You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Ketan (Created) (JIRA)" <ji...@apache.org> on 2011/10/23 05:27:32 UTC
[jira] [Created] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
----------------------------------------------------------------------------------------
Key: NET-426
URL: https://issues.apache.org/jira/browse/NET-426
Project: Commons Net
Issue Type: Bug
Components: FTP
Affects Versions: 3.0.1
Reporter: Ketan
Priority: Critical
Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Issue Comment Edited] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (Issue Comment Edited) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13135229#comment-13135229 ]
Ketan edited comment on NET-426 at 10/25/11 4:58 PM:
-----------------------------------------------------
Here is code snippet I was playing with. I had this executed before data connection handshake starting. Note this is for SunJSSE provider since I had Sun's JVM installed:
{code:java}
SSLSocket sslControlSocket = (SSLSocket) controlConnectionSocket;
String host = "host.used.to.connect.to.data.socket";
try {
SSLSession sess = sslControlSocket.getSession();
SSLSessionContext sessions = sess.getSessionContext();
// SunJSSE 1.6 specific code
Field cache = sessions.getClass().getDeclaredField(
"sessionHostPortCache");
cache.setAccessible(true);
Object c = cache.get(sessions);
String key = (host + ":" + String.valueOf(socket.getPort()))
.toLowerCase();
// Class<?> cc = Class.forName("sun.security.util.Cache");
Class<?> cc = c.getClass();
cc.getDeclaredMethod("put", Object.class, Object.class).invoke(
c, key, sess);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
{code}
was (Author: ktp420):
Here is code snippet I was playing with. I had this executed before data connection handshake starting. Note this is for SunJSSE provider since I had Sun's JVM installed:
{code:java}
SSLSocket sslControlSocket = (SSLSocket) controlConnectionSocket;
String host = "host.used.to.connect.to.socket";
try {
SSLSession sess = sslControlSocket.getSession();
SSLSessionContext sessions = sess.getSessionContext();
// SunJSSE 1.6 specific code
Field cache = sessions.getClass().getDeclaredField(
"sessionHostPortCache");
cache.setAccessible(true);
Object c = cache.get(sessions);
String key = (host + ":" + String.valueOf(socket.getPort()))
.toLowerCase();
// Class<?> cc = Class.forName("sun.security.util.Cache");
Class<?> cc = c.getClass();
cc.getDeclaredMethod("put", Object.class, Object.class).invoke(
c, key, sess);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
{code}
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Sebb (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13429574#comment-13429574 ]
Sebb commented on NET-426:
--------------------------
Can you provide a new patch?
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Fix For: 3.1
>
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Sebb (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sebb resolved NET-426.
----------------------
Resolution: Fixed
Fix Version/s: 3.2
Thanks for the patch, implemented in:
URL: http://svn.apache.org/viewvc?rev=1374495&view=rev
Log:
NET-426 FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
Properly interface with FTPClient.openDataConnection(String, String)
Modified:
commons/proper/net/trunk/src/changes/changes.xml
commons/proper/net/trunk/src/main/java/org/apache/commons/net/ftp/FTPSClient.java
I changed the implementation of _openDataConnection_(int command, String arg) to directly call _openDataConnection_(String command, String arg) in the current class, as it seemed clearer than bouncing via the parent.
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Fix For: 3.2, 3.1
>
> Attachments: FTPSClient.patch, FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13136335#comment-13136335 ]
Ketan commented on NET-426:
---------------------------
Yes, I am using verifyRemote right now as workaround.
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "David Kocher (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13136189#comment-13136189 ]
David Kocher commented on NET-426:
----------------------------------
Thanks for the sample. Will give it a try as well. I suggest one could override #verifyRemote to do the injection in the cache.
