Hi. Oddly enough, I took out the code where you pass the login and password, in my FTPSClient (i.e. //client.login("test","test");) and got connected.
However, whenever I did a command listing, it will just hang like before. so anything to do like //client.cwd("temp"); //client.list(); will hang.. btw. I took the latest FTPSClient code from Apache too. M wrote: > > Hi. > > Yes I did generate the certificate and tested using filezilla client. It > worked from filezilla client though. > > I updated apache's secure code.. > > meaning commented: > //this.sendCommand("PBSZ", pbsz); > //this.sendCommand("PROT", prot); > > > It got connected but not the login now.. > > 220-FileZilla Server version 0.9.18 beta > 220-written by Tim Kosse ([EMAIL PROTECTED]) > 220 Please visit http://sourceforge.net/projects/filezilla/ > AUTH SSL > 234 Using authentication type SSL > ******1 > ******2 > ******3 > ******4 > ******5 > *** Connected ************ > Is Connected:true > USER test > Exception in thread "main" > org.apache.commons.net.ftp.FTPConnectionClosedException: Connection closed > without indication. > at org.apache.commons.net.ftp.FTP.__getReply(FTP.java:267) > at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:460) > at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:520) > at org.apache.commons.net.ftp.FTP.user(FTP.java:670) > at org.apache.commons.net.ftp.FTPClient.login(FTPClient.java:637) > at TestFTPS.main(TestFTPS.java:31) > > FTPSClient client = new FTPSClient("JKS","SSL","password","0","P"); > //FTPSClient client = new FTPSClient(); > //client.setReaderThread(false); > client.addProtocolCommandListener(new PrintCommandListener(new > PrintWriter(System.out))); > client.connect("127.0.0.1"); > System.out.println("*** Connected ************"); > System.out.println("Is Connected:" + client.isConnected()); > client.login("test", "test"); > System.out.println("Is Connected:" + client.isConnected()); > System.out.println("*** Passed Login ****"); > > Appreciate any advise. > > regards, > > Rory Winston wrote: >> >> I've tried this with Filezilla server, and it worked fine for me. Some >> initial issues I had: >> >> 1. Home dirs not being set up correctly (Filezilla will complain about >> this) >> 2. Have you generated the server certificate yourself? >> >> M wrote: >>> Hi. >>> Thanks for your reply. I did try that but still dont see anything more >>> that >>> would be helpful. I see an entry in the filezilla server but says not >>> logged in. >>> >>> FTPSClient client = new FTPSClient(); >>> //client.setReaderThread(false); >>> client.addProtocolCommandListener(new PrintCommandListener(new >>> PrintWriter(System.out))); >>> client.connect("127.0.0.1", 990); >>> >>> regards, >>> >>> >>> Rory Winston wrote: >>> >>>> Can you attach a PrintCommandListener to the client, so you can see the >>>> commands being passed over the wire? >>>> >>>> FTPSClient client = new FTPSClient( ... ); >>>> client.addProtocolCommandListener(new PrintCommandListener(new >>>> PrintWriter(System.out))); >>>> >>>> Then you can see what is actually happening. >>>> >>>> Cheers >>>> Rory >>>> >>>> >>>> >>>> M wrote: >>>> >>>>> Hi Rory. >>>>> >>>>> I tried the apache Jakarta FTPSClient to connect to filezilla ftps >>>>> listening >>>>> on port 990. >>>>> >>>>> When I use ftps.connect("localhost", 990); it does not get connected. >>>>> >>>>> FTPSClient client = new FTPSClient("JKS","SSL","password","0","P"); >>>>> System.out.println("*****"); >>>>> >>>>> client.connect("127.0.0.1",990); >>>>> System.out.println("*****"); >>>>> client.getStatus(); >>>>> System.out.println("*****"); >>>>> >>>>> >>>>> Appreciate any