Dart.Ftp Namespace : EncryptControl Enumeration |
Public Enum EncryptControl Inherits System.Enum
Dim instance As EncryptControl
public enum EncryptControl : System.Enum
public enum class EncryptControl : public System.Enum
Member | Description |
---|---|
Explicit | Encryption will be negotiated in Ftp.Authenticate based on the response to a FEAT command. |
ExplicitSsl | Encryption will be negotiated in Ftp.Authenticate using "AUTH SSL" (only). |
ExplicitTls | Encryption will be negotiated in Ftp.Authenticate using "AUTH TLS" (only). |
ExplicitTlsC | Encryption will be negotiated in Ftp.Authenticate using "AUTH TLS-C" (only). Legacy command synonymous with "AUTH TLS". |
ExplicitTlsP | Encryption will be negotiated in Ftp.Authenticate using "AUTH TLS-P" (only). Legacy command synonymous with "AUTH SSL". |
Implicit | Encryption will be negotiated immediately after establishing the control connection with the server. |
None | No encryption is to be used. |
With implicit security, it is understood that both the client and the server will use TLS/SSL for the entire session. The client connects, the SSL handshake occurs, and (if successful) secure communication continues for the session. For this reason, implicit encryption typically must use a different port (the well-known port of 990).
With explicit security, secure communication occurs only after some preliminary negotiation in the clear. The client connects normally to the FTP server on the well-known port of 21 and issues the AUTH command along with the security mechanism (such as TLS) that the client would like to use. If the server supports this mechanism and responds positively, secure communication continues for the rest of the session.
EncryptControl.Explicit will select the AUTH command from the server's response to a FEAT command in the order of preference: "AUTH TLS", "AUTH TLS-C", "AUTH SSL" or "AUTH TLS-P", and will fallback to "AUTH TLS" if the server does not advertise any.
Despite that some legacy AUTH arguments imply data channel encryption, it is controlled solely by the value of FtpSecurity.EncryptData; when it is false, data channel encryption will be explicitly disabled.
using System.Security.Cryptography.X509Certificates; using System.Security.Authentication; using System.Net.Security; /// <summary> /// Connects to an Ftp server, optionally using encryption (Explicit/Implicit), and authenticates the user. /// </summary> /// <param name="myFtp">The Ftp instance to connect and authenticate</param> /// <param name="hostNameOrAddress">The server's hostname or IP address</param> /// <param name="port">Port that the server is listening on. Usually 21 for Explicit or non-secure, 990 for Implicit.</param> /// <param name="username">Username</param> /// <param name="password">Password</param> /// <param name="encryptControl">Controls whether SSL/TLS is used, and the implementation. None/Explicit/Implicit.</param> /// <param name="encryptData">Controls whether the data channel is encrypted.</param> private void ConnectFtp(Ftp myFtp, string hostNameOrAddress, int port, string username, string password, EncryptControl encryptControl, bool encryptData) { //Set the server address myFtp.Session.RemoteEndPoint = new IPEndPoint(hostNameOrAddress, port); if (encryptControl != EncryptControl.None) { //Set the control channel's security protocol - Implicit/Explicit myFtp.Session.Security.EncryptControl = encryptControl; //Set whether the data channel should be encrypted. This may or may not be required by your FTP server. myFtp.Session.Security.EncryptData = encryptData; //Optionally set the protocols available for SSL/TLS negotiation (defaults to SslProtocols.Default) //TLS 1.1/1.2 requires .NET 4.5+. See the SslProtocols MSDN documentation for more information. myFtp.Session.Security.Protocols = SslProtocols.Tls | SslProtocols.Ssl3; //Specify the server certificate validation callback myFtp.Session.Security.ValidationCallback = remoteCertificateValidation; } //Connect to the server. myFtp.Connect(); //Authenticate the user. myFtp.Authenticate(username, password); } private bool remoteCertificateValidation(Object sender, X509Certificate remoteCertificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { //For this simple snippet, accept all server certificates. Please see the 'Security' top-level help topics for more information, or //the System.Net.Security.RemoteCertificateValidationCallback MSDN documentation. return true; }
Imports System.Security.Cryptography.X509Certificates Imports System.Security.Authentication Imports System.Net.Security ''' <summary> ''' Connects to an Ftp server, optionally using encryption (Explicit/Implicit), and authenticates the user. ''' </summary> ''' <param name="myFtp">The Ftp instance to connect and authenticate</param> ''' <param name="hostNameOrAddress">The server's hostname or IP address</param> ''' <param name="port">Port that the server is listening on. Usually 21 for Explicit or non-secure, 990 for Implicit.</param> ''' <param name="username">Username</param> ''' <param name="password">Password</param> ''' <param name="encryptControl">Controls whether SSL/TLS is used, and the implementation. None/Explicit/Implicit.</param> ''' <param name="encryptData">Controls whether the data channel is encrypted.</param> Private Sub ConnectFtp(ByVal myFtp As Ftp, ByVal hostNameOrAddress As String, ByVal port As Integer, ByVal username As String, ByVal password As String, ByVal encryptControl As EncryptControl, ByVal encryptData As Boolean) 'Set the server address myFtp.Session.RemoteEndPoint = New IPEndPoint(hostNameOrAddress, port) If encryptControl <> Dart.Ftp.EncryptControl.None Then 'Set the control channel's security protocol - Implicit/Explicit myFtp.Session.Security.EncryptControl = encryptControl 'Set whether the data channel should be encrypted. This may or may not be required by your FTP server. myFtp.Session.Security.EncryptData = encryptData 'Optionally set the protocols available for SSL/TLS negotiation (defaults to SslProtocols.Default) 'TLS 1.1/1.2 requires .NET 4.5+. See the SslProtocols MSDN documentation for more information. myFtp.Session.Security.Protocols = SslProtocols.Tls Or SslProtocols.Ssl3 'Specify the server certificate validation callback myFtp.Session.Security.ValidationCallback = AddressOf remoteCertificateValidation End If 'Connect to the server. myFtp.Connect() 'Authenticate the user. myFtp.Authenticate(username, password) End Sub Private Function remoteCertificateValidation(ByVal sender As Object, ByVal remoteCertificate As X509Certificate, ByVal chain As X509Chain, ByVal sslPolicyErrors As SslPolicyErrors) As Boolean 'For this simple snippet, accept all server certificates. Please see the 'Security' top-level help topics for more information, or 'the System.Net.Security.RemoteCertificateValidationCallback MSDN documentation. Return True End Function
System.Object
System.ValueType
System.Enum
Dart.Ftp.EncryptControl