View Javadoc
1   /*
2    * This file is part of Waarp Project (named also Waarp or GG).
3    *
4    *  Copyright (c) 2019, Waarp SAS, and individual contributors by the @author
5    *  tags. See the COPYRIGHT.txt in the distribution for a full listing of
6    * individual contributors.
7    *
8    *  All Waarp Project is free software: you can redistribute it and/or
9    * modify it under the terms of the GNU General Public License as published by
10   * the Free Software Foundation, either version 3 of the License, or (at your
11   * option) any later version.
12   *
13   * Waarp is distributed in the hope that it will be useful, but WITHOUT ANY
14   * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
15   * A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16   *
17   *  You should have received a copy of the GNU General Public License along with
18   * Waarp . If not, see <http://www.gnu.org/licenses/>.
19   */
20  package org.waarp.ftp.core.command.rfc4217;
21  
22  import org.waarp.common.command.ReplyCode;
23  import org.waarp.common.command.exception.CommandAbstractException;
24  import org.waarp.common.command.exception.Reply501Exception;
25  import org.waarp.common.command.exception.Reply503Exception;
26  import org.waarp.common.command.exception.Reply504Exception;
27  import org.waarp.common.command.exception.Reply534Exception;
28  import org.waarp.common.logging.WaarpLogger;
29  import org.waarp.common.logging.WaarpLoggerFactory;
30  import org.waarp.ftp.core.command.AbstractCommand;
31  
32  /**
33   * AUTH command with 2 options TLS or SSL<br>
34   * <br>
35   * Security Association Setup AUTH TLS (Control) or AUTH SSL (Control and
36   * Data)<br>
37   * 234*<br>
38   * 502, 504, 534*, 431* 500, 501, 421<br>
39   * <br>
40   * AUTH TLS -> 234 -> USER or ([PBSZ 0] PROT P then USER) -> 2xy
41   */
42  public class AUTH extends AbstractCommand {
43    /**
44     * Internal Logger
45     */
46    private static final WaarpLogger logger =
47        WaarpLoggerFactory.getLogger(AUTH.class);
48  
49    @Override
50    public final void exec() throws CommandAbstractException {
51      if (!getSession().getConfiguration().getFtpInternalConfiguration()
52                       .isAcceptAuthProt()) {
53        throw new Reply534Exception("AUTH SSL / TLS not supported");
54      }
55      if (getSession().isSsl()) {
56        // Already SSL
57        throw new Reply503Exception("Session already using SSL / TLS");
58      }
59      // First Check if any argument
60      if (!hasArg()) {
61        // Error since argument is needed
62        throw new Reply501Exception("Missing Parameter: TLS or SSL");
63      }
64      final String[] types = getArgs();
65      if ("TLS".equalsIgnoreCase(types[0])) {
66        // Only Command will have SSL
67        logger.debug("Start TLS");
68        getSession().rein();
69        getSession().setNextCommand(this);
70        getSession().setReplyCode(
71            ReplyCode.REPLY_234_SECURITY_DATA_EXCHANGE_COMPLETE, null);
72      } else if ("SSL".equalsIgnoreCase(types[0])) {
73        // Both Command and Data will have SSL
74        logger.debug("Start SSL");
75        getSession().rein();
76        getSession().setNextCommand(this);
77        getSession().setReplyCode(
78            ReplyCode.REPLY_234_SECURITY_DATA_EXCHANGE_COMPLETE, null);
79        getSession().setDataSsl(true);
80      } else {
81        throw new Reply504Exception("Unknown Parameter: " + types[0]);
82      }
83      logger.debug("End of AUTH {}", types[0]);
84    }
85  
86  }