Skip to content

Commit

Permalink
core: set the SSL settings after login
Browse files Browse the repository at this point in the history 
Some FTP servers don't allow to configure these settings before login.
  • Loading branch information
@deniskovalchuk
deniskovalchuk committed Apr 14, 2024
1 parent 480d40b commit 4ad48ca
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 39 deletions.
2 changes: 0 additions & 2 deletions include/ftp/client.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,8 +148,6 @@ class client

reply process_command(std::string_view command, replies & replies);

reply process_ssl_handshake(ssl::context *ssl_context, replies & replies);

reply process_login(std::string_view username, std::string_view password, replies & replies);

replies process_download(output_stream & dst, std::string_view path, transfer_callback * transfer_cb);
Expand Down
42 changes: 19 additions & 23 deletions src/client.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,9 +73,16 @@ replies client::connect(std::string_view hostname,
replies replies;
reply reply = recv(replies);

/* Perform SSL handshake */
if (ssl_context_ && reply.is_positive())
{
reply = process_ssl_handshake(ssl_context_.get(), replies);
reply = process_command("AUTH TLS", replies);

if (reply.is_positive())
{
control_connection_.set_ssl(ssl_context_.get());
control_connection_.handshake();
}
}

if (username && reply.is_positive())
Expand Down Expand Up @@ -445,28 +452,6 @@ reply client::process_command(std::string_view command, replies & replies)
return recv(replies);
}

reply client::process_ssl_handshake(ssl::context *ssl_context, replies & replies)
{
reply reply = process_command("AUTH TLS", replies);

if (reply.is_negative())
{
return reply;
}

control_connection_.set_ssl(ssl_context);
control_connection_.handshake();

reply = process_command("PBSZ 0", replies);

if (reply.is_negative())
{
return reply;
}

return process_command("PROT P", replies);
}

reply client::process_login(std::string_view username, std::string_view password, replies & replies)
{
std::string command = make_command("USER", username);
Expand All @@ -481,6 +466,17 @@ reply client::process_login(std::string_view username, std::string_view password
reply = process_command(command, replies);
}

/* Set the SSL settings. */
if (ssl_context_ && reply.is_positive())
{
reply = process_command("PBSZ 0", replies);

if (reply.is_positive())
{
reply = process_command("PROT P", replies);
}
}

/* Set the configured transfer type. */
if (reply.is_positive())
{
Expand Down
26 changes: 12 additions & 14 deletions test/client.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1115,9 +1115,7 @@ TEST_F(ssl_client, open_connection)
for (int i = 0; i < 5; i++)
{
check_reply(client.connect("127.0.0.1", 2142), CRLF("220 FTP server is ready.",
"234 AUTH TLS successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private"));
"234 AUTH TLS successful."));
ASSERT_TRUE(client.is_connected());

check_reply(client.disconnect(), "221 Goodbye.");
Expand All @@ -1128,10 +1126,10 @@ TEST_F(ssl_client, open_connection)
{
check_reply(client.connect("127.0.0.1", 2142, "alice", "password"), CRLF("220 FTP server is ready.",
"234 AUTH TLS successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private",
"331 Username ok, send password.",
"230 Login successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private",
"200 Type set to: Binary."));
ASSERT_TRUE(client.is_connected());

Expand Down Expand Up @@ -1205,12 +1203,12 @@ TEST_F(ssl_client, no_certificate_verification)
ftp::client client(std::move(ssl_context));

check_reply(client.connect("127.0.0.1", 2142), CRLF("220 FTP server is ready.",
"234 AUTH TLS successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private"));
"234 AUTH TLS successful."));

check_reply(client.login("user", "password"), CRLF("331 Username ok, send password.",
"230 Login successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private",
"200 Type set to: Binary."));

check_reply(client.disconnect(), "221 Goodbye.");
Expand Down Expand Up @@ -1262,9 +1260,7 @@ TEST_P(ssl_client_parameterized, get_file_list)
ftp::client client(mode, type, std::move(ssl_context), rfc2428_support);

check_reply(client.connect("127.0.0.1", 2142), CRLF("220 FTP server is ready.",
"234 AUTH TLS successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private"));
"234 AUTH TLS successful."));

std::string type_reply;
if (type == ftp::transfer_type::binary)
Expand All @@ -1278,6 +1274,8 @@ TEST_P(ssl_client_parameterized, get_file_list)

check_reply(client.login("user", "password"), CRLF("331 Username ok, send password.",
"230 Login successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private",
type_reply));

ftp::file_list_reply reply = client.get_file_list(".", true);
Expand Down Expand Up @@ -1305,9 +1303,7 @@ TEST_P(ssl_client_parameterized, upload_download_file)
ftp::client client(mode, type, std::move(ssl_context), rfc2428_support);

check_reply(client.connect("127.0.0.1", 2142), CRLF("220 FTP server is ready.",
"234 AUTH TLS successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private"));
"234 AUTH TLS successful."));

std::string type_reply;
if (type == ftp::transfer_type::binary)
Expand All @@ -1325,6 +1321,8 @@ TEST_P(ssl_client_parameterized, upload_download_file)

check_reply(client.login("user", "password"), CRLF("331 Username ok, send password.",
"230 Login successful.",
"200 PBSZ=0 successful.",
"200 Protection set to Private",
type_reply));

std::string content = "line1\r\nline2";
Expand Down

0 comments on commit 4ad48ca

Please sign in to comment.