tips. Thanks. >>>>> >>>>> Here's the code I downloaded from Apache Jakarta: >>>>> >>>>> /* >>>>> * Copyright 2001-2005 The Apache Software Foundation >>>>> * >>>>> * Licensed under the Apache License, Version 2.0 (the "License"); >>>>> * you may not use this file except in compliance with the License. >>>>> * You may obtain a copy of the License at >>>>> * >>>>> * http://www.apache.org/licenses/LICENSE-2.0 >>>>> * >>>>> * Unless required by applicable law or agreed to in writing, software >>>>> * distributed under the License is distributed on an "AS IS" BASIS, >>>>> * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or >>>>> implied. >>>>> * See the License for the specific language governing permissions and >>>>> * limitations under the License. >>>>> */ >>>>> >>>>> >>>>> import java.io.BufferedReader; >>>>> import java.io.BufferedWriter; >>>>> import java.io.IOException; >>>>> import java.io.InputStreamReader; >>>>> import java.io.OutputStreamWriter; >>>>> import java.net.InetAddress; >>>>> import java.net.Socket; >>>>> import java.net.SocketException; >>>>> import java.security.KeyStore; >>>>> >>>>> import javax.net.ssl.KeyManagerFactory; >>>>> import javax.net.ssl.SSLContext; >>>>> import javax.net.ssl.SSLSocket; >>>>> import javax.net.ssl.TrustManager; >>>>> >>>>> import org.apache.commons.net.SocketFactory; >>>>> import org.apache.commons.net.ftp.FTPClient; >>>>> >>>>> >>>>> >>>>> /** >>>>> * >>>>> * This class extends [EMAIL PROTECTED] >>>>> org.apache.commons.net.ftp.FTPClient} to >>>>> add >>>>> * the necessary methods that implement SSL/TLS-FTPS. >>>>> * >>>>> */ >>>>> public class FTPSClient extends FTPClient { >>>>> >>>>> // Represent the method to the FTP command AUTH... >>>>> private String sslContext; >>>>> >>>>> // Secure context (can be "TLS" or "SSL") >>>>> private SSLContext context; >>>>> >>>>> private String pbsz; >>>>> private String prot; >>>>> >>>>> private BufferedReader _controlInput_; >>>>> >>>>> private BufferedWriter _controlOutput_; >>>>> >>>>> >>>>> /** >>>>> * Default constructor that selects some default options (TLS >>>>> encryption) >>>>> * >>>>> */ >>>>> public FTPSClient() { >>>>> this("JCEKS", "TLS", "password", "0", "P"); >>>>> } >>>>> >>>>> >>>>> /** >>>>> * >>>>> * Constructor that initializes the secure connection. >>>>> * >>>>> * @param keyStoreName Type of instance KeyStore, JKS for Java 1.3 y >>>>> JCEKS >>>>> for Java 1.4 >>>>> * @param sslContext Type of the instance SSLContext, can be SSL or >>>>> TLS. >>>>> * @param password The password to access the KeyStore. >>>>> * @param pbsz Protection buffer size (Use 0 to indicate streaming) >>>>> * @param prot The protection level for the data channel >>>>> */ >>>>> public FTPSClient(String keyStoreName, String sslContext, String >>>>> password, >>>>> String pbsz, String prot) { >>>>> this.sslContext = sslContext; >>>>> this.pbsz = pbsz; >>>>> this.prot = prot; >>>>> >>>>> try { >>>>> KeyStore keyStore = KeyStore.getInstance(keyStoreName); >>>>> >>>>> keyStore.load(null, password.toCharArray()); >>>>> >>>>> KeyManagerFactory keyManagerFactory = >>>>> KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); >>>>> >>>>> keyManagerFactory.init(keyStore, >>>>> password.toCharArray()); >>>>> >>>>> this.context = SSLContext.getInstance(sslContext); >>>>> >>>>> this.context.init( >>>>> keyManagerFactory.getKeyManagers(), >>>>> new TrustManager[] { (TrustManager) new >>>>> FTPSTrustManager() }, null >>>>> ); >>>>> } catch (Exception e) { >>>>> e.printStackTrace(); >>>>> } >>>>> } >>>>> >>>>> /** >>>>> * @see >>>>> org.apache.commons.net.SocketClient#connect(java.net.InetAddress, >>>>> int, java.net.InetAddress, int) >>>>> */ >>>>> public void connect(InetAddress address, int port, InetAddress >>>>> localAddress, int localPort) throws SocketException, IOException >>>>> { >>>>> System.out.println("***** In 1 ********"); >>>>> super.connect(address, port, localAddress, localPort); >>>>> >>>>> this.secure(this.pbsz,this.prot); >>>>> } >>>>> >>>>> /** >>>>> * @see >>>>> org.apache.commons.net.SocketClient#connect(java.net.InetAddress, >>>>> int) >>>>> */ >>>>> public void connect(InetAddress address, int port) throws >>>>> SocketException, >>>>> IOException >>>>> { >>>>> System.out.println("***** In 2 ********"); >>>>> super.connect(address, port); >>>>> >>>>> this.secure(this.pbsz,this.prot); >>>>> } >>>>> >>>>> /** >>>>> * @see org.apache.commons.net.SocketClient#connect(java.lang.String, >>>>> int, >>>>> java.net.InetAddress, int) >>>>> */ >>>>> public void connect(String address, int port, InetAddress >>>>> localAddress, >>>>> int >>>>> localPort) throws SocketException, IOException >>>>> { >>>>> System.out.println("***** In 3 ********"); >>>>> super.connect(address, port, localAddress, localPort); >>>>> >>>>> this.secure(this.pbsz,this.prot); >>>>> } >>>>> >>>>> /** >>>>> * @see org.apache.commons.net.SocketClient#connect(java.lang.String, >>>>> int) >>>>> */ >>>>> public void connect(String address, int port) throws SocketException, >>>>> IOException >>>>> { >>>>> System.out.println("FTPSClient***** In 4 ********"); >>>>> System.out.println("Address=" + address); >>>>> System.out.println("Port=" + port); >>>>> super.connect(address, port); >>>>> >>>>> this.secure(this.pbsz,this.prot); >>>>> } >>>>> >>>>> /** >>>>> * >>>>> * Initialize the secure connection with the FTP server, throw the >>>>> AUTH >>>>> SSL >>>>> o TLS command. >>>>> * Get the socket with the server, starting the "handshake" making >>>>> the >>>>> socket, with a layer of securety, >>>>> * and initializing the stream of connection. >>>>> * >>>>> * >>>>> * @param pbsz Protection Buffer Size: "0" is a good value >>>>> * @param prot Data Channel Protection Level: >>>>> * Posible values: >>>>> * C - Clear >>>>> * S - Safe >>>>> * E - Confidential >>>>> * P - PrivateType of secure connection >>>>> * >>>>> * @throws IOException If there is any problem with the connection. >>>>> */ >>>>> protected void secure(String pbsz, String prot) throws IOException { >>>>> this.sendCommand("AUTH", sslContext); >>>>> >>>>> SSLSocket socket = >>>>> (SSLSocket)this.context.getSocketFactory().createSocket(this._socket_, >>>>> this.getRemoteAddress().getHostAddress(), this.getRemotePort(), true); >>>>> >>>>> socket.startHandshake(); >>>>> >>>>> this._socket_ = socket; >>>>> >>>>> this._controlInput_ = new BufferedReader(new >>>>> InputStreamReader(socket.getInputStream(), getControlEncoding())); >>>>> this._controlOutput_ = new BufferedWriter(new >>>>> OutputStreamWriter(socket.getOutputStream(), getControlEncoding())); >>>>> >>>>> this.setSocketFactory( new FTPSSocketFactory(this.context)); >>>>> >>>>> this.sendCommand("PBSZ", pbsz); >>>>> this.sendCommand("PROT", prot); >>>>> } >>>>> >>>>> /** >>>>> * @see >>>>> org.apache.commons.net.ftp.FTPCliente#_openDataConnection_(java.lang.String, >>>>> int) >>>>> */ >>>>> protected Socket _openDataConnection_(int command, String arg) throws >>>>> IOException { >>>>> Socket socket = super._openDataConnection_(command, arg); >>>>> if (socket != null) { >>>>> ((SSLSocket)socket).startHandshake(); >>>>> } >>>>> return socket; >>>>> } >>>>> >>>>> } >>>>> >>>>> >>>>> >>>>> >>>>> Regards, >>>>> >>>>> >>>>> >>>>> Rory Winston wrote: >>>>> >>>>> >>>>>> Stevw >>>>>> >>>>>> I think that's a great