FTPS ( FTP over SSL) Problem with Python's builtin SSL

R

Robert

I need to run FTP over SSL from windows (not shitty sftp via ssh etc!)
as explained on
http://www.ford-hutchinson.com/~fh-1-pfh/ftps-ext.html (good variant
3: FTP_TLS )

I tried to learn from M2Crypto's ftpslib.py (uses OpenSSL - not
Pythons SSL) and made a wrapper for ftplib.FTP using Pythons SSL.

I wrap the cmd socket like:

self.voidcmd('AUTH TLS')
ssl = socket.ssl(self.sock, self.key_file, self.cert_file)
import httplib
self.sock = httplib.FakeSocket(self.sock, ssl)
self.file = self.sock.makefile('rb')

Everything works ok, if I don't SSL the data port connection, but only
the
If I SSL the data port connection too, it almosts work, but ...

self.voidcmd('PBSZ 0')
self.voidcmd('PROT P')

wrap the data connection with SSL:

ssl = socket.ssl(conn, self.key_file, self.cert_file)
import httplib
conn = httplib.FakeSocket(conn, ssl)

than in retrbinary it hangs endless in the last 'return
self.voidresp()'. all data of the retrieved file is already correctly
in my basket! The ftp server just won't send the final '226 Transfer
complete.' on the cmd socket. Why?

def retrbinary(self, cmd, callback, blocksize=8192, rest=None):
self.voidcmd('TYPE I')
conn = self.transfercmd(cmd, rest)
fp = conn.makefile('rb')
while 1:
#data = conn.recv(blocksize)
data = fp.read() #blocksize)
if not data:
break
callback(data)
fp.close()
conn.close()
return self.voidresp()


what could be reason?
The server is a ProFTPD 1.2.9 Server.
I debugged, that the underlying (Shared)socket of the conn object is
really closed.
(If I simly omit the self.voidresp(), I have one file in the box, but
subsequent ftp communication on that connection is not anymore
correct.)

Someone else has already made this FTP over Python's SSL?

Robert
 
R

Robert

fishboy said:
I'm curious. How is sftp bad for you?

SFTP is not "generally bad" (depends on specific case). Yet, it isn't
FTP at all, but uses the unix logon and fakes commands which to do
"something like FTP".
I need real portable FTP only relying on an FTP server. And most
modern FTP servers support FTP over SSL/TLS. An this is widely
considered to be the most "correct" solution.

Still couldn't solve the hang.

I assume somehow the socket with SSL attached does not close correct
in Python's SSL implementation - and this bug doesn't show with normal
sessions like https-urlopen because no one takes care what happens
after the session. Yet the FTP data channel needs to be closed
correctly to trigger a "transfer completed" on the control channel.
What could I do?

Robert
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,992
Messages
2,570,220
Members
46,805
Latest member
ClydeHeld1

Latest Threads

Top