Opened 20 years ago

Closed 8 years ago

#2161 closed Patch (rejected)

Support other FTPS PROT command options

Reported by: kevanb Owned by:
Priority: normal Component: FileZilla Client
Keywords: Cc: kevanb, albertfc@…
Component version: Operating system type:
Operating system version:

Description (last modified by Tim Kosse)

Per RFC-2228 supports four arguments to PROT:

C - Clear -neither integrity nor privacy
S - Safe - integrity without privacy
E - Confidential - privacy without integrity
P - Private - integrity and privacy

As of release 2.2.8c of FileZilla, if you specify a
remote site as server type "FTP over TLS (explicit
encryption)" (or "over SSL") the client sends "PROT P",
specifying to encrypt both control and data
connections. There should be an option in the client
to choose the level of protection you desire. Some FTP
servers (such as WS_FTP Server) now support allowing a
clear command channel after authentication for
compatibility with FTP application gateways/proxies
found in firewalls and NAT devices.

Attachments (1)

prot_c.diff (4.1 KB ) - added by Albert 12 years ago.
Patch for svn revision 5003. Adds support for PROT C command.

Download all attachments as: .zip

Change History (12)

comment:1 by Alexander Schuch, 12 years ago

Component: OtherFileZilla Client

comment:2 by Alexander Schuch, 12 years ago

Taken from closed duplicate #2387:

"It would be great to choose between 'PROT P' and 'PROT
C' in default settings and for each site in the
manager."

by Albert, 12 years ago

Attachment: prot_c.diff added

Patch for svn revision 5003. Adds support for PROT C command.

comment:3 by Albert, 12 years ago

Cc: albertfc@… added
Resolution: worksforme
Status: newclosed

Hi,

I've added support for PROT C/P command option. By default, filezilla works as always, using PROT P. If you want to use PROT C, put something like that on your sitemanager.xml

<FileZilla3>

<Servers>

<Server>

[...]
<ProtLevel>C</ProtLevel>
[...]

comment:4 by Albert, 12 years ago

Resolution: worksforme
Status: closedreopened

comment:5 by Alexander Schuch, 12 years ago

Type: Feature requestPatch

comment:6 by Tim Kosse, 12 years ago

I wonder, why not simply use plaintext FTP?

comment:7 by Albert, 12 years ago

Here you may find some reasons.

comment:8 by Tim Kosse, 11 years ago

Status: reopenedmoreinfo_reopened

Please test it with queued files following a restart of FileZilla, it's not being saved there.

comment:9 by Tim Kosse, 10 years ago

Status: reopenedmoreinfo_reopened

comment:10 by Tim Kosse, 8 years ago

Description: modified (diff)
Type: PatchFeature request

comment:11 by Tim Kosse, 8 years ago

Resolution: rejected
Status: moreinfo_reopenedclosed
Type: Feature requestPatch

PROT C support won't be implemented as it is vulnerable to data connection stealing attacks.

Note: See TracTickets for help on using tickets.