libunftp icon indicating copy to clipboard operation
libunftp copied to clipboard

Published 20 hours ago verified publisher icon bolcom

Enforce TLS session re-use to prevent connection stealing

Open hannesdejager opened this issue 3 years ago • 1 comments

Have a way to only allow data connections that are a TLS resumed connection of an active control channel connection to prevent FTPS connection stealing

hannesdejager avatar Mar 19 '21 13:03 hannesdejager

An initial part of this (allowing resumption) done in https://github.com/bolcom/libunftp/commit/424b38b9e731386e341b6c2ae22b11a23e4f1f21, the rest is probably dependent on https://github.com/ctz/rustls/issues/705

hannesdejager avatar May 19 '21 20:05 hannesdejager