Article delegate-en/25 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A21@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: data channell not encrypted
10 Aug 1998 21:51:40 GMT ysato@etl.go.jp (Yutaka Sato 佐藤豊)


In message <_A21@delegate-en.ML_>
on 08/10/98(21:18:54)
you "Piero Berritta" <pauaabdyi-5bnwhwgjselr.ml@ml.delegate.org> wrote:
 |Client side:
 |delegated -P21 FSV="sslway -co" SERVER=ftp://ftp-server-name:8021
 |
 |Server side:
 |delegated -P8021 FCL="sslway -ac" SERVER=ftp://ftp-server-name:21
 |
 |I tested the patch Yutaka gave me and now the ftp doesn't hung up, but
 |making a dump with tcpdump on the client (or server) machine it seems that
 |the data channell is not encrypted. The control channell, on the contrary,
 |seems to be perfectly encrypted.

Between two DeleGate servers, no FTP data connection is created but
data is passed on the control connection, using "MODE XDC" private
extension.  On the client side, you will see following log;

  08/11 06:28:20.80 [22180] 2+0: -- Fork(FSV): 22178 -> 22180
  08/11 06:28:20.83 [22180] 2+0: #### execFilter[FSV] sslway -co
  ## SSLway[22182](etlibu) start
  ## SSLway[22182](etlibu) connected
  ## SSLway[22182](etlibu) server's cert. = ...
  08/11 06:28:21.53 [22178] 2+0: --- I'm clientWithXDC
                                 ^^^^^^^^^^^^^^^^^^^^^
which shows that the DeleGate determined to use "XDC mode".
Exceptionally, when the server side DeleGate runs on the same host
of client side DeleGate, it will not use this "MODE XDC".
Is this your case?

If so, you can force DeleGate to use "MODE XDC" by removing a line
in ftp.c (the line number 2546 in the following stuff) where the
locality of the server is judged.

  2545  if( !FS->fs_IAMCC )
  2546  if( !localsocket(ServSock(Conn,ts,"INIT")) && getenv("NOXDC") == 0 )
  2547  if( FS->fs_serverWithXDC ){
  2548          if( D_FTPHOPS == 1 ){
  2549                  put_serv(MODE(FS),ts,"MODE XDC\r\n");
  2550                  if( get_resp(fs,NULL,resp,sizeof(resp)) != EOF ){
  2551                          FS->fs_IamClientWithXDC = 1;
  2552                          sv1log("--- I'm clientWithXDC\n");
  2553                  }
  2554          }
  2555  }

Cheers,
Yutaka
--
Yutaka Sato <ysato@etl.go.jp> http://www.etl.go.jp/~ysato/   @ @ 
Computer Science Division, Electrotechnical Laboratory      ( - )
1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan            _<   >_

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V