wrong to set socket factory to null on line 500 of the
> same method; this is set properly in exexPROT and should not be reset on CCC.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
