[DeleGate-En] Re: Howto? SSL FTP Tunneling
Thank you for your sending detailed log. Inspecting it I found
that there are tow problems or bugs in FTP-DeleGate.
- DeleGate does not start SSL session (by inserting FSV filter)
for ftp-data connection until it starts relaying data after sending
command for retrieve like LIST or RETR. But the server expects
SSL session started before retrieval command, or it rejects the
retrieval command. The behavior of DeleGate must be fixed but
the modification can be a little bit difficult.
- DeleGate does not insert FSV for ftp-data if FCL for ftp-data is
already inserted. This is a simple bug and can easily be fixed.
On 11/15/01(08:57) you "Bryan Dees" <email@example.com> wrote
|I finaly got it all to work!
|# Proxy SSL FTP
| delegated \
| -P10021 \
| SERVER=ftp://goahp85.airborne.com:10021/ \
| CMAP="sslway -st:FCL:ftp:*:*" CMAP=sslway:FCL:ftp-data:*:*
Maybe it worked because your FTP server accepts both non-SSL and SSL
mode, and you used non-SSL mode dropping FSV filter to bypass the above
bugs of DeleGate. This will be enough in your case because SSL seems
not neccessary between your DeleGate and the FTP server.
|I took out the CMAP for FSV and added the ending *:* fields to the CMAP
But I'm not sure why the *:* is neccesary...
@ @ Yutaka Sato <firstname.lastname@example.org> http://www.delegate.org/y.sato/
( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan