You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by ng...@apache.org on 2013/08/12 00:16:42 UTC
[47/50] [abbrv] git commit: Correctly set the data connection as
protected when using AUTH SSL
Correctly set the data connection as protected when using AUTH SSL
Fixes FTPSERVER-431
Also adds support for the TLS-C and TLS-P auth types
git-svn-id: https://svn.apache.org/repos/asf/mina/ftpserver/trunk@1332855 13f79535-47bb-0310-9956-ffa450edef68
Project: http://git-wip-us.apache.org/repos/asf/mina-ftpserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/mina-ftpserver/commit/7defa046
Tree: http://git-wip-us.apache.org/repos/asf/mina-ftpserver/tree/7defa046
Diff: http://git-wip-us.apache.org/repos/asf/mina-ftpserver/diff/7defa046
Branch: refs/heads/trunk
Commit: 7defa046ecab70f76568232c9f9504e26a101a74
Parents: ba0962b
Author: Niklas Gustavsson <ng...@apache.org>
Authored: Tue May 1 21:52:58 2012 +0000
Committer: Niklas Gustavsson <ng...@apache.org>
Committed: Tue May 1 21:52:58 2012 +0000
----------------------------------------------------------------------
.../java/org/apache/ftpserver/command/impl/AUTH.java | 11 ++++++++++-
.../ftpserver/ssl/ExplicitSecurityTestTemplate.java | 7 +++++++
.../ftpserver/ssl/MinaImplicitDataChannelTest.java | 4 ++++
3 files changed, 21 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/mina-ftpserver/blob/7defa046/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java b/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
index 06e030c..070ef48 100644
--- a/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
+++ b/core/src/main/java/org/apache/ftpserver/command/impl/AUTH.java
@@ -50,7 +50,7 @@ public class AUTH extends AbstractCommand {
private final Logger LOG = LoggerFactory.getLogger(AUTH.class);
- private static final List<String> VALID_AUTH_TYPES = Arrays.asList("SSL", "TLS");
+ private static final List<String> VALID_AUTH_TYPES = Arrays.asList("SSL", "TLS", "TLS-C", "TLS-P");
/**
* Execute command
@@ -100,6 +100,12 @@ public class AUTH extends AbstractCommand {
// check parameter
String authType = request.getArgument().toUpperCase();
if (VALID_AUTH_TYPES.contains(authType)) {
+ if(authType.equals("TLS-C")) {
+ authType = "TLS";
+ } else if(authType.equals("TLS-P")) {
+ authType = "SSL";
+ }
+
try {
secureSession(session, authType);
session.write(LocalizedFtpReply.translate(session, request, context,
@@ -141,6 +147,9 @@ public class AUTH extends AbstractCommand {
session.getFilterChain().addFirst(SSL_SESSION_FILTER_NAME,
sslFilter);
+ if("SSL".equals(type)) {
+ session.getDataConnection().setSecure(true);
+ }
} else {
throw new FtpException("Socket factory SSL not configured");
}
http://git-wip-us.apache.org/repos/asf/mina-ftpserver/blob/7defa046/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java b/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
index a8bd82d..69b0df0 100644
--- a/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
+++ b/core/src/test/java/org/apache/ftpserver/ssl/ExplicitSecurityTestTemplate.java
@@ -47,12 +47,19 @@ public abstract class ExplicitSecurityTestTemplate extends SSLTestTemplate {
client.login(ADMIN_USERNAME, ADMIN_PASSWORD);
}
+ protected boolean expectDataConnectionSecure() {
+ return getAuthValue().equals("SSL") && !useImplicit();
+ }
+
/**
* Tests that we can send command over the command channel. This is, in fact
* already tested by login in setup but an explicit test is good anyways.
*/
public void testCommandChannel() throws Exception {
assertTrue(getActiveSession().isSecure());
+
+ assertEquals(expectDataConnectionSecure(), getActiveSession().getDataConnection().isSecure());
+
assertTrue(FTPReply.isPositiveCompletion(client.noop()));
}
http://git-wip-us.apache.org/repos/asf/mina-ftpserver/blob/7defa046/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java b/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java
index 2f34be7..e9d0355 100644
--- a/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java
+++ b/core/src/test/java/org/apache/ftpserver/ssl/MinaImplicitDataChannelTest.java
@@ -61,6 +61,10 @@ public class MinaImplicitDataChannelTest extends ImplicitSecurityTestTemplate {
return true;
}
+ protected boolean expectDataConnectionSecure() {
+ return true;
+ }
+
/**
* Simple test that the {@link ServerDataConnectionFactory#isSecure()}
* works as expected