News  [SoftwareSite

Latest News
Older News
RSS Feed
 
Complete Projects
Useful Classes
Top Downloads
Message Board
AllAPI.net
 
Send Comments
Software License
Mentalis.org Buttons
Donate
 
Forums -> Security Library Forum
 
Implementing FTPS server - data channel problems  
by Lee Gillie [Lee at odp dot com]
posted on 2005/08/12

I am testing my server with the free MoveIt client. I am moving ZIP files so I can TEST the file integrity after transfer.

FTPS command socket begins life as a clear text channel. When commands are given, we must transition the socket to secure, without closing it. One small problem I had is that the MoveIt client transmits an LF in addition to CR. I process commands upon receipt of CR. LF would be discarded at the next time I go to read the command channel. So the socket was NOT clear of incoming data before attempting to transition. I mitigated by clearing the receive buffer before attempting the transition, and it works fine now. This was difficult to find, and ultimately I had to debug/trace into the library to see what it was looking for, and what was actually in the receive buffer. Seeing what was happening, I immediately wondered why the handshake did not attempt to "frame itself" on the receive socket stream of data as the transition is made? It looks like it would be VERY simple to do, as it expects a very distinct signature. Instead it simply fails the handshake.

 

Copyright © 2002-2007, The Mentalis.org Team. All rights reserved.
This site is located at http://www.mentalis.org/
Send comments to the webmaster.