public class FTPSClient extends FTPClient
setHostnameVerifier(HostnameVerifier)
or setEndpointCheckingEnabled(boolean)
(on Java 1.7+) to enable verification. Verification is only performed on client mode connections.FTPClient.HostnameResolver, FTPClient.NatServerResolverImpl
Modifier and Type | Field and Description |
---|---|
private java.lang.String |
auth
The AUTH Command value
|
private static java.lang.String |
CMD_ADAT
The ADAT (Authentication/Security Data) command.
|
private static java.lang.String |
CMD_AUTH
The AUTH (Authentication/Security Mechanism) command.
|
private static java.lang.String |
CMD_CCC
The CCC (Clear Command Channel) command.
|
private static java.lang.String |
CMD_CONF
The CONF (Confidentiality Protected Command) command.
|
private static java.lang.String |
CMD_ENC
The ENC (Privacy Protected Command) command.
|
private static java.lang.String |
CMD_MIC
The MIC (Integrity Protected Command) command.
|
private static java.lang.String |
CMD_PBSZ
The PBSZ (Protection Buffer Size) command.
|
private static java.lang.String |
CMD_PROT
The PROT (Data Channel Protection Level) command.
|
private javax.net.ssl.SSLContext |
context
The context object.
|
static int |
DEFAULT_FTPS_DATA_PORT |
static int |
DEFAULT_FTPS_PORT |
private static java.lang.String |
DEFAULT_PROT
Default PROT Command
|
private static java.lang.String |
DEFAULT_PROTOCOL
Default secure socket protocol name, i.e.
|
private javax.net.ssl.HostnameVerifier |
hostnameVerifier
The
HostnameVerifier to use post-TLS, default null (i.e. |
private boolean |
isClientMode
The use client mode flag.
|
private boolean |
isCreation
Controls whether a new SSL session may be established by this socket.
|
private boolean |
isImplicit
The security mode.
|
private boolean |
isNeedClientAuth
The need client auth flag.
|
private boolean |
isWantClientAuth
The want client auth flag.
|
private javax.net.ssl.KeyManager |
keyManager
The
KeyManager , default null (i.e. |
static java.lang.String |
KEYSTORE_ALGORITHM
Deprecated.
- not used - may be removed in a future release
|
private java.net.Socket |
plainSocket
The socket object.
|
private static java.lang.String[] |
PROT_COMMAND_VALUE
The value that I can set in PROT command (C = Clear, P = Protected)
|
private java.lang.String |
protocol
The secure socket protocol to be used, e.g.
|
private java.lang.String[] |
protocols
The protocol versions
|
static java.lang.String |
PROVIDER
Deprecated.
- not used - may be removed in a future release
|
static java.lang.String |
STORE_TYPE
Deprecated.
- not used - may be removed in a future release
|
private java.lang.String[] |
suites
The cipher suites
|
private boolean |
tlsEndpointChecking
Use Java 1.7+ HTTPS Endpoint Identification Algorithim.
|
private javax.net.ssl.TrustManager |
trustManager
The FTPS
TrustManager implementation, default validate only
TrustManagerUtils.getValidateServerCertificateTrustManager() . |
static java.lang.String |
TRUSTSTORE_ALGORITHM
Deprecated.
