Class: Net::FTPFXPTLS
- Includes:
- OpenSSL
- Defined in:
- lib/ftpfxp/ftpfxptls.rb
Overview
This class implements the File Transfer Protocol with SSL/TLS secure connections. This class makes secure file transfers extremely easy yet also provides the low level control for users who wish to do things their own ways.
Major Methods
-
#login
-
#fxpprotp
-
#fxpprotc
-
#fxpgetcpsvport
-
#ftpccc
-
#fxpsscnon
-
#fxpsscnoff
-
#fxpto
-
#fxpsscnto
Instance Attribute Summary collapse
-
#secure_on ⇒ Object
readonly
When
true
, transfers are performed securely.
Class Method Summary collapse
-
.open(host, user = nil, passwd = nil, mode = 0, acct = nil) ⇒ Object
A synonym for
FTPFXPTLS.new
.
Instance Method Summary collapse
-
#ftpccc ⇒ Object
This executes the
CCC
(Clear Command Channel) command. -
#fxpgetcpsvport ⇒ Object
This is the exact same command as PASV, except it requires the control connection to be in protected mode (PROT P) and it tells the server NOT to initiate the SSL/TLS handshake.
-
#fxppbsz(size) ⇒ Object
This method sets the protection buffer size.
-
#fxpprotc ⇒ Object
Issue this command on the server will set the data connection to unencrypted mode and no SSL/TLS handshake will be initiated for subsequent transfers.
-
#fxpprotp ⇒ Object
This method notifies the server to start using protection mode.
-
#fxpsscnoff ⇒ Object
Toggle the
SSCN
mode to off for this server. -
#fxpsscnon ⇒ Object
Toggle the
SSCN
mode to on for this server. -
#fxpsscnto(dst, dstpath, srcpath) ⇒ Object
Do not call this method if you’re using CPSV. This method uses
SSCN
. -
#fxpto(dst, dstpath, srcpath) ⇒ Object
Do not call this method if you’re using SSCN. This method uses
CPSV
. -
#login(user = "anonymous", passwd = nil, mode = 0, acct = nil) ⇒ Object
This method authenticates a user with the ftp server connection.
Methods inherited from FTPFXP
#fastlist, #feat, #file_exists, #fxpgetpasvport, #fxpretr, #fxpsetport, #fxpstor, #fxpwait, #path_exists, #xdupe
Instance Attribute Details
#secure_on ⇒ Object (readonly)
When true
, transfers are performed securely. Default: true
.
43 44 45 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 43 def secure_on @secure_on end |
Class Method Details
.open(host, user = nil, passwd = nil, mode = 0, acct = nil) ⇒ Object
A synonym for FTPFXPTLS.new
. but with a manditory host parameter.
If a block is given, it is passed the FTP
object, which will be closed when the block finishes, or when an exception is raised.
51 52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 51 def FTPFXPTLS.open(host, user = nil, passwd = nil, mode = 0, acct = nil) if block_given? ftpfxptls = new(host, user, passwd, mode, acct) begin yield ftpfxptls ensure ftpfxptls.close end else new(host, user, passwd, mode, acct) end end |
Instance Method Details
#ftpccc ⇒ Object
This executes the CCC
(Clear Command Channel) command. Though the server may not allow this command because there are security issues with this.
173 174 175 176 177 178 179 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 173 def ftpccc synchronize do putline('CCC') @secure_on = false return getresp end end |
#fxpgetcpsvport ⇒ Object
This is the exact same command as PASV, except it requires the control connection to be in protected mode (PROT P) and it tells the server NOT to initiate the SSL/TLS handshake. The other side of CPSV is a PROT P and PORT command, which tells the server to do as usual and initiate SSL/TLS handshake. Server must support CPSV FTP extension protocol command. Most advance FTP servers implements CPSV.
161 162 163 164 165 166 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 161 def fxpgetcpsvport synchronize do putline('CPSV') return getresp end end |
#fxppbsz(size) ⇒ Object
This method sets the protection buffer size. Usually this is set to 0 for SSL/TLS transfers.
114 115 116 117 118 119 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 114 def fxppbsz(size) synchronize do putline("PBSZ #{size}") return getresp end end |
#fxpprotc ⇒ Object
Issue this command on the server will set the data connection to unencrypted mode and no SSL/TLS handshake will be initiated for subsequent transfers.
145 146 147 148 149 150 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 145 def fxpprotc synchronize do putline('PROT C') return getresp end end |
#fxpprotp ⇒ Object
This method notifies the server to start using protection mode. Must issue this command on both control connections before CPSV
or SSCN
when preparing secure FXP. Both servers will attempt to initiate SSL/TLS handshake regardless if it is Active or Passive mode.
128 129 130 131 132 133 134 135 136 137 138 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 128 def fxpprotp synchronize do # PROT P - Private - Integrity and Privacy # PROT E - Confidential - Privacy without Integrity # PROT S - Safe - Integrity without Privacy # PROT C - Clear - Neither Integrity nor Privacy # For TLS, the data connection can only be C or P. putline('PROT P') return getresp end end |
#fxpsscnoff ⇒ Object
Toggle the SSCN
mode to off for this server. If SSCN is off, it tells the server to act in server mode (default) for SSL/TLS handshakes. Server must support the SSCN FTP extension protocol command.
203 204 205 206 207 208 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 203 def fxpsscnoff synchronize do putline('SSCN OFF') return getresp end end |
#fxpsscnon ⇒ Object
Toggle the SSCN
mode to on for this server. SSCN requires that protected mode must be turned on (ie. PROT P). If SSCN is on, it tells the server to act in client mode for SSL/TLS handshakes. Server must support the SSCN FTP extension protocol command.
189 190 191 192 193 194 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 189 def fxpsscnon synchronize do putline('SSCN ON') return getresp end end |
#fxpsscnto(dst, dstpath, srcpath) ⇒ Object
Do not call this method if you’re using CPSV. This method uses SSCN
.
245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 245 def fxpsscnto(dst, dstpath, srcpath) if not @secure_on fxpprotp @secure_on = true end fxpsscnoff # We are the server side. dst.fxpsscnon # They are the client side. pline = fxpgetpasvport comp = pline.split(/\s+/) ports = String.new(comp[4].gsub('(', '').gsub(')', '')) dst.fxpsetport(ports) dst.fxpstor(dstpath) fxpretr(srcpath) resp = {} resp[:srcresp] = fxpwait raise FTPFXPTLSSrcSiteError unless '226' == resp[:srcresp][0,3] resp[:dstresp] = dst.fxpwait raise FTPFXPTLSDstSiteError unless '226' == resp[:dstresp][0,3] return resp end |
#fxpto(dst, dstpath, srcpath) ⇒ Object
Do not call this method if you’re using SSCN. This method uses CPSV
. This raises an exception FTPFXPTLSSrcSiteError
if errored on source site and raises an exception FTPFXPTLSDstSiteError
if errored on destination site.
219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 219 def fxpto(dst, dstpath, srcpath) if not @secure_on fxpprotp @secure_on = true end pline = fxpgetcpsvport comp = pline.split(/\s+/) ports = String.new(comp[4].gsub('(', '').gsub(')', '')) dst.fxpsetport(ports) dst.fxpstor(dstpath) fxpretr(srcpath) resp = {} resp[:srcresp] = fxpwait raise FTPFXPTLSSrcSiteError unless '226' == resp[:srcresp][0,3] resp[:dstresp] = dst.fxpwait raise FTPFXPTLSDstSiteError unless '226' == resp[:dstresp][0,3] return resp end |
#login(user = "anonymous", passwd = nil, mode = 0, acct = nil) ⇒ Object
This method authenticates a user with the ftp server connection. If no username
given, defaults to anonymous
. If no mode
given, defaults to TLS AUTH.
-
mode = 0 for
TLS
(default) -
mode = 1 for
SSL
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'lib/ftpfxp/ftpfxptls.rb', line 71 def login(user = "anonymous", passwd = nil, mode = 0, acct = nil) # SSL/TLS context. ctx = OpenSSL::SSL::SSLContext.new ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE ctx.key = nil ctx.cert = nil if 1 == mode voidcmd('AUTH SSL') else voidcmd('AUTH TLS') end @sock = OpenSSL::SSL::SSLSocket.new(@sock, ctx) @sock.connect print "get: #{@sock.peer_cert.to_text}" if @debug_mode # Call the original login method. super(user, passwd, acct) # Protection buffer size must be set to 0 since FTP-TLS does # not require this, but it still must be set. fxppbsz(0) # Set to P since we're using TLS. fxpprotp @secure_on = true end |