Oberon || Library || Module Index || Search Engine || Definition || Module


Ulm's Oberon Library:
FTPDataStreams


NAME

FTPDataStreams - implementation of FTP data streams

SYNOPSIS

PROCEDURE AddHandler(session: FTPSessions.Session;
                     me, peer: Internet.InetAddress);
PROCEDURE SuppressEarlyConnects(session: FTPSessions.Session);
PROCEDURE Open(VAR s: Streams.Stream;
               session: FTPSessions.Session) : BOOLEAN;

DESCRIPTION

FTPDataStreams provides a Messages handler for FTPSessions objects that implements the FTP requests FTPCommands.pasv and FTPCommands.port.

AddHandler is to be called shortly after FTPSessions.Create for session. The IP address me is used for newly opened ports at the server side (command FTPCommands.pasv) and peer is checked against the IP address given by the client side (command FTPCommands.port).

By default, FTPDataStreams initiates immediately a connection to a port specified by the PORT command to speed up FTP sessions. Some FTP clients are not prepared for this and SuppressEarlyConnects requests to suppress this technique. But note that this suppression takes automatically place on the first failure of a try to connect early. Failures are usually survived by retrying a connect when the data connect is needed.

Open opens a previously established data stream connection for a file transfer. FTPDataStreams does not distinguish between uploads and downloads and provides a bidirectional stream instead.

FTPDataStreams supports FTPTimerEvents by resetting the timer in case of successful connections.

DIAGNOSTICS

Open returns FALSE if there is no data channel present, or if the connection could not be established. Please note that network problems in connecting to a given port (FTPCommands.port command) may be delayed because all socket operations are done asynchronously.

SECURITY CONSIDERATIONS

Out-of-band channels for data transfers, while required by the FTP protocol, enable a large number of possible attacks. Despite that relaying of FTP data transfers was in mind by the designers of the FTP protocol, it is rejected by the handler to avoid the utilization of FTP servers for networks attacks on arbitrary third-party network services. Hence FTPCommands.port requests are accepted only if

Sniffers that are observing the main connection could try to open the ports that were specified by FTPCommands.port or FTPCommands.pasv commands in parallel. Following insufficient defense is provided for the FTPCommands.pasv command:

Similar checks should be applied on the client side in case of FTPCommands.port requests.

SEE ALSO

FTPUnixFileSystems
handler that supports file transfers on base of this module.

Edited by: borchert, last change: 2003/07/10, revision: 1.4, converted to HTML: 2003/07/10

Oberon || Library || Module Index || Search Engine || Definition || Module