Skip to content

Let authenticators know the CMD channel TLS state #551

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hannesdejager merged 1 commit into from
Jan 4, 2026
Merged

Let authenticators know the CMD channel TLS state #551

hannesdejager merged 1 commit into from
Jan 4, 2026

Conversation

@hannesdejager
Copy link
Collaborator

@hannesdejager hannesdejager commented Dec 28, 2025

This allows authenticator implementations to make more informed security-aware decisions by allowing them to know whether the FTP command channel is encrypted or not.

So this change modifies the Credentials struct passed to authenticators to include a new field called command_channel_security of enum type named ChannelSecurity.

The USER and PASS command implementations are also modified to set this field from the FTP session state.

Towards #478

@hannesdejager hannesdejager mentioned this pull request Dec 28, 2025
Open
@hannesdejager
Copy link
Collaborator Author

hannesdejager commented Dec 28, 2025

@jrouaix please review

@hannesdejager hannesdejager requested a review from robklg December 28, 2025 21:18
@hannesdejager hannesdejager force-pushed the hannes/channel-sec-to-auth branch 2 times, most recently from b713536 to c31b456 Compare December 28, 2025 21:26
@hannesdejager
Let authenticators know the CMD channel TLS state
1d3fb4f 
This allows authenticator implementations to make more informed security-aware
decisions by allowing them to know whether the FTP command channel is
encrypted or not.

So this change modifies the Credentials struct passed to authenticators
to include a new field called `command_channel_security` of enum type
named `ChannelSecurity`.

The USER and PASS command implementations are also modified to set this
field from the FTP session state.

Towards #478
@hannesdejager hannesdejager force-pushed the hannes/channel-sec-to-auth branch from c31b456 to 1d3fb4f Compare December 28, 2025 21:30
jrouaix
jrouaix approved these changes Dec 28, 2025
View reviewed changes
Copy link

@jrouaix jrouaix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you ! LGTM, happy new year !

@hannesdejager hannesdejager merged commit bdf08a7 into master Jan 4, 2026
8 checks passed
@hannesdejager hannesdejager deleted the hannes/channel-sec-to-auth branch January 4, 2026 21:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@robklg robklg robklg approved these changes

+1 more reviewer

@jrouaix jrouaix jrouaix approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@hannesdejager @jrouaix @robklg