Article delegate-en/1418 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A1417@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Howto? SSL FTP Tunneling
15 Nov 2001 17:32:23 GMT feedback@delegate.org (Yutaka Sato)


Bryan,

Thank you for your sending detailed log.  Inspecting it I found
that there are tow problems or bugs in FTP-DeleGate.

- DeleGate does not start SSL session (by inserting FSV filter)
  for ftp-data connection until it starts relaying data after sending
  command for retrieve like LIST or RETR.  But the server expects
  SSL session started before retrieval command, or it rejects the
  retrieval command.  The behavior of DeleGate must be fixed but
  the modification can be a little bit difficult.
  
- DeleGate does not insert FSV for ftp-data if FCL for ftp-data is
  already inserted.  This is a simple bug and can easily be fixed.

On 11/15/01(08:57) you "Bryan Dees" <ppqcqbdyi-uwzfv3k5eylr.ml@ml.delegate.org> wrote
in <_A1417@delegate-en.ML_>
 |I finaly got it all to work!
 |
 |# Proxy SSL FTP
 |  delegated \
 |  -P10021 \
 |  SERVER=ftp://goahp85.airborne.com:10021/  \
 |  CMAP="sslway -st:FCL:ftp:*:*" CMAP=sslway:FCL:ftp-data:*:*
 |

Maybe it worked because your FTP server accepts both non-SSL and SSL
mode, and you used non-SSL mode dropping FSV filter to bypass the above
bugs of DeleGate.  This will be enough in your case because SSL seems
not neccessary between your DeleGate and the FTP server.

 |I took out the CMAP for FSV and added the ending *:* fields to the CMAP
 |FCL command.

But I'm not sure why the *:* is neccesary...

Cheers,
Yutaka
--
  @ @ Yutaka Sato <y.sato@delegate.org> http://www.delegate.org/y.sato/
 ( - ) National Institute of Advanced Industrial Science and Technology (AIST)
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan


  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V