libunftp
libunftp copied to clipboard
Published
20 hours ago •
bolcom
bolcom
Implement CCC
Currently unFTP will hang if a CCC command is issued to it.
This can be tested by using lftp and switching this setting on:
# if true, lftp would issue CCC command after logon, thus disable ssl protection layer on control connection.
set ftp:ssl-use-ccc no
e.g.
cat ~/.lftprc
debug
set cache:enable no
set ftp:ssl-allow yes
set ftp:ssl-allow-anonymous yes
set ftp:ssl-force yes
set ftp:ssl-auth TLS
set ftp:ssl-protect-data yes
set ssl:verify-certificate no
set ftp:ssl-use-ccc yes
set ssl:use-sni no
You'll see something like this:
lftp hannes@mcnas:~> ls
---- Connecting to mcnas (192.168.178.186) port 2122
<--- 220 Welcome to unFTP
---> FEAT
<--- 211-Extensions supported:
<--- AUTH TLS
<--- MDTM
<--- PBSZ
<--- PROT
<--- REST STREAM
<--- SIZE
<--- UTF8
<--- 211 END
---> AUTH TLS
<--- 234 Upgrading to TLS
---> OPTS UTF8 ON
Certificate depth: 0; subject: /CN=dejagers.local/O=De Jagers/C=NL; issuer: /CN=dejagers.local/O=De Jagers/C=NL
WARNING: Certificate verification: self signed certificate (B6:EA:AA:92:6F:A5:C5:9F:55:AD:F4:B1:41:48:CE:A9:1D:B2:E3:B9)
initialized translation from UTF-8 to ASCII
initialized translation from ASCII to UTF-8
WARNING: Certificate verification: certificate subject name 'dejagers.local' does not match target host name 'mcnas' (B6:EA:AA:92:6F:A5:C5:9F:55:AD:F4:B1:41:48:CE:A9:1D:B2:E3:B9)
<--- 530 Please authenticate
---> USER hannes
<--- 331 Password Required
---> PASS XXXX
<--- 230 User logged in, proceed
---> OPTS UTF8 ON
<--- 250 Always in UTF-8 mode.
initialized translation from ASCII to UTF-8
initialized translation from UTF-8 to ASCII//TRANSLIT
---> PWD
<--- 257 "/"
---> PBSZ 0
<--- 200 OK
---> PROT P
<--- 200 PROT OK. Securing data channel
---> CCC
<--- 200 control channel in plaintext now
---> PASV
`ls' at 0 [Waiting for response...]
It turns out this isn't really implemented