Net-FTPSSL version 0.24
=======================
Net::FTPSSL is an object oriented Perl module which implements a simple
FTPS client over a Secure Socket Layer (SSL) or Transport Layer Security (TLS)
connection written following the directives described in RFC959 and RFC2228
INSTALLATION
To install this module type the following:
perl Makefile.PL
make
make test
make install
TESTING
There are 2 different tests that can be run. The 1st one assumes that your
FTPS server doesn't require certificates (t/10-compex.t) and the 2nd one assumes
that your FTPS server does require certificates (t/20-certificate.t). You'll
have to modify the 2nd test script if you want to use it to point to your
client certificate, your key store, and it's password.
In most cases you'll only need to do one test or the other.
TEST # 1 (of 2)
Skip this test if your FTPS server requires client certificates!
If you perform the "deeper test", it will generate a few log files to
help with troubleshooting what is going on. Debug is always turned on for
this test and written to a log file. All log files match the pattern "*_new.*".
The 3 main generated files are:
./t/test_trace_log_new.txt - The FTPSSL Debug log of all FTPSSL actions
./t/FTPSSL.pm_new.txt - Test ascii file downloaded
./t/test_file_new.tar.gz - Test binary file downloaded.
- Another custom trace log is created that is named after some of your
- responses to the questions. This allows for easy comparisons between the
- responses of different servers using different options. Without having to
- remember to save a copy of the original file yourself.
./t/test_trace_log_new.${server}-${cmd_channel_encrpt_mode}-${data_encrypt_mode}-${ssl_tls_mode}.txt
During installation, you should only have to run the test once to verify
functionality. The need for extra tests are for when you need to troubleshoot
specific FTPS servers that are having issues with this class. Since some FTPS
servers take unexpected liberties with resolving ambiguities in the
specifications. And of course there can be bugs in this code as well.
TEST # 2 (of 2)
Skip this test if your FTPS server doesn't requires client certificates!
It will safely quit if you haven't updated the script yet. (t/20-certificate.t)
This 2nd "Certificate Test" doesn't work out of the box. You have to modify
t/20-certificate.t 1st. You'll need to modify 3 lines of code.
The code to change are 3 tag values in the "%certificate_hash" initialization.
You will see comments above & below this initialization telling you that
you are updating the correct section of code!
The 3 tag values to modify are: SSL_key_file, SSL_cert_file, and SSL_passwd_cb.
Once you make these changes, this test should work for you!
You are on your own in creating the needed Client Certificate!
TROUBLESHOOTING
While support is very limited, a copy of the log file showing the problem
generated by the test would be needed to help analyze what went wrong with
talking to your particular FTPS server.
For test # 1, the desired log file is called:
./t/test_trace_log_new.txt
or
./t/test_trace_log_new.*.txt
For test # 2, the desired log file is called:
./t/test_certificate.txt
If these tests pass and it's your program that's failing, then I'd need a copy
of a simple test program to demonstrate the error with Debug turned on and it's
corresponding trace log. You can turn it on with the following command:
Net::FTPSSL->new(server, ..., Debug => 1, DebugLogFile => "myLog.txt");
Just be aware that a particular FTPS command may fail if your FTPS server
doesn't support that command or if your login doesn't have enough permissions
to perform the desired command on the FTPS server.
If you are submitting a patch for consideration, please also provide the above
trace file in case I can't duplicate the issue against the FTPS servers I have
available to me for testing.
For new functionality, it may help if you could temporarily grant me a login
that I can test against. Otherwise I may ask your help in beta testing new
code. My servers can't always support all possible configurations or behaviours.
DEPENDENCIES
This module requires these other modules and libraries:
Net::SSLeay
IO::Socket::SSL
File::Basename
Time::Local
Sys::Hostname
File::Copy
If you are going to have to tunnel through a proxy server, the following module
is also required:
Net::HTTPTunnel
SMOKE TESTER ENVIRONMENT VARIABLES
The test scripts honor the smoke tester's special environment variable
for setting useful defaults where you have no server to test against.
export PERL_MM_USE_DEFAULT=1
You can get the same results by doing
make test < /dev/null
SPECIAL ENVIRONMENT VARIABLES FOR RUNNING THE TEST SCRIPTS
Running these tests over and over again and answering all the prompts gets old
real quick. So many prompts in the test scripts allow you to define custom
defaults via environment variables. These variables are:
export FTPSSL_SERVER=<your server>
export FTPSSL_USER=<your user name>
export FTPSSL_PWD=<your password>
export FTPSSL_DIR=<defaut dir on server>
These variables are used if Net::HTTPTunnel is present
export FTPSSL_PROXY_HOST=<your proxy server>
export FTPSSL_PROXY_PORT=<your proxy port>
export FTPSSL_PROXY_USER_PWD_REQUIRED=<Y|N>
export FTPSSL_PROXY_USER=<your user name on the proxy server>
export FTPSSL_PROXY_PWD=<your password on the proxy server>
COPYRIGHT AND LICENCE
Copyright (C) 2005 by Marco Dalla Stella
Copyright (C) 2009 - 2014 by Curtis Leach
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.6 or,
at your option, any later version of Perl 5 you may have available.