- not used - may be removed in a future release
|
ACTIVE_LOCAL_DATA_CONNECTION_MODE, ACTIVE_REMOTE_DATA_CONNECTION_MODE, FTP_SYSTEM_TYPE, FTP_SYSTEM_TYPE_DEFAULT, PASSIVE_LOCAL_DATA_CONNECTION_MODE, PASSIVE_REMOTE_DATA_CONNECTION_MODE, SYSTEM_TYPE_PROPERTIES
_commandSupport_, _controlEncoding, _controlInput_, _controlOutput_, _newReplyString, _replyCode, _replyLines, _replyString, ASCII_FILE_TYPE, BINARY_FILE_TYPE, BLOCK_TRANSFER_MODE, CARRIAGE_CONTROL_TEXT_FORMAT, COMPRESSED_TRANSFER_MODE, DEFAULT_CONTROL_ENCODING, DEFAULT_DATA_PORT, DEFAULT_PORT, EBCDIC_FILE_TYPE, FILE_STRUCTURE, LOCAL_FILE_TYPE, NON_PRINT_TEXT_FORMAT, PAGE_STRUCTURE, RECORD_STRUCTURE, REPLY_CODE_LEN, STREAM_TRANSFER_MODE, strictMultilineParsing, TELNET_TEXT_FORMAT
_defaultPort_, _hostname_, _input_, _output_, _serverSocketFactory_, _socket_, _socketFactory_, _timeout_, connectTimeout, NETASCII_EOL
Constructor and Description |
---|
FTPSClient()
Constructor for FTPSClient, calls
FTPSClient(String, boolean) . |
FTPSClient(boolean isImplicit)
Constructor for FTPSClient, using
DEFAULT_PROTOCOL - i.e. |
FTPSClient(boolean isImplicit,
javax.net.ssl.SSLContext context)
Constructor for FTPSClient, using
DEFAULT_PROTOCOL - i.e. |
FTPSClient(javax.net.ssl.SSLContext context)
Constructor for FTPSClient, using
DEFAULT_PROTOCOL - i.e. |
FTPSClient(java.lang.String protocol)
Constructor for FTPSClient, using explict mode, calls
FTPSClient(String, boolean) . |
FTPSClient(java.lang.String protocol,
boolean isImplicit)
Constructor for FTPSClient allowing specification of protocol
and security mode.
|
Modifier and Type | Method and Description |
---|---|
protected void |
_connectAction_()
Because there are so many connect() methods,
the _connectAction_() method is provided as a means of performing
some action immediately after establishing a connection,
rather than reimplementing all of the connect() methods.
|
protected java.net.Socket |
_openDataConnection_(int command,
java.lang.String arg)
Deprecated.
(3.3) Use
FTPClient._openDataConnection_(FTPCmd, String) instead |
protected java.net.Socket |
_openDataConnection_(java.lang.String command,
java.lang.String arg)
Returns a socket of the data connection.
|
protected void |
_prepareDataSocket_(java.net.Socket socket)
Performs any custom initialization for a newly created SSLSocket (before
the SSL handshake happens).
|
private boolean |
checkPROTValue(java.lang.String prot)
Check the value that can be set in PROT Command value.
|
void |
disconnect()
Closes the connection to the FTP server and restores
connection parameters to the default values.
|
int |
execADAT(byte[] data)
Send the ADAT command with the specified authentication data.
|
protected void |
execAUTH()
AUTH command.
|
int |
execAUTH(java.lang.String mechanism)
Send the AUTH command with the specified mechanism.
|
int |
execCCC()
Send the CCC command to the server.
|
int |
execCONF(byte[] data)
Send the CONF command with the specified data.
|
int |
execENC(byte[] data)
Send the ENC command with the specified data.
|
int |
execMIC(byte[] data)
Send the MIC command with the specified data.
|
void |
execPBSZ(long pbsz)
PBSZ command.
|
void |
execPROT(java.lang.String prot)
PROT command.
|
private java.lang.String |
extractPrefixedData(java.lang.String prefix,
java.lang.String reply)
Extract the data from a reply with a prefix, e.g.
|
java.lang.String |
getAuthValue()
Return AUTH command use value.
|
java.lang.String[] |
getEnabledCipherSuites()
Returns the names of the cipher suites which could be enabled
for use on this connection.
|
java.lang.String[] |
getEnabledProtocols()
Returns the names of the protocol versions which are currently
enabled for use on this connection.
|
boolean |
getEnableSessionCreation()
Returns true if new SSL sessions may be established by this socket.
|
javax.net.ssl.HostnameVerifier |
getHostnameVerifier()
Get the currently configured
HostnameVerifier . |
private javax.net.ssl.KeyManager |
getKeyManager()
Get the
KeyManager instance. |
boolean |
getNeedClientAuth()
Returns true if the socket will require client authentication.
|
javax.net.ssl.TrustManager |
getTrustManager()
Get the currently configured
TrustManager . |
boolean |
getUseClientMode()
Returns true if the socket is set to use client mode
in its first handshake.
|
boolean |
getWantClientAuth()
Returns true if the socket will request client authentication.
