Package map for the project is attached. --Irene Shi-Ying Irene Huang wrote: > Template Version: @(#)sac_nextcase %I% %G% SMI > This information is Copyright 2008 Sun Microsystems > 1. Introduction > 1.1. Project/Component Working Name: > Gftp for OpenSolaris > 1.2. Name of Document Author/Supplier: > Author: Alfred Peng > 1.3 Date of This Document: > 18 November, 2008 > 4. Technical Description > 1. Introduction > 1.1. Project/Component Working Name: > > gFTP: multithreaded file transfer client. > > 1.2. Name of Document Author/Supplier: > > Alfred Peng > > 1.3. Date of This Document: > > 11/04/08 > > 1.3.1. Date this project was conceived: > > 12/14/1997 > > 1.4. Name of Major Document Customer(s)/Consumer(s): > > 1.4.1. The PAC or CPT you expect to review your project: > > Solaris PAC > > 1.4.2. The ARC(s) you expect to review your project: > > LSARC > > 1.4.3. The Director/VP who is "Sponsoring" this project: > > robert.odea at sun.com > > 1.4.4. The name of your business unit: > > New Solaris Group, Desktop > > 1.5. Email Aliases: > > 1.5.1. Responsible Manager: > > leo.binchy at sun.com > > 1.5.2. Responsible Engineer: > > alfred.peng at sun.com > > 1.5.3. Marketing Manager: > > glynn.foster at sun.com > > 1.5.4. Interest List: > > desktop-discuss at opensolaris.org > > 4. Technical Description: > 4.1. Details: > gFTP is a multithreaded file transfer client for *NIX based machines. > It has the following features: > > * Supports the FTP, FTPS (control connection only), HTTP, HTTPS, SSH > and FSP protocols. > * FTP and HTTP proxy server support. > * Supports FXP file transfers which is a subset of FTP protocol. > * Bookmarks menu to quickly connect to remote sites. > * Internationalized to 41 languages. > * Double-paned layout to show the local and remote filesystems. > * Transfer pane to show the real-time status of each queued or active > file transfer. > * Log pane to display the text commands and responses between gFTP > and the remote server. > > 4.2. Bug/RFE Number(s): > > None. > > 4.3. In Scope: > > See above. > > 4.4. Out of Scope: > > See above. > > 4.5. Interfaces: > > Exported Interface > -------------------------------------------------------------------- > Interface Name Classification Comment > -------------------------------------------------------------------- > SUNWgftp Uncommitted Package name > /usr/bin/gftp Volatile gFTP launch > script > /usr/bin/gftp-gtk Volatile gFTP GUI > /usr/bin/gftp-text Volatile gFTP CLI > $HOME/.gftp Project Private Profile > /usr/share/gftp Project Private Directory > /usr/share/doc/SUNWgftp Project Private Copyright > directory > /usr/share/applications/gftp.desktop Volatile UI spec > > > Imported Interface > -------------------------------------------------------------------- > Interface Classification ARC case Comment > -------------------------------------------------------------------- > GNOME Platform Committed LSARC/2008/207 GTK+ library > Libraries GNOME 2.22 > SSH Committed PSARC/2001/212 Secure Shell > OpenSSL Volatile PSARC/2006/019 OpenSSL library > > 4.6. Doc Impact: > > New manpage, gftp.1. > > 4.7. Admin/Config Impact: > > None. > > 4.8. HA Impact: > > None. > > 4.9. I18N/L10N Impact: > > The JDS team and the G11N are working together to evaluate and > provide I18N/L10N support. > > 4.10. Packaging & Delivery: > > Adds new package, SUNWgftp > > 4.11. Security Impact: > > gFTP uses OpenSSL library to encrypt the control and data channels > for file transfer over HTTPS, and to encrypt the contol channel for > FTPS. It creates socket BIO to handle SSL connections transparently. > A handshake will be performed to verify server's certificate after > the connection is established. The certificate verification will be > with mode SSL_VERIFY_PEER and depth 9. It doesn't use the SSLv2 > protocol and the list of available ciphers will be set to > "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH". > > To support SSH protocol, gFTP uses ssh/sftp commands to build up > connection with the server. The authentication information will be > sent over the SSH connection. All the following requests and responses > will go back and forth through this connection for secure file > transfer. > > gFTP uses socket to transfer file by FTP and HTTP protocol. The > password will be encoded with standard base64 for HTTP authentication. > As for FTP authentication, the password will be sent in plain text > through socket. > > gFTP includes a feature that allows user to save passwords. The > password will be saved in the gFTP profile directory. This will > create a potential security vulnerabilty because gFTP only has very > primary encryption/decryption to make the stored passwords unreadable. > Each character is separated in two nibbles. Then each nibble is stored > under the form 01xxxx01. The resulted string is prefixed by a '$'. > > e.12. Dependencies: > > The following versions of the imported interfaces are required: > > GNOME 2.22 Upwards > OpenSSL, SSH > > 5. Reference Documents: > > [1] gFTP homepage: > http://www.gftp.org > > [2] Related ARC cases: > LSARC 2008/207: GNOME 2.22 > PSARC/2006/019: OpenSSL upgrade to 0.9.8a > PSARC/2001/212: Secure Shell > > > 6. Resources and Schedule > 6.4. Steering Committee requested information > 6.4.1. Consolidation C-team Name: > Desktop > 6.5. ARC review type: FastTrack > 6.6. ARC Exposure: open > >
-------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: pkgmap URL: <http://mail.opensolaris.org/pipermail/opensolaris-arc/attachments/20081119/5efa6397/attachment.ksh>
