Article delegate-en/2918 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2917@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Allow secure FTP connections only
18 Apr 2005 01:38:47 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A2917@delegate-en.ML_> on 04/18/05(05:34:19)
you "Karel Fajkus" <pe4eqbdyi-h5qfbm6fej3r.ml@ml.delegate.org> wrote:
 |> SERVER="ftp://127.0.0.1:21" STLS="fcl"
 |
 |How do I setup DeleGate so that it will accept only FTP/TLS (or whatever secure FTP) connections from clients?
 |
 |According to the manual (http://www.delegate.org/delegate/Manual.htm?STLS) DeleGate should close the connection with a client when using STLS="fcl" and the SSL is not available. Correct?

Yes.  It should work so.

 |But it doesn't work for me. Basic FTP client, which knows nothing about SSL/TLS, still _can_ connect. Where is the problem? What should I do to enforce secure connections only?

Sorry, I forgot to forbid non-SSL communitaiotn with "STLS=fcl" for FTP,
while I did it for SMTP, POP and IMAP.
I'll fix it like the enclosed patch in the next release.

Cheers,
Yutaka
--
  D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** dist/delegate8.11.2/src/stls.c	Tue Mar  1 08:25:44 2005
--- src/stls.c	Mon Apr 18 10:09:39 2005
***************
*** 352,357 ****
--- 352,368 ----
  		fprintf(tc,"200 OK\r\n");
  		return 1;
  	}
+ 	else
+ 	if( comeq(com,"QUIT")
+ 	){
+ 		return 0;
+ 	}else
+ 	if( needSTLS(Conn) ){
+ 		sv1log("#### needAUTH, rejected %s %s\n",com,arg);
+ 		fprintf(tc,"534 do AUTH first.\r\n");
+ 		fflush(tc);
+ 		return 1;
+ 	}
  	return 0;
  }
  int FTP_STARTTLS_withSV(Connection *Conn,FILE *ts,FILE *fs){

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V