通过TLS / SSL通过FTP连接到未认证的主机 [英] Connect to uncertified host via FTP over TLS/SSL
问题描述
我正尝试从 net /更新我的代码, ftp
到 net / ftptls
我需要连接的新主机不是我的脚本报告了这个错误。
$ b
hostname与服务器证书不匹配
供应商不会解决这个问题。
观察 /usr/lib/ruby/1.8 /net/ftptls.rb
我认为这样做不会太困难,可以将FTPTLS忽略不受信任的主机。
我试过将 verify_mode
更改为 OpenSSL :: SSL :: VERIFY_NONE
并注释掉post_connection_check`行。
均无效。
有关如何操作的任何想法?
require'socket'
require'openssl'
require'net / ftp'
模块Net
class FTPTLS< FTP
def connect(host,port = FTP_PORT)
@hostname = host
super
end
def login(user =anonymous,passwd = nil,acct = nil)
store = OpenSSL :: X509 :: Store.new
store.set_default_paths
ctx = OpenSSL :: SSL :: SSLContext.new('SSLv23')
ctx.cert_store = store
ctx.verify_mode = OpenSSL :: SSL :: VERIFY_PEER
ctx.key = nil
ctx.cert = nil
voidcmd(AUTH TLS )
@sock = OpenSSL :: SSL :: SSLSocket.new(@sock,ctx)
@ sock.connect
@ sock.post_connection_check(@hostname)
super(用户,passwd,acct)
voidcmd(PBSZ 0)
结束
结束
结束
我知道这对Poul来说可能已经太晚了,但我发现 double-bag-ftps gem 当我不得不做一些足够和容易使用的时候类似的东西。
A vendor I grab a file from is changing from FTP to FTP over SSL.
I am trying to update my code from net/ftp
to net/ftptls
The new host I need to connect to is not certified and my script reports back this error.
hostname was not match with the server certificate
The vendor will not fix this.
Looking at /usr/lib/ruby/1.8/net/ftptls.rb
I thought it wouldn't be too hard to monkey-patch FTPTLS to ignore the untrusted host.
I tried changing verify_mode
to OpenSSL::SSL::VERIFY_NONE
and commenting out the post_connection_check` line.
neither worked.
Any thoughts on how to do this?
require 'socket'
require 'openssl'
require 'net/ftp'
module Net
class FTPTLS < FTP
def connect(host, port=FTP_PORT)
@hostname = host
super
end
def login(user = "anonymous", passwd = nil, acct = nil)
store = OpenSSL::X509::Store.new
store.set_default_paths
ctx = OpenSSL::SSL::SSLContext.new('SSLv23')
ctx.cert_store = store
ctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
ctx.key = nil
ctx.cert = nil
voidcmd("AUTH TLS")
@sock = OpenSSL::SSL::SSLSocket.new(@sock, ctx)
@sock.connect
@sock.post_connection_check(@hostname)
super(user, passwd, acct)
voidcmd("PBSZ 0")
end
end
end
I know this is probably too late for Poul but I found the double-bag-ftps gem to be sufficient and easy to use when I had to do something similar.
这篇关于通过TLS / SSL通过FTP连接到未认证的主机的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!