|
private void |
initSslContext()
Performs a lazy init of the SSL context
|
boolean |
isEndpointCheckingEnabled()
Return whether or not endpoint identification using the HTTPS algorithm
on Java 1.7+ is enabled.
|
byte[] |
parseADATReply(java.lang.String reply)
Parses the given ADAT response line and base64-decodes the data.
|
long |
parsePBSZ(long pbsz)
PBSZ command.
|
int |
sendCommand(java.lang.String command,
java.lang.String args)
Send an FTP command.
|
void |
setAuthValue(java.lang.String auth)
Set AUTH command use value.
|
void |
setEnabledCipherSuites(java.lang.String[] cipherSuites)
Controls which particular cipher suites are enabled for use on this
connection.
|
void |
setEnabledProtocols(java.lang.String[] protocolVersions)
Controls which particular protocol versions are enabled for use on this
connection.
|
void |
setEnabledSessionCreation(boolean isCreation)
Controls whether a new SSL session may be established by this socket.
|
void |
setEndpointCheckingEnabled(boolean enable)
Automatic endpoint identification checking using the HTTPS algorithm
is supported on Java 1.7+.
|
void |
setHostnameVerifier(javax.net.ssl.HostnameVerifier newHostnameVerifier)
Override the default
HostnameVerifier to use. |
void |
setKeyManager(javax.net.ssl.KeyManager keyManager)
Set a
KeyManager to use |
void |
setNeedClientAuth(boolean isNeedClientAuth)
Configures the socket to require client authentication.
|
void |
setTrustManager(javax.net.ssl.TrustManager trustManager)
Override the default
TrustManager to use; if set to null ,
the default TrustManager from the JVM will be used. |
void |
setUseClientMode(boolean isClientMode)
Configures the socket to use client (or server) mode in its first
handshake.
|
void |
setWantClientAuth(boolean isWantClientAuth)
Configures the socket to request client authentication,
but only if such a request is appropriate to the cipher
suite negotiated.
|
protected void |
sslNegotiation()
SSL/TLS negotiation.
|
__createParser, __parsePathname, _connectAction_, _openDataConnection_, _parseExtendedPassiveModeReply, _parsePassiveModeReply, _retrieveFile, _retrieveFileStream, _storeFile, _storeFileStream, abort, allocate, allocate, appendFile, appendFileStream, changeToParentDirectory, changeWorkingDirectory, completePendingCommand, configure, deleteFile, doCommand, doCommandAsStrings, enterLocalActiveMode, enterLocalPassiveMode, enterRemoteActiveMode, enterRemotePassiveMode, features, featureValue, featureValues, getAutodetectUTF8, getBufferSize, getControlKeepAliveReplyTimeout, getControlKeepAliveTimeout, getCopyStreamListener, getDataConnectionMode, getEntryParser, getListArguments, getListHiddenFiles, getModificationTime, getPassiveHost, getPassiveLocalIPAddress, getPassivePort, getReceiveDataSocketBufferSize, getRestartOffset, getSendDataSocketBufferSize, getStatus, getStatus, getSystemName, getSystemType, hasFeature, hasFeature, initiateListParsing, initiateListParsing, initiateListParsing, isRemoteVerificationEnabled, isUseEPSVwithIPv4, listDirectories, listDirectories, listFiles, listFiles, listFiles, listHelp, listHelp, listNames, listNames, login, login, logout, makeDirectory, mdtmFile, mlistDir, mlistDir, mlistDir, mlistFile, printWorkingDirectory, reinitialize, remoteAppend, remoteRetrieve, remoteStore, remoteStoreUnique, remoteStoreUnique, removeDirectory, rename, restart, retrieveFile, retrieveFileStream, sendNoOp, sendSiteCommand, setActiveExternalIPAddress, setActivePortRange, setAutodetectUTF8, setBufferSize, setControlKeepAliveReplyTimeout, setControlKeepAliveTimeout, setCopyStreamListener, setDataTimeout, setFileStructure, setFileTransferMode, setFileType, setFileType, setListHiddenFiles, setModificationTime, setParserFactory, setPassiveLocalIPAddress, setPassiveLocalIPAddress, setPassiveNatWorkaround, setPassiveNatWorkaroundStrategy, setReceieveDataSocketBufferSize, setRemoteVerificationEnabled, setReportActiveExternalIPAddress, setRestartOffset, setSendDataSocketBufferSize, setUseEPSVwithIPv4, storeFile, storeFileStream, storeUniqueFile, storeUniqueFile, storeUniqueFileStream, storeUniqueFileStream, structureMount