suggestion. It moves us forward without >>>>>> necessarily sacrificing backwards compatability. >>>>>> >>>>>> I have had a look at the classes written by Jose and Paul, and >>>>>> incorporated them into my local branch copy. I had to make one minor >>>>>> change to get them to work, but other than that they seem to work >>>>>> well. >>>>>> I set up a test FTPS server using FileZilla on my local machine and >>>>>> wrote some client code: >>>>>> >>>>>> FtpsClient client = new FtpsClient(); >>>>>> >>>>>> client.connect("127.0.0.1"); >>>>>> client.addProtocolCommandListener(new >>>>>> PrintCommandListener(new PrintWriter(System.out))); >>>>>> client.login("user", "pass"); >>>>>> client.cwd("test"); >>>>>> >>>>>> for (FTPFile file : client.listFiles()) { >>>>>> System.out.println(file.getName()); >>>>>> } >>>>>> >>>>>> OutputStream out = new >>>>>> FileOutputStream("c:\\temp\\test.war"); >>>>>> client.retrieveFile("test.war", out); >>>>>> client.disconnect(); >>>>>> >>>>>> and it seems to work a treat. If we are agreed that we should go down >>>>>> this parallel branch route, then I can move the JDK_1_4_BRANCH to >>>>>> something more sensible (i.e. Daniel's suggestion a while back to >>>>>> make >>>>>> the 1.4+ branch version 2), maybe NET_2_0_0. We can use the com.sun.* >>>>>> stuff for the 1.3 branch (which will probably be our 1.5.0 release)? >>>>>> >>>>>> Rory >>>>>> >>>>>> Steve Cohen wrote: >>>>>> >>>>>> >>>>>> >>>>>>> Thank you for this explanation. It is good to actually look at the >>>>>>> code instead of making assumptions, which is what I have been doing. >>>>>>> >>>>>>> The JSSE's jar does not provide javax.net.ssl versions of the >>>>>>> com.sun.net.ssl interfaces And, after doing a little research, I >>>>>>> find >>>>>>> that there are differences between JSSE 1.0.3 and the packages in >>>>>>> JDK >>>>>>> 1.4, such that there is no backward compatibility. Basically, JSSE >>>>>>> 1.0.x is a prototype, a hack through which Sun worked out the bugs, >>>>>>> culminating in the better implementation that they released in 1.4. >>>>>>> They did not just move the JSSE.jar code into JDK 1.4. They also >>>>>>> improved it. >>>>>>> >>>>>>> Since these are new classes for us, I think it makes little sense to >>>>>>> tie into backward compatibility from the start, when that backward >>>>>>> compatibility is already out of date. I don't think there is a >>>>>>> clean >>>>>>> way to have one code base that will work the way we'd like it for >>>>>>> both >>>>>>> cases. >>>>>>> >>>>>>> Therefore, I think the solution for this is for Jakarta Commons Net >>>>>>> to >>>>>>> take Rory Winston's suggestion and start a new branch of Commons Net >>>>>>> for JDK 1.4 only (for this and other reasons) and maintain two >>>>>>> branches for awhile, the current HEAD branch for 1.3 compatibility >>>>>>> and >>>>>>> the new branch for 1.4. The new branch can use the javax.ssl.net >>>>>>> classes, the old one can use com.sun.net. >>>>>>> >>>>>>> >>>>>>> Jose Juan Montiel wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Hi Steve, >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> What I think you're missing is that if you put jsse.jar on your >>>>>>>>> classpath, you can use javax.net.ssl with java 1.3. >>>>>>>>> >>>>>>>>> >>>>>>>> maybe i don't explain well, sorry. >>>>>>>> >>>>>>>> The three classes of com.sun.net.ssl that are used for implement >>>>>>>> FTPS >>>>>>>> (in the way that Paul did and I modified, maybe there is >>>>>>>> another...) >>>>>>>> are... >>>>>>>> >>>>>>>> com.sun.net.ssl.KeyManagerFactory >>>>>>>> (http://java.sun.com/products/jsse/doc/apidoc/com/sun/net/ssl/KeyManagerFactory.html) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> com.sun.net.ssl.SSLContext >>>>>>>> (http://java.sun.com/products/jsse/doc/apidoc/com/sun/net/ssl/SSLContext.html) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> com.sun.net.ssl.TrustManager >>>>>>>> (http://java.sun.com/products/jsse/doc/apidoc/com/sun/net/ssl/TrustManager.html) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> This classes in JSSE are only in the package com.sun.net.ssl, and >>>>>>>> although in JSSE 1.0.3 there are a packege javax.net.ssl, it >>>>>>>> doesn't >>>>>>>> contain this classes, it contains javax.net.ssl.SSLSocket, a >>>>>>>> classes >>>>>>>> soon used, to implement FTPS. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> And the commons-net team would prefer to go that way because Sun >>>>>>>>> says that >>>>>>>>> com.sun.net may go away with some future release, but not >>>>>>>>> javax.net. Yes, this >>>>>>>>> would be a small inconvenience for java 1.3 users, but the >>>>>>>>> stability >>>>>>>>> is worth it. >>>>>>>>> >>>>>>>>> >>>>>>>> This three classes in JDK 1.4.2, were move to >>>>>>>> >>>>>>>> javax.net.ssl.KeyManagerFactory >>>>>>>> (http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/KeyManagerFactory.html) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> javax.net.ssl.SSLContext >>>>>>>> (http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/SSLContext.html) >>>>>>>> >>>>>>>> javax.net.ssl.TrustManager >>>>>>>> (http://java.sun.com/j2se/1.4.2/docs/api/javax/net/ssl/TrustManager.html) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> But if you download for example JDK 1.4.2 and look inside of >>>>>>>> (jre/lib) >>>>>>>> you'll find jsse.jar, the jar where still are com.sun.net.ssl. Sun, >>>>>>>> still mantain compatiblity with JDK 1.3. >>>>>>>> >>>>>>>> And still in JDK 1.5, you'll find jre/lib/jsse.jar. >>>>>>>> >>>>>>>> But when jsse.jar desapear, i offer to modified code... >>>>>>>> >>>>>>>> In other way if use javax.net.ssl.KeyManagerFactory , >>>>>>>> javax.net.ssl.SSLContext, javax.net.ssl.TrustManager, ftps don't >>>>>>>> work >>>>>>>> under JDK 1.3. >>>>>>>> >>>>>>>> I hope explain better, this time. >>>>>>>> >>>>>>>> Then, make that you consider appropiate... >>>>>>>> >>>>>>>> Thanks all, for your time. >>>>>>>> >>>>>>>> -- >>>>>>>> The whole purpose of places like Starbucks is >>>>>>>> for people with no decision-making ability >>>>>>>> whatsoever to make six decisions just to buy >>>>>>>> one cup of coffee. Short, tall, light, dark, caf, >>>>>>>> decaf, low-fat, non-fat, etc. So people who >>>>>>>> don't know what the hell they're doing or who >>>>>>>> on earth they are can, for only $2.95, get not >>>>>>>> just a cup of coffee but an absolutely defining >>>>>>>> sense of self: Tall. Decaf. Cappuccino. >>>>>>>> >>>>>>>> --------------------------------------------------------------------- >>>>>>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>>>>>> For additional commands, e-mail: >>>>>>>> [EMAIL PROTECTED] >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> --------------------------------------------------------------------- >>>>>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>>>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> --------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>> >>>> >>>> >>>> >>> >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> > > -- View this message in context: http://www.nabble.com/-net--JSSE-classes-in-FTPS-WAS-Re%3A--net--FTPS-submission---legal-issues-tf1019716.html#a6317306 Sent from the Commons - Dev forum at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]