Author giampaolo.rodola
Recipients giampaolo.rodola, gregory.p.smith, iElectric, janssen, jeffo, josiah.carlson, josiahcarlson, lgedgar, lszyba1, pitrou, qwavel, roberte, twhitema
Date 2009-11-06.23:51:39
SpamBayes Score 1.14694e-08
Marked as misclassified No
Message-id <1257551501.75.0.239362050313.issue2054@psf.upfronthosting.co.za>
In-reply-to
Content
Sorry for delay in the response. The latest messages slipped under my 
radar.

> What about AUTH SSL? Or is it too-deprecated?

I'm not sure about this.
TLS is certainly preferred over SSL and RFC-4217 only refers to TLS 
protocol, altough SSL is mentioned in some chapters.

RFC-4217 states:

> As the SSL/TLS protocols self-negotiate their levels, there is no
> need to distinguish between SSL and TLS in the application layer. 
> The mechanism name for negotiating TLS is the character string 
> identified in {TLS-PARM}.
>
> [...]
>
> {TLS-PARM} - The parameter for the AUTH command to indicate that TLS
> is required.  To request the TLS protocol in accordance with this
> document, the client MUST use 'TLS'


If we want to support SSL we could change the current implementation by 
renaming "auth_tls()" method to just "auth" and play with the 
ssl_version attribute, like this:


class FTP_TLS(FTP):
    ssl_version = ssl.PROTOCOL_TLSv1

    def auth(self):
        if self.ssl_version == ssl.PROTOCOL_TLSv1:
            resp = self.voidcmd('AUTH TLS')
        else:
            resp = self.voidcmd('AUTH SSL')
        ...

The user willing to use SSL instead of TLS will have to change 
ssl_version class attribute with "FTP_TLS.ssl_version = 
ssl.PROTOCOL_TLSv1" and then call auth().

Deciding whether rejecting or accepting it will be up to the server 
depending on how it has been configured (almost all recent FTP servers 
reject SSLv2).

> I noticed you were using ftp.python.org in the example strings, but 
> that service doesn't seem to be alive. I don't know if there's another 
> public FTP-TLS server you could rely on...?

Yeah, I know. I just copied from original FTP class docstring.
As of now I'm not aware of any public FTPS server we could use.
History
Date User Action Args
2009-11-06 23:51:41giampaolo.rodolasetrecipients: + giampaolo.rodola, gregory.p.smith, josiahcarlson, janssen, pitrou, josiah.carlson, roberte, iElectric, lszyba1, twhitema, jeffo, qwavel, lgedgar
2009-11-06 23:51:41giampaolo.rodolasetmessageid: <1257551501.75.0.239362050313.issue2054@psf.upfronthosting.co.za>
2009-11-06 23:51:40giampaolo.rodolalinkissue2054 messages
2009-11-06 23:51:39giampaolo.rodolacreate