__getReplyNoReport, __noop, abor, acct, allo, allo, appe, cdup, cwd, dele, eprt, epsv, feat, getCommandSupport, getControlEncoding, getReply, getReplyCode, getReplyString, getReplyStrings, help, help, isStrictMultilineParsing, isStrictReplyParsing, list, list, mdtm, mfmt, mkd, mlsd, mlsd, mlst, mlst, mode, nlst, nlst, noop, pass, pasv, port, pwd, quit, rein, rest, retr, rmd, rnfr, rnto, sendCommand, sendCommand, sendCommand, sendCommand, sendCommand, setControlEncoding, setStrictMultilineParsing, setStrictReplyParsing, site, smnt, stat, stat, stor, stou, stou, stru, syst, type, type, user
addProtocolCommandListener, connect, connect, connect, connect, connect, connect, createCommandSupport, fireCommandSent, fireReplyReceived, getCharset, getCharsetName, getConnectTimeout, getDefaultPort, getDefaultTimeout, getKeepAlive, getLocalAddress, getLocalPort, getProxy, getReceiveBufferSize, getRemoteAddress, getRemotePort, getSendBufferSize, getServerSocketFactory, getSoLinger, getSoTimeout, getTcpNoDelay, isAvailable, isConnected, removeProtocolCommandListener, setCharset, setConnectTimeout, setDefaultPort, setDefaultTimeout, setKeepAlive, setProxy, setReceiveBufferSize, setSendBufferSize, setServerSocketFactory, setSocketFactory, setSoLinger, setSoTimeout, setTcpNoDelay, verifyRemote
public static final int DEFAULT_FTPS_DATA_PORT
public static final int DEFAULT_FTPS_PORT
private static final java.lang.String[] PROT_COMMAND_VALUE
private static final java.lang.String DEFAULT_PROT
private static final java.lang.String DEFAULT_PROTOCOL
private static final java.lang.String CMD_AUTH
private static final java.lang.String CMD_ADAT
private static final java.lang.String CMD_PROT
private static final java.lang.String CMD_PBSZ
private static final java.lang.String CMD_MIC
private static final java.lang.String CMD_CONF
private static final java.lang.String CMD_ENC
private static final java.lang.String CMD_CCC
private final boolean isImplicit
private final java.lang.String protocol
private java.lang.String auth
private javax.net.ssl.SSLContext context
private java.net.Socket plainSocket
private boolean isCreation
private boolean isClientMode
private boolean isNeedClientAuth
private boolean isWantClientAuth
private java.lang.String[] suites
private java.lang.String[] protocols
private javax.net.ssl.TrustManager trustManager
TrustManager
implementation, default validate only
TrustManagerUtils.getValidateServerCertificateTrustManager()
.private javax.net.ssl.KeyManager keyManager
KeyManager
, default null (i.e. use system default).private javax.net.ssl.HostnameVerifier hostnameVerifier
HostnameVerifier
to use post-TLS, default null (i.e. no verification).private boolean tlsEndpointChecking
@Deprecated public static java.lang.String KEYSTORE_ALGORITHM
@Deprecated public static java.lang.String TRUSTSTORE_ALGORITHM
@Deprecated public static java.lang.String PROVIDER
@Deprecated public static java.lang.String STORE_TYPE
public FTPSClient()
FTPSClient(String, boolean)
.
Sets protocol to DEFAULT_PROTOCOL
- i.e. TLS - and security mode to explicit (isImplicit = false)public FTPSClient(boolean isImplicit)
DEFAULT_PROTOCOL
- i.e. TLS
Calls FTPSClient(String, boolean)
isImplicit
- The security mode (Implicit/Explicit).public FTPSClient(java.lang.String protocol)
FTPSClient(String, boolean)
.protocol
- the protocol to usepublic FTPSClient(java.lang.String protocol, boolean isImplicit)
DEFAULT_FTPS_PORT
i.e. 990.
The default TrustManager is set from TrustManagerUtils.getValidateServerCertificateTrustManager()
protocol
- the protocolisImplicit
- The security mode(Implicit/Explicit).public FTPSClient(boolean isImplicit, javax.net.ssl.SSLContext context)
DEFAULT_PROTOCOL
- i.e. TLS
The default TrustManager is set from TrustManagerUtils.getValidateServerCertificateTrustManager()
isImplicit
- The security mode(Implicit/Explicit).context
- A pre-configured SSL Contextpublic FTPSClient(javax.net.ssl.SSLContext context)
DEFAULT_PROTOCOL
- i.e. TLS
and isImplicit false
Calls FTPSClient(boolean, SSLContext)
context
- A pre-configured SSL Contextpublic void setAuthValue(java.lang.String auth)
auth
- AUTH command use value.public java.lang.String getAuthValue()
protected void _connectAction_() throws java.io.IOException
_connectAction_
in class FTPClient
java.io.IOException
- If it throw by _connectAction_.SocketClient._connectAction_()
protected void execAUTH() throws javax.net.ssl.SSLException, java.io.IOException
javax.net.ssl.SSLException
- If it server reply code not equal "234" and "334".java.io.IOException
- If an I/O error occurs while either sending
the command.private void initSslContext() throws java.io.IOException
java.io.IOException
protected void sslNegotiation() throws java.io.IOException
java.io.IOException
- If server negotiation failsprivate javax.net.ssl.KeyManager getKeyManager()
KeyManager
instance.KeyManager
instancepublic void setKeyManager(javax.net.ssl.KeyManager keyManager)
KeyManager
to usekeyManager
- The KeyManager implementation to set.KeyManagerUtils
public void setEnabledSessionCreation(boolean isCreation)
isCreation
- The established socket flag.public boolean getEnableSessionCreation()
Socket
instance is not SSL-enabled (i.e. an
instance of SSLSocket
with SSLSocket
getEnableSessionCreation()
) enabled,
this returns False.public void setNeedClientAuth(boolean isNeedClientAuth)
isNeedClientAuth
- The need client auth flag.public boolean getNeedClientAuth()
Socket
is not an SSLSocket
instance, returns false.public void setWantClientAuth(boolean isWantClientAuth)
isWantClientAuth
- The want client auth flag.public boolean getWantClientAuth()
Socket
is not an SSLSocket
instance, returns false.public void setUseClientMode(boolean isClientMode)
isClientMode
- The use client mode flag.public boolean getUseClientMode()
Socket
is not an SSLSocket
instance, returns false.public void setEnabledCipherSuites(java.lang.String[] cipherSuites)
cipherSuites
- The cipher suites.public java.lang.String[] getEnabledCipherSuites()
Socket
is not an SSLSocket
instance, returns null.null
public void setEnabledProtocols(java.lang.String[] protocolVersions)
protocolVersions
- The protocol versions.public java.lang.String[] getEnabledProtocols()
Socket
is not an SSLSocket
instance, returns null.null
public void execPBSZ(long pbsz) throws javax.net.ssl.SSLException, java.io.IOException
pbsz
- Protection Buffer Size.javax.net.ssl.SSLException
- If the server reply code does not equal "200".java.io.IOException
- If an I/O error occurs while sending
the command.parsePBSZ(long)
public long parsePBSZ(long pbsz) throws javax.net.ssl.SSLException, java.io.IOException
pbsz
- Protection Buffer Size.javax.net.ssl.SSLException
- If the server reply code does not equal "200".java.io.IOException
- If an I/O error occurs while sending
the command.execPBSZ(long)
public void execPROT(java.lang.String prot) throws javax.net.ssl.SSLException, java.io.IOException
SocketClient.setSocketFactory(javax.net.SocketFactory)
and
SocketClient.setServerSocketFactory(javax.net.ServerSocketFactory)
prot
- Data Channel Protection Level, if null
, use DEFAULT_PROT
.javax.net.ssl.SSLException
- If the server reply code does not equal 200
.java.io.IOException
- If an I/O error occurs while sending
the command.private boolean checkPROTValue(java.lang.String prot)
prot
- Data Channel Protection Level.public int sendCommand(java.lang.String command, java.lang.String args) throws java.io.IOException
SSLSocket
instance to be assigned to a plain Socket
sendCommand
in class FTP
command
- The FTP command.args
- The arguments to the FTP command. If this parameter is
set to null, then the command is sent with no argument.java.io.IOException
- If an I/O error occurs while sending the command.javax.net.ssl.SSLException
- if a CCC command failsFTP.sendCommand(java.lang.String)
@Deprecated protected java.net.Socket _openDataConnection_(int command, java.lang.String arg) throws java.io.IOException
FTPClient._openDataConnection_(FTPCmd, String)
insteadSSLSocket
, which carries out handshake processing._openDataConnection_
in class FTPClient
command
- The int representation of the FTP command to send.arg
- The arguments to the FTP command.
If this parameter is set to null, then the command is sent with
no arguments.java.io.IOException
- If there is any problem with the connection.FTPClient._openDataConnection_(int, String)
protected java.net.Socket _openDataConnection_(java.lang.String command, java.lang.String arg) throws java.io.IOException
SSLSocket
, which carries out handshake processing._openDataConnection_
in class FTPClient
command
- The textual representation of the FTP command to send.arg
- The arguments to the FTP command.
If this parameter is set to null, then the command is sent with
no arguments.java.io.IOException
- If there is any problem with the connection.FTPClient._openDataConnection_(int, String)
protected void _prepareDataSocket_(java.net.Socket socket) throws java.io.IOException
_openDataConnection_(int, String)
immediately
after creating the socket.
The default implementation is a no-opsocket
- the socket to set upjava.io.IOException
- on errorpublic javax.net.ssl.TrustManager getTrustManager()
TrustManager
.public void setTrustManager(javax.net.ssl.TrustManager trustManager)
TrustManager
to use; if set to null
,
the default TrustManager from the JVM will be used.trustManager
- The TrustManager implementation to set, may be null
TrustManagerUtils
public javax.net.ssl.HostnameVerifier getHostnameVerifier()
HostnameVerifier
.
The verifier is only used on client mode connections.public void setHostnameVerifier(javax.net.ssl.HostnameVerifier newHostnameVerifier)
HostnameVerifier
to use.
The verifier is only used on client mode connections.newHostnameVerifier
- The HostnameVerifier implementation to set or null
to disable.public boolean isEndpointCheckingEnabled()
public void setEndpointCheckingEnabled(boolean enable)
enable
- Enable automatic endpoint identification checking using the HTTPS algorithm on Java 1.7+.public void disconnect() throws java.io.IOException
Calls setSocketFactory(null)
and setServerSocketFactory(null)
to reset the factories that may have been changed during the session,
e.g. by execPROT(String)
disconnect
in class FTPClient
java.io.IOException
- If an error occurs while disconnecting.public int execAUTH(java.lang.String mechanism) throws java.io.IOException
mechanism
- The mechanism name to send with the command.java.io.IOException
- If an I/O error occurs while sending
the command.public int execADAT(byte[] data) throws java.io.IOException
data
- The data to send with the command.java.io.IOException
- If an I/O error occurs while sending
the command.public int execCCC() throws java.io.IOException
SSLSocket
instance to be assigned
to a plain Socket
instancesjava.io.IOException
- If an I/O error occurs while sending
the command.public int execMIC(byte[] data) throws java.io.IOException
data
- The data to send with the command.java.io.IOException
- If an I/O error occurs while sending
the command.public int execCONF(byte[] data) throws java.io.IOException
data
- The data to send with the command.java.io.IOException
- If an I/O error occurs while sending
the command.public int execENC(byte[] data) throws java.io.IOException
data
- The data to send with the command.java.io.IOException
- If an I/O error occurs while sending
the command.public byte[] parseADATReply(java.lang.String reply)
reply
- The ADAT reply to parse.private java.lang.String extractPrefixedData(java.lang.String prefix, java.lang.String reply)
prefix
- the prefix to findreply
- where to find the prefix