FTP over TLS

Discussion in 'Python' started by Carl Waldbieser, Nov 23, 2005.

  1. Does anyone know of any good examples for writing client side code to upload
    files over a secure FTP connection? I am referring to FTPS, *not* SFTP,
    which I found out the hard way are two different things. I am not really
    all that familiar with FTPS, but from what I understand, when the client
    sends the "AUTH" command, it can request a TLS connection from the server.

    I wasn't sure how to do this in Python, and Googling around didn't really
    produce any useful Python-related results for me.

    Also, is there an independent FTPS client for Linux I could use for testing
    purposes?

    Thanks.
     
    Carl Waldbieser, Nov 23, 2005
    #1
    1. Advertisements

  2. Carl Waldbieser

    Paul Rubin Guest

    The standard is not yet finalized:
    ftp://ftp.rfc-editor.org/in-notes/rfc4217.txt
    I don't know of any Python code that does it. You could adapt the
    existing Python ftp client to use one of the Python TLS packages.
     
    Paul Rubin, Nov 23, 2005
    #2
    1. Advertisements

  3. Carl Waldbieser

    Dima Barsky Guest

    Look at the CURL library, the manual says it supports FTPS, although I
    have not tried it myself:

    http://curl.haxx.se/libcurl/python/

    Hope it helps,
    Dima.
     
    Dima Barsky, Nov 24, 2005
    #3
  4. Carl Waldbieser

    David Isaac Guest

    http://trevp.net/tlslite/

    Alan Isaac
     
    David Isaac, Nov 25, 2005
    #4
  5. Thanks. I have actually looked at this library before. It looks like it
    might be able to do what I want, but my problem is that I don't really
    understand how the protocol itself works very well. I mean, from a high
    level view, I thing something like this happens:

    1) FTP client contacts server, sends command requesting secure connection.
    2) Server responds by sending some sort of public key
    3) Client uses key to encrypt the rest of the communication.

    I don't really understand the nitty-gritty of what's going on, though. I
    can read the API for the library, but I am really lost as to how to use it.

    I didn't see any docs on the site that clarify how it's supposed to be used.
    Did I miss something? Is there somewhere else I should be looking?

    Thanks
     
    Carl Waldbieser, Nov 26, 2005
    #5
  6. Carl Waldbieser

    adam Guest

    I'm not 100% sure whether this answers your problem, but I would ignore
    getting a special TLS module and just concentrate on the ftp side of
    the protocol. If your connection to your ftp server must be in TLS, you
    could modify you socket module similar to how I have using this diff
    (against 2.3.4) as inspiration.

    http://www.ninjatactics.com/python/ssl-patch.txt

    This way, you only need to worry about one thing, not two. I suspect
    then your program flow would become
    1) FTP client contacts server, sends command requesting secure
    connection.
    2) Server responds by sending some sort of request for SSL
    3) SSL your socket to the FTP server
    4) Continue on your merry FTP way.

    -adam
     
    adam, Nov 28, 2005
    #6
  7. Carl Waldbieser

    Paul Rubin Guest

    You could also use something like stunnel (www.stunnel.org) as an
    external tunnel to wrap TLS around the connection.
     
    Paul Rubin, Nov 28, 2005
    #7
  8. That did the trick. pycurl was a little trickier to use than say, urllib,
    but it got the job done. I am going to look into some of the other options
    folks mentioned as well, as many of them seemed interesting.

    Thanks to everyone who helped!
     
    Carl Waldbieser, Nov 28, 2005
    #8
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.