CLONE -Provide convenience methods for checking is the control and data sockets
are secure
------------------------------------------------------------------------------------------
Key: FTPSERVER-150
URL: https://issues.apache.org/jira/browse/FTPSERVER-150
Project: FtpServer
Issue Type: Improvement
Affects Versions: 1.0-M2
Reporter: David Latorre
Assignee: Niklas Gustavsson
Fix For: 1.0-M3
Checking if the data and control sockets are secure (running over SSL/TLS) from
a Ftplet is quite intricate and depends on knowledge of the internal
implementation in FtpServer. We should make this simple. Suggestion by Jeroen
Cranendonk
I've cobbled together some code which should give an idea of what I'm trying
to achieve, haven't tested it yet though. And I do realize this probably
breaks your design in all kinds of ways :)
Firstly, I've added the following to FtpSessionImpl:
public boolean isDataConnectionSecure() {
return ioSession.getDataConnection().isSecure();
}
public boolean isSecure() {
return
ioSession.getFilterChain().contains("sslSessionFilter");
}
public void write(final Object message) {
ioSession.write(message);
}
And then my Ftplet looks like this (and it probably won't compile unless
it's against the full ftpserver code):
public class MyFtplet extends DefaultFtplet implements Ftplet {
@Override
public FtpletEnum onUploadStart(final FtpSession session, final
FtpRequest request) throws FtpException,
IOException {
return this.onLimitedStart(session, request);
}
private FtpletEnum onLimitedStart(final FtpSession session, final
FtpRequest request) {
if (session.isSecure() && session.isDataConnectionSecure())
{
return FtpletEnum.RET_DEFAULT;
}
session.write(new
DefaultFtpReply(FtpReply.REPLY_550_REQUESTED_ACTION_NOT_TAKEN,
"Cannot do this before securing the connection."));
return FtpletEnum.RET_SKIP;
}
}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
