On Oct 29, 2006, at 4:17 PM, Niklas Gustavsson wrote:
Niklas Gustavsson wrote:
Rory Winston wrote:
Susanne
It may be possible that there is a bug in the FTPSClient impl -
can you post a transcript of the FTP commands and responses sent
over the wire?
I've now tested this with FtpServer and I think I got a clue as to
what is going on. But, I would like to confirm my suspicions with
you :-) I'm CCing the FtpServer list on the discussion.
When using the PROT P command in active mode, the FTP server will
try to connect using SSL to the client. In this case the server
acts as the SSL client. However, this seems to fail and we get a
cleartext data connection. My feeling is that this is because the
commons-net SSLContext does not set a keystore it can't act as a
SSL server. However, I haven't tested patching FTPSClient yet so
I'm not sure.
If I run in passive mode (where the FTPSClient will act as a SSL
client and FtpServer as a SSL server also for the data connection)
everything seems to work as expected.
You can find my simple test case here:
http://svn.apache.org/repos/asf/incubator/ftpserver/ssl-tests/
trunk/src/test/org/apache/ftpserver/ssl/DataConnectionTest.java
Note that this tests differs from what Susanne described as I get
a into problems on a single STOR. This might be because I have
some basic misconfiguration, is so feel free to point me the right
way :-)
With some additional testing I was able to get everything to work.
Not sure if it's the optimal solution but anyways, here's how I did
it.
The FTPSClient needs the have a SSL enabled ServerSocketFactory
set, e.g.:
client.setServerSocketFactory(SSLServerSocketFactory.getDefault());
Since we're now using the standard SSL socket implementation, it
will look the the regular system properties for the key and trust
stores. So I created a keystore for the client, containing a key
pair for the client and I then imported the certificate for the
server (exported from the server keystore). I then set the system
properties and everything now seems to works as expected.
The test case referred to above as been updated with these fixes.
I should also say that I got this working within my Eclipse
environment, not yet in the Maven build. Still not sure why but I'm
looking into it.
/niklas
Ok, I'll give this a try. Just fyi, I'm running the client in passive
mode but I still get this error. These are the commands I'm using:
FTPSClient ftps = new FTPSClient(true);
ftps.addProtocolCommandListener(new PrintCommandListener(log));
ftps.connect(host, port);
ftps.login(user, password);
ftps.enterLocalPassiveMode();
ftps.execPROT("P");
ftps.setFileType(FTP.BINARY_FILE_TYPE);
ftps.storeFile(file.getName(), input);
ftps.logout();
ftps.disconnect();
Susanne
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
