/// <summary>
/// Enables encryption of command channel.
/// Usually called after AUTH command is sent
/// </summary>
/// <param name="parameter"></param>
/// <returns></returns>
public async Task OnEncryptionEnabled()
{
if (!IsEncryptionSupported)
{
SendResponse(new FtpReply()
{
ReplyCode = FtpReplyCode.NotImplemented, Message = "Server is not configured to support SSL/TLS."
}, false);
return;
}
SendResponse(new FtpReply()
{
ReplyCode = FtpReplyCode.ServiceReady, Message = "Service is ready."
}, false);
ConnectionFlags |= ControlConnectionFlags.UsingTLSorSSL;
var authStream = new FtpSslStream(ClientCommandStream);
var certificate = new X509Certificate2(DefaultServerValues.CertificateLocation,
string.Empty);
await authStream.AuthenticateAsServerAsync(certificate);
ClientCommandStream = authStream;
CommandStreamReader = new StreamReader(ClientCommandStream, ServerEncoding);
ActionsTracker.ConