Opened 15 years ago

Closed 3 years ago

#2161 closed Patch (rejected)

Support other FTPS PROT command options

Reported by: kevanb Owned by:
Priority: normal Component: FileZilla Client
Keywords: Cc: kevanb, albertfc@…
Component version: Operating system type:
Operating system version:

Description (last modified by Tim Kosse)

Per RFC-2228 supports four arguments to PROT:

C - Clear -neither integrity nor privacy
S - Safe - integrity without privacy
E - Confidential - privacy without integrity
P - Private - integrity and privacy

As of release 2.2.8c of FileZilla, if you specify a
remote site as server type "FTP over TLS (explicit
encryption)" (or "over SSL") the client sends "PROT P",
specifying to encrypt both control and data
connections. There should be an option in the client
to choose the level of protection you desire. Some FTP
servers (such as WS_FTP Server) now support allowing a
clear command channel after authentication for
compatibility with FTP application gateways/proxies
found in firewalls and NAT devices.

Attachments (1)

prot_c.diff (4.1 KB) - added by Albert 6 years ago.
Patch for svn revision 5003. Adds support for PROT C command.

Download all attachments as: .zip

Change History (12)

comment:1 Changed 7 years ago by Alexander Schuch

Component: OtherFileZilla Client

comment:2 Changed 7 years ago by Alexander Schuch

Taken from closed duplicate #2387:

"It would be great to choose between 'PROT P' and 'PROT
C' in default settings and for each site in the
manager."

Changed 6 years ago by Albert

Attachment: prot_c.diff added

Patch for svn revision 5003. Adds support for PROT C command.

comment:3 Changed 6 years ago by Albert

Cc: albertfc@… added
Resolution: worksforme
Status: newclosed

Hi,

I've added support for PROT C/P command option. By default, filezilla works as always, using PROT P. If you want to use PROT C, put something like that on your sitemanager.xml

<FileZilla3>

<Servers>

<Server>

[...]
<ProtLevel>C</ProtLevel>
[...]

comment:4 Changed 6 years ago by Albert

Resolution: worksforme
Status: closedreopened

comment:5 Changed 6 years ago by Alexander Schuch

Type: Feature requestPatch

comment:6 Changed 6 years ago by Tim Kosse

I wonder, why not simply use plaintext FTP?

comment:7 Changed 6 years ago by Albert

Here you may find some reasons.

comment:8 Changed 6 years ago by Tim Kosse

Status: reopenedmoreinfo_reopened

Please test it with queued files following a restart of FileZilla, it's not being saved there.

comment:9 Changed 4 years ago by Tim Kosse

Status: reopenedmoreinfo_reopened

comment:10 Changed 3 years ago by Tim Kosse

Description: modified (diff)
Type: PatchFeature request

comment:11 Changed 3 years ago by Tim Kosse

Resolution: rejected
Status: moreinfo_reopenedclosed
Type: Feature requestPatch

PROT C support won't be implemented as it is vulnerable to data connection stealing attacks.

Note: See TracTickets for help on using tickets.