[Twisted-Python] FTP client with TLS

Robert Penz robert.penz at outertech.com
Fri Jun 6 12:01:47 MDT 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Friday 06 June 2003 19:04, Jp Calderone wrote:

>   If FTP TLS is anything like TLS in SMTP or IMAP or POP, the client issues
> a command like "starttls" then issues no further commands until the server
> acknowledges this, at which point some level of encryption is negotiated
> and the remainder of the session is so encrypted.
yes and no ;-)

you can only encrypted the control channel in that case you're right, but not 
if you e.g. want to encrypt all data, or only the directory listing but not 
the data transfers. In both of that cases you need at leasted sometimes 
encrypt the data connection too.

>   In this case, adding support for TLS to Twisted's FTP should be very
> straightforward.  All that is required is a call to the transport object's
> startTLS() method at the appropriate time.  There may be complications due
> to the additional connections FTP creates, but this is the basic gist of
> things.
that should work for control connection only encryption. 

>   Just to clarify (I can't tell if you're aware or not), Twisted uses
> PyOpenSSL for TLS, not m2crypto.
I've tested m2crypto not because I thought its used in twisted, but as it 
provides ftp via tls.


- -- 
Regards,
Robert
- ----------------
Robert Penz
robert.penz AT outertech.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+4NcU8tTsQqJDUBMRAjjDAJsEX3wPNIv6lfxqdSDDezFjGH/reQCeLXnq
YEjjAQQyn8uNKUQ42wR3M7c=
=nuzz
-----END PGP SIGNATURE-----





More information about the Twisted-Python mailing list