You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Leif John Korshavn (JIRA)" <ji...@apache.org> on 2011/05/05 08:23:03 UTC

[jira] [Commented] (NET-354) FTPSClient not properly supporting CCC and PROT P

    [ https://issues.apache.org/jira/browse/NET-354?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13029161#comment-13029161 ] 

Leif John Korshavn commented on NET-354:
----------------------------------------

Finally I got a download from GlobalScape. I have installed their EFT Server 6.3.0 for trial on Windows. I have been able to reproduce Ericks result, and I have some interesting observations:

Apache FTPS client (rel 2.2) implicit mode -> CCC OK
Apache FTPS client (rel 2.2) explicit mode -> CCC OK
Apache FTPS client (3.0-SNAPSHOT) implicit mode -> CCC FAILS!
Apache FTPS client (3.0-SNAPSHOT) explicit mode -> CCC FAILS!

So this means that Erick indeed has discovered some new behaviour introduced in the current snapshot (i.e. my patch). It also applies to explicit mode. I will investigate further.


> FTPSClient not properly supporting CCC and PROT P
> -------------------------------------------------
>
>                 Key: NET-354
>                 URL: https://issues.apache.org/jira/browse/NET-354
>             Project: Commons Net
>          Issue Type: Bug
>          Components: FTP
>    Affects Versions: 2.2
>         Environment: Applies to all environments
>            Reporter: Leif John Korshavn
>             Fix For: 3.0
>
>         Attachments: CCCTester.java, CCC_bugs_in_FTPSClient.patch
>
>
> FTPSClient does not behave properly after issuing CCC (Clear Command Channel). Proper behaviour is to close SSLSocket, but keep underlying connection without SSL open.
> To achieve this, the SSLSocket should be created with "false", like this on line 255 (of FTPSClient v2.2)
> SSLSocket socket =
> (SSLSocket) ssf.createSocket(_socket_, ip, port, false);
> Furthermore, on sendCommand CCC, sslSocket must be closed before setting _socket = _plainsocket on line 493:
>    _socket.close();
>    _socket = _plainsocket;
>    ...
> And finally, it is wrong to set socket factory to null on line 500 of the same method; this is set properly in exexPROT and should not be reset on CCC.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira