Skip to content

run hostname verifier on FTPS data connection#404

Open
dxbjavid wants to merge 1 commit into
apache:masterfrom
dxbjavid:ftps-data-hostname-verify
Open

run hostname verifier on FTPS data connection#404
dxbjavid wants to merge 1 commit into
apache:masterfrom
dxbjavid:ftps-data-hostname-verify

Conversation

@dxbjavid

Copy link
Copy Markdown
Contributor

When a hostname verifier is installed through setHostnameVerifier, FTPSClient only runs it during the control-connection handshake in sslNegotiation; the data connection opened for each transfer completes its TLS handshake in openDataConnection without ever calling the verifier. As the default trust manager only checks that the certificate is in date and not that the name matches, an in-path attacker on the data port can present any unexpired certificate and the transferred bytes are read or altered even though the caller asked for the server identity to be checked. This runs the same verifier against hostname on the data socket after its handshake, so the data channel honours the check already applied to the control channel.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant