Niklas Gustavsson wrote:
On Tue, Feb 24, 2009 at 10:41 AM, Niklas Therning <[email protected]> wrote:
I'd like to set up FtpServer to use explicit FTPS and force the clients to
use SSL for both the control and data connections. Is this possible by
configuration only or do I have to write an Ftplet to achieve this?
You would have to write an Ftplet for this. That being said, this has
been frequently requested and we would therefore happily accept
contributions in this area!
/niklas
Ok,
Here's what I think the Ftplet needs to do:
Intercept the USER command and send back a 5xx error code if the control
connection isn't secure yet (the AUTH command hasn't been issued
previously or a negative response was sent for the AUTH command).
Intercept all the commands which opens a data connection (AFAICS these
are APPE, LIST, MLSD, NLST, RETR, STOR, STOU) and make sure that the
ServerDataConnectionFactory's is secure. If not secure, send back a 5xx
error code.
Please let me know if there is anything more I need to do or if there is
a better approach. Also, I have no idea how active connections are
handled. Will those also be forced to SSL mode with the scheme above?
--
Niklas Therning
www.spamdrain.net