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13135229#comment-13135229 ]
Ketan commented on NET-426:
---------------------------
Here is code snippet I was playing with. I had this executed before data connection handshake starting. Note this is for SunJSSE provider since I had Sun's JVM installed:
SSLSocket sslControlSocket = (SSLSocket) controlConnectionSocket;
String host = "host.used.to.connect.to.socket";
try {
SSLSession sess = sslControlSocket.getSession();
SSLSessionContext sessions = sess.getSessionContext();
// SunJSSE 1.6 specific code
Field cache = sessions.getClass().getDeclaredField(
"sessionHostPortCache");
cache.setAccessible(true);
Object c = cache.get(sessions);
String key = (host + ":" + String.valueOf(socket.getPort()))
.toLowerCase();
// Class<?> cc = Class.forName("sun.security.util.Cache");
Class<?> cc = c.getClass();
cc.getDeclaredMethod("put", Object.class, Object.class).invoke(
c, key, sess);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Reopened] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ketan reopened NET-426:
-----------------------
the _prepareDataSocket_ method doesn't work for retrieving and storing file since these methods call org.apache.commons.net.ftp.FTPClient._openDataConnection_(String, String) method, which does not call _prepareDataSocket_ method.
Can we get this fixed? Without this you still get errors.
Here are the methods that are calling org.apache.commons.net.ftp.FTPClient._openDataConnection_(String, String)
org.apache.commons.net.ftp - commons-net.jar
_openDataConnection_(int, String)
_retrieveFile(String, String, OutputStream)
_retrieveFileStream(String, String)
_storeFile(String, String, InputStream)
_storeFileStream(String, String)
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Fix For: 3.1
>
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "David Kocher (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13134437#comment-13134437 ]
David Kocher commented on NET-426:
----------------------------------
I would be interested to see this workaround using reflection if you can share.
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13133688#comment-13133688 ]
Ketan commented on NET-426:
---------------------------
Noting that can be used in production code...but for testing I am thinking of using reflection to add the SSLSession from control channel socket to JSSE provider's cache based on host and port. If the SSLSession is added before handshake then session is resumed.
I did simple test based on Sun and IBM JSSE providers and it seems to work. Again not idea solution but gets around for my needs since I can't change the VSFTPD config which requires ssl resume on data channel.
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ketan updated NET-426:
----------------------
Attachment: FTPSClient.patch
New patch to make FTPSClient work with retrieve and send command.
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Fix For: 3.1
>
> Attachments: FTPSClient.patch, FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Sebb (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sebb updated NET-426:
---------------------
Priority: Major (was: Critical)
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Fix For: 3.1
>
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ketan updated NET-426:
----------------------
Attachment: FTPSClient.patch
patch which adds _prepareDataSocket_(Socket socket) method to FTPSClient.java
Maybe this should be in FTPClient instead of FTPSClient.java
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Issue Comment Edited] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (Issue Comment Edited) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13135229#comment-13135229 ]
Ketan edited comment on NET-426 at 10/25/11 5:03 PM:
-----------------------------------------------------
Here is code snippet I was playing with. I had this executed before data connection handshake starting. Note this is for SunJSSE provider since I had Sun's JVM installed:
{code:java}
SSLSocket sslControlSocket = (SSLSocket) controlConnectionSocket;
String host = "host.used.to.connect.to.data.socket";
int port = dataPort; // dataSocket.getPort();
try {
SSLSession sess = sslControlSocket.getSession();
SSLSessionContext sessions = sess.getSessionContext();
// SunJSSE 1.6 specific code
Field cache = sessions.getClass().getDeclaredField(
"sessionHostPortCache");
cache.setAccessible(true);
Object c = cache.get(sessions);
String key = (host + ":" + String.valueOf(port))
.toLowerCase();
// Class<?> cc = Class.forName("sun.security.util.Cache");
Class<?> cc = c.getClass();
cc.getDeclaredMethod("put", Object.class, Object.class).invoke(
c, key, sess);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
{code}
was (Author: ktp420):
Here is code snippet I was playing with. I had this executed before data connection handshake starting. Note this is for SunJSSE provider since I had Sun's JVM installed:
{code:java}
SSLSocket sslControlSocket = (SSLSocket) controlConnectionSocket;
String host = "host.used.to.connect.to.data.socket";
try {
SSLSession sess = sslControlSocket.getSession();
SSLSessionContext sessions = sess.getSessionContext();
// SunJSSE 1.6 specific code
Field cache = sessions.getClass().getDeclaredField(
"sessionHostPortCache");
cache.setAccessible(true);
Object c = cache.get(sessions);
String key = (host + ":" + String.valueOf(socket.getPort()))
.toLowerCase();
// Class<?> cc = Class.forName("sun.security.util.Cache");
Class<?> cc = c.getClass();
cc.getDeclaredMethod("put", Object.class, Object.class).invoke(
c, key, sess);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
{code}
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "David Kocher (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13133605#comment-13133605 ]
David Kocher commented on NET-426:
----------------------------------
Do you have a workaround for NET-408 with this?
