Class: Net::FTPFXPTLS

Inherits:

FTPFXP

• Object
• FTP
• FTPFXP
• Net::FTPFXPTLS

Includes:

OpenSSL

Defined in:

lib/ftpfxp/ftpfxptls.rb

Instance Method Summary

• #ftpccc ⇒ Object

  This executes the CCC (Clear Command Channel) command.

• #fxpgetcpsvport ⇒ Object

  This is the exact same command as PASV, except it requires the control connection to be in protected mode (PROT P) and it tells the server NOT to initiate the SSL/TLS handshake.

• #fxpprotc ⇒ Object

  Issue this command on the server will set the data connection to unencrypted mode and no SSL/TLS handshake will be initiated for subsequent transfers.

• #fxpprotp ⇒ Object

  Must issue this command on both control connections before CPSV or SSCN when preparing secure FXP.

• #fxpsscnoff ⇒ Object

  Toggle the SSCN mode to off for this server.

• #fxpsscnon ⇒ Object

  Toggle the SSCN mode to on for this server.

• #fxpsscnto(dst, dstpath, srcpath) ⇒ Object

  This FXP the specified source path to the destination path on the destination site.

• #fxpto(dst, dstpath, srcpath) ⇒ Object

  Do not call this if you’re using SSCN.

• #login(user = "anonymous", passwd = nil, mode = 0, acct = nil) ⇒ Object

  The mode option controls the encryption to use.

Methods inherited from FTPFXP

#fastlist, #feat, #fileExists, #fxpgetpasvport, #fxpretr, #fxpsetport, #fxpstor, #fxpwait, #xdupe

Instance Method Details

#ftpccc ⇒ Object

This executes the CCC (Clear Command Channel) command. Though the server may not allow this command because there are security issues with this.

# File 'lib/ftpfxp/ftpfxptls.rb', line 98

def ftpccc
  synchronize do
    putline('CCC')
    @secure_on = false
    return getresp
  end
end

#fxpgetcpsvport ⇒ Object

This is the exact same command as PASV, except it requires the control connection to be in protected mode (PROT P) and it tells the server NOT to initiate the SSL/TLS handshake. The other side of CPSV is a PROT P and PORT command, which tells the server to do as usual and initiate SSL/TLS handshake. Server must support CPSV FTP extension protocol command. Most advance FTP servers implements CPSV.

# File 'lib/ftpfxp/ftpfxptls.rb', line 88

def fxpgetcpsvport
  synchronize do
    putline('CPSV')
    return getresp
  end
end

#fxpprotc ⇒ Object

Issue this command on the server will set the data connection to unencrypted mode and no SSL/TLS handshake will be initiated for subsequent transfers.

# File 'lib/ftpfxp/ftpfxptls.rb', line 74

def fxpprotc
  synchronize do
    putline('PROT C')
    return getresp
  end
end

#fxpprotp ⇒ Object

Must issue this command on both control connections before CPSV or SSCN when preparing secure FXP. Both servers will attempt to initiate SSL/TLS handshake regardless if it is Active or Passive mode.

# File 'lib/ftpfxp/ftpfxptls.rb', line 59

def fxpprotp
  synchronize do
    # PROT P - Private - Integrity and Privacy
    # PROT E - Confidential - Privacy without Integrity
    # PROT S - Safe - Integrity without Privacy
    # PROT C - Clear - Neither Integrity nor Privacy
    # For TLS, the data connection can only be C or P.
    putline('PROT P')
    return getresp
  end
end

#fxpsscnoff ⇒ Object

Toggle the SSCN mode to off for this server. If SSCN is off, it tells the server to act in server mode (default) for SSL/TLS handshakes. Server must support the SSCN FTP extension protocol command.

# File 'lib/ftpfxp/ftpfxptls.rb', line 124

def fxpsscnoff
  synchronize do
    putline('SSCN OFF')
    return getresp
  end
end

#fxpsscnon ⇒ Object

Toggle the SSCN mode to on for this server. SSCN requires that protected mode must be turned on (ie. PROT P). If SSCN is on, it tells the server to act in client mode for SSL/TLS handshakes. Server must support the SSCN FTP extension protocol command.

# File 'lib/ftpfxp/ftpfxptls.rb', line 112

def fxpsscnon
  synchronize do
    putline('SSCN ON')
    return getresp
  end
end

#fxpsscnto(dst, dstpath, srcpath) ⇒ Object

This FXP the specified source path to the destination path on the destination site. Path names should be for files only.

# File 'lib/ftpfxp/ftpfxptls.rb', line 155

def fxpsscnto(dst, dstpath, srcpath)
  if not @secure_on
    voidcmd('PROT P')
    @secure_on = true
  end

  fxpsscnoff # We are the server side.
  dst.fxpsscnon # They are the client side.
  pline = fxpgetpasvport
  comp = pline.split(/\s+/)
  ports = String.new(comp[4].gsub('(', '').gsub(')', ''))
  dst.fxpsetport(ports)
  dst.fxpstor(dstpath)
  fxpretr(srcpath)
  resp = fxpwait
  raise "#{resp}" unless '226' == resp[0,3]
  resp = dst.fxpwait
  raise "#{resp}" unless '226' == resp[0,3]
  return resp
end

#fxpto(dst, dstpath, srcpath) ⇒ Object

Do not call this if you’re using SSCN.

# File 'lib/ftpfxp/ftpfxptls.rb', line 134

def fxpto(dst, dstpath, srcpath)
  if not @secure_on
    voidcmd('PROT P')
    @secure_on = true
  end

  pline = fxpgetcpsvport
  comp = pline.split(/\s+/)
  ports = String.new(comp[4].gsub('(', '').gsub(')', ''))
  dst.fxpsetport(ports)
  dst.fxpstor(dstpath)
  fxpretr(srcpath)
  resp = fxpwait
  raise "#{resp}" unless '226' == resp[0,3]
  resp = dst.fxpwait
  raise "#{resp}" unless '226' == resp[0,3]
  return resp
end

#login(user = "anonymous", passwd = nil, mode = 0, acct = nil) ⇒ Object

The mode option controls the encryption to use. mode = 0 for TLS (default) mode = 1 for SSL

# File 'lib/ftpfxp/ftpfxptls.rb', line 20

def login(user = "anonymous", passwd = nil, mode = 0, acct = nil)
  # SSL/TLS context.
  ctx = OpenSSL::SSL::SSLContext.new
  ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE
  ctx.key = nil
  ctx.cert = nil
  if 1 == mode
    voidcmd('AUTH SSL')
  else
    voidcmd('AUTH TLS')
  end
  @sock = OpenSSL::SSL::SSLSocket.new(@sock, ctx)
  @sock.connect

  print "get: #{@sock.peer_cert.to_text}" if @debug_mode

  # Call the original login method.
  super(user, passwd, acct)

  # Protection buffer size must be set to 0 since FTP-TLS does
  # not require this, but it still must be set.
  voidcmd('PBSZ 0')

  # Set to P since we're using TLS.
  voidcmd('PROT P')
  @secure_on = true
end