[Python-Dev] ssl - how to switch back to a plain text socket?
Giampaolo Rodola'
gnewsg at gmail.com
Wed Feb 20 22:55:33 CET 2008
On 20 Feb, 17:39, Bill Janssen <jans... at parc.com> wrote:
> > I'm not sure, I've seen more than one library and server supporting
> > the CCC command.
> > For example proftpd and tnftpd servers support it.
>
> But does anyone use it?
>
It is useful to permit passive connection behind firewall devices.
This is what proftpd documentation says about it:
--- quote ---
The CCC command makes an encrypted control channel revert back to an
unencrypted channel. This helps to solve data connection problems in
situations where network equipment (such as firewalls, routers, NAT)
peek at the control channel in order to see which ports open. By
sending the CCC command and unecrypting the control channel, the
network equipment can once again peek at the commands (i.e. PORT and
EPRT) in the control channel. Since the CCC command must come after
the client has logged in, the USER and PASS commands on the control
channel will still be protected by SSL/TLS.
--- /quote ---
More information about the Python-Dev
mailing list