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Sebb (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sebb resolved NET-426.
----------------------
Resolution: Fixed
Fix Version/s: 3.1
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Fix For: 3.1
>
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Issue Comment Edited] (NET-426) FTPS: Hook to customize
_openDataConnection_ SSLSocket before startHandshake() is called
Posted by "Ketan (Issue Comment Edited) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/NET-426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13135229#comment-13135229 ]
Ketan edited comment on NET-426 at 10/25/11 4:58 PM:
-----------------------------------------------------
Here is code snippet I was playing with. I had this executed before data connection handshake starting. Note this is for SunJSSE provider since I had Sun's JVM installed:
{code:java}
SSLSocket sslControlSocket = (SSLSocket) controlConnectionSocket;
String host = "host.used.to.connect.to.socket";
try {
SSLSession sess = sslControlSocket.getSession();
SSLSessionContext sessions = sess.getSessionContext();
// SunJSSE 1.6 specific code
Field cache = sessions.getClass().getDeclaredField(
"sessionHostPortCache");
cache.setAccessible(true);
Object c = cache.get(sessions);
String key = (host + ":" + String.valueOf(socket.getPort()))
.toLowerCase();
// Class<?> cc = Class.forName("sun.security.util.Cache");
Class<?> cc = c.getClass();
cc.getDeclaredMethod("put", Object.class, Object.class).invoke(
c, key, sess);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
{code}
was (Author: ktp420):
Here is code snippet I was playing with. I had this executed before data connection handshake starting. Note this is for SunJSSE provider since I had Sun's JVM installed:
SSLSocket sslControlSocket = (SSLSocket) controlConnectionSocket;
String host = "host.used.to.connect.to.socket";
try {
SSLSession sess = sslControlSocket.getSession();
SSLSessionContext sessions = sess.getSessionContext();
// SunJSSE 1.6 specific code
Field cache = sessions.getClass().getDeclaredField(
"sessionHostPortCache");
cache.setAccessible(true);
Object c = cache.get(sessions);
String key = (host + ":" + String.valueOf(socket.getPort()))
.toLowerCase();
// Class<?> cc = Class.forName("sun.security.util.Cache");
Class<?> cc = c.getClass();
cc.getDeclaredMethod("put", Object.class, Object.class).invoke(
c, key, sess);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
> FTPS: Hook to customize _openDataConnection_ SSLSocket before startHandshake() is called
> ----------------------------------------------------------------------------------------
>
> Key: NET-426
> URL: https://issues.apache.org/jira/browse/NET-426
> Project: Commons Net
> Issue Type: Bug
> Components: FTP
> Affects Versions: 3.0.1
> Reporter: Ketan
> Priority: Critical
> Attachments: FTPSClient.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Currently in FTPSClient class, there is protected _openDataConnection_ method, which create SSLSocket for data connection. But there is no hook to customize the SSLSocket before startHandshake is called.
> I need to know the remote host ip and port, which i can get for socket, and do custom setup to try to reuse SSL sessions from control connection socket. Since the socket factory uses createSocket() method, I can't just use custom socket factory since I don't know the host and port. I can't just override the _openDataConnection_() method in my class since that will call the startHandshake().
> So it would be nice if you can provide hook, much like _connectAction_(), but for data connection before handshake is started. You can pass the new data socket as argument to this hook method so one can get remote host and port information.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira