Transfer files from android with FTPS to the server
I am using the Apache Commons FTP library in my android application
I am making the connection through FTPS, and although it connects perfectly to the server, I have
-
You can try the following code, I hope it will work for your case too.
The code uses Apache Commons vsf2 for uploading file over secure ftp connection (SFTP)
try { String filepath = "<FILE PATH>"; String serverAddress = "<FTP SERVER ADDRESS>"; String userId = "<FTP USER ID>"; String password = "<FTP PASSWORD>"; String remoteDirectory = "<FTP DIRECTORY TO UPLOAD TO>"; String keyPath = "<PATH TO YOUR KEY>"; String passPhrase = "<PASSWORD FOR YOUR KEY>"; File file = new File(filepath); if (!file.exists()) throw new RuntimeException("Error. File not found"); //Initializes the file manager StandardFileSystemManager manager = new StandardFileSystemManager(); manager.init(); //Setup our SFTP configuration FileSystemOptions opts = new FileSystemOptions(); SftpFileSystemConfigBuilder.getInstance().setStrictHostKeyChecking(opts, "no"); SftpFileSystemConfigBuilder.getInstance().setUserDirIsRoot(opts, true); SftpFileSystemConfigBuilder.getInstance().setTimeout(opts, 10000); // Create local file object FileObject localFile = manager.resolveFile(file.getAbsolutePath()); // Create remote file object FileObject remoteFile = manager.resolveFile(createConnectionString(serverAddress, userId, password, keyPath, passPhrase, fileToFTP), createDefaultOptions(keyPath, passPhrase)); // Copy local file to sftp server remoteFile.copyFrom(localFile, Selectors.SELECT_SELF); System.out.println("File upload successful"); } catch (Exception ex) { ex.printStackTrace(); return false; } finally { manager.close(); }You can check more at Apache Commons VFS Documentation
Edited
After understanding the logic behind FTPS and the post by @riyaz-ali and referring to link in your comment to this article
There is a problem with Apache FTP client, it does not support TLS session resumption. You can patch the existing implementation of Apache Commons Library.
You can try the following code steps to get it working:
Add the following patched class to in your project. (This class extends the existing FTPS implementation given in Apache commons with patch)
import java.io.IOException; import java.lang.reflect.Field; import java.lang.reflect.Method; import java.net.Socket; import java.util.Locale; import javax.net.ssl.SSLSession; import javax.net.ssl.SSLSessionContext; import javax.net.ssl.SSLSocket; import org.apache.commons.net.ftp.FTPSClient; import com.google.common.base.Throwables; public class PatchedFTPSClient extends FTPSClient { @Override protected void _prepareDataSocket_(final Socket socket) throws IOException { if(socket instanceof SSLSocket) { final SSLSession session = ((SSLSocket) _socket_).getSession(); final SSLSessionContext context = session.getSessionContext(); try { final Field sessionHostPortCache = context.getClass().getDeclaredField("sessionHostPortCache"); sessionHostPortCache.setAccessible(true); final Object cache = sessionHostPortCache.get(context); final Method method = cache.getClass().getDeclaredMethod("put", Object.class, Object.class); method.setAccessible(true); final String key = String.format("%s:%s", socket.getInetAddress().getHostName(), String.valueOf(socket.getPort())).toLowerCase(Locale.ROOT); method.invoke(cache, key, session); } catch(Exception e) { throw Throwables.propagate(e); } } } }Use this modified code snippet.
TransferImagenesFTP.ftpClient = new PatchedFTPSClient(); TransferImagenesFTP.ftpClient.connect(InetAddress.getByName<SERVER-ADDRESS>"), 26); TransferImagenesFTP.ftpClient.login("<USERNAME>", "<PASSWORD>"); TransferImagenesFTP.ftpClient.execPBSZ(0); TransferImagenesFTP.ftpClient.execPROT("P"); TransferImagenesFTP.ftpClient.enterLocalPassiveMode(); //Now use the FTP client to upload the file as usual.Hope this will work for you and will solve your problem.
讨论(0) -
The problem in your case is that the Apache FTPSClient doesn't support TLS session resumption and , thus, fails when you try to transfer the file.
Understanding the Problem
When you connect to an FTP server over TLS, the server intiates a secure ssl session with the client on the control connection. The client then enter passive mode by sending a
PASVcommand and in response the server opens a random unprivileged port and sends in response the port number to the client. This port represents the data connection. Now to connect to this new port securely, the client must reuse the existing TLS session that it already have with the server on the control connection.Why to reuse the TLS session?
Not requiring session resumption allows session stealing attacks. The problem with FTP is that the data connection does not authenticate the client.
If the server/client doesn't reuse the existing TLS session, it might have been possible for an attacker to connect to the data port instead and upload a malware. So to protect against such attack, the FTP server requires the client to reuse the already established session.In your case, the Apache FTPSClient fails to reuse the session (it's a known issue) and thus the server thinks your client is unauthorized and denies the transfer.
Checkout the Wealthfront post on how to patch and a sample implementation.
Sources:
- Wealthfront [link]
- Slacksite [link]
- FlieZilla Forum [link]
讨论(0)
加载中...
- 热议问题