Re: ftp implicit ssl connection
Thank you all friends for your suggestions. I'll try some of them and i'll be back for results ;-) __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ftp implicit ssl connection
Take a look at: http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html Ken > > PBSZ is used when you are negotiating the size of the buffer to be > > encrypted. > > If you are using FTP over SSL, the FTP protocol is not performing any > > authentication or encryption. Therefore, you do not use PBSZ. > > Yes, you are right... but i'm sure that these servers i connect to use > implicit > ssl connection and i saw some clients sending the buffer size command... > However, i tried to follow the normal ftp protocol with USER and PASS > commands with the same result... no answer from server... > Maybe i need some source code to see the difference with mine... > Do you know about any linux sftp that implements ssl implicit connection ? > > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] __ Support InterSoft International, Inc. Voice: 888-823-1541, International 281-398-7060 Fax: 888-823-1542, International 281-398-0221 [EMAIL PROTECTED] http://www.securenetterm.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ftp implicit ssl connection
> PBSZ is used when you are negotiating the size of the buffer to be > encrypted. > If you are using FTP over SSL, the FTP protocol is not performing any > authentication or encryption. Therefore, you do not use PBSZ. Yes, you are right... but i'm sure that these servers i connect to use implicit ssl connection and i saw some clients sending the buffer size command... However, i tried to follow the normal ftp protocol with USER and PASS commands with the same result... no answer from server... Maybe i need some source code to see the difference with mine... Do you know about any linux sftp that implements ssl implicit connection ? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ftp implicit ssl connection
PBSZ is used when you are negotiating the size of the buffer to be encrypted. If you are using FTP over SSL, the FTP protocol is not performing any authentication or encryption. Therefore, you do not use PBSZ. gomess wrote: It is very unclear to me what type of help you are looking for. There are many SSL/TLS FTP client and server implementations available as open source in addition to the specifications for the protocol which are available as an Internet-Draft. What do you need? well, in the previous 2 messages i tried to explain it... I'm writing an ftp client and i would like to add support for implicit ssl connection... the problem is that after the handshake i try to send the "PBSZ 0" command but i receive no answer from the server... this is the behavoiur with all of the ftp protocol commands... so, i need some help... even some source code of an ftp client that implement "implicit" (not the explicit one with AUTH command etc...) ssl connection... can u give me some help ? thank's :-) __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ftp implicit ssl connection
> I think the question was this: why are you trying to invent another secure FTP > protocol I'm not inventing anything... there are 3 ways to handle ftp security: "SSL connect" "AUTH SSL" "AUTH TLS" I need to implement the first... if u know of a linux sftp client that uses this type of mechanism please tell me the link (with source obviously ;-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ftp implicit ssl connection
I think the question was this: why are you trying to invent another secure FTP protocol when there is already a draft IETF standard for bringing up SSL/TLS command and/or data channels in FTP, as well as several open source implementations of that draft protocol. Caveat: I am not an expert on this protocol, I just know of its existance. Andy Sherman Morgan Stanley gomess wrote: > > It is very unclear to me what type of help you are looking for. > > There are many SSL/TLS FTP client and server implementations available > > as open source in addition to the specifications for the protocol which > > are available as an Internet-Draft. > > > > What do you need? > > well, in the previous 2 messages i tried to explain it... > I'm writing an ftp client and i would like to add support for implicit > ssl connection... > the problem is that after the handshake i try to send the "PBSZ 0" command > but i receive no answer from the server... this is the behavoiur with all of > the > ftp protocol commands... > so, i need some help... even some source code of an ftp client that > implement > "implicit" (not the explicit one with AUTH command etc...) ssl connection... > can u give me some help ? > > thank's :-) > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List[EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- NOTICE: If received in error, please destroy and notify sender. Sender does not waive confidentiality or privilege, and use is prohibited. begin:vcard n:Sherman;Andrew tel;pager:+1 888 781 1877 tel;cell:+1 917 945 0279 tel;fax:+1 212 507 2046 tel;work:+1 718 754 2276 x-mozilla-html:TRUE url:http://www.morganstanley.com org:http://www.morganstanley.com/img/morgan.gif";>;IT Security adr:;;1 Pierrepont Plaza;Brooklyn;NY;11201;US version:2.1 email;internet:[EMAIL PROTECTED] title:Vice President fn:Andrew Sherman end:vcard
Re: ftp implicit ssl connection
> It is very unclear to me what type of help you are looking for. > There are many SSL/TLS FTP client and server implementations available > as open source in addition to the specifications for the protocol which > are available as an Internet-Draft. > > What do you need? well, in the previous 2 messages i tried to explain it... I'm writing an ftp client and i would like to add support for implicit ssl connection... the problem is that after the handshake i try to send the "PBSZ 0" command but i receive no answer from the server... this is the behavoiur with all of the ftp protocol commands... so, i need some help... even some source code of an ftp client that implement "implicit" (not the explicit one with AUTH command etc...) ssl connection... can u give me some help ? thank's :-) __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: ftp implicit ssl connection
It is very unclear to me what type of help you are looking for. There are many SSL/TLS FTP client and server implementations available as open source in addition to the specifications for the protocol which are available as an Internet-Draft. What do you need? gomess wrote: Nobody can help me ? :-(( Please... :-)
Re: ftp implicit ssl connection
Hi,
this is a simple test program i wrote:
--- code ---
SSL_library_init ();
SSL_load_error_strings();
meth= SSLv23_method();
ctx= SSL_CTX_new (meth);
sock = socket (AF_INET, SOCK_STREAM, 0);
host_p= gethostbyname (argv[1]);
addr.sin_family= AF_INET;
addr.sin_port= htons (atoi(argv[2]));
memcpy (&addr.sin_addr, host_p->h_addr, sizeof (struct in_addr));
connect (sock, (struct sockaddr *) &addr, sizeof (struct sockaddr_in));
ssl=SSL_new(ctx);
sbio=BIO_new_socket(sock,BIO_NOCLOSE);
SSL_set_bio(ssl,sbio,sbio);
SSL_connect(ssl);
SSL_read(ssl,buf,sizeof(buf));
printf ("%s", buf);
SSL_write (ssl, "PBSZ 0\n", 7);
while (SSL_read(ssl,buf,sizeof(buf)) > 0)
printf ("%s\n", buf);
--- end code
I cut all the error checks... can u see where am I wrong ?
Thank U :-)
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
ftp implicit ssl connection
Hi,first of all sorry for my english ;-PNext... i'm trying to make a ftp client for linux that uses implicit SSLv23 connection, but i have a problem: when i connect to a server and the ssl connection is established i try to send a command but the server doesn't answer with any byte...Taking a look at the logs of other (windows) clients i've seen that the first command sent is the PBSZ command and i send it too, but i receive no answer...I tried all the ftp commands with the same result...what can i do ? Thank U all :-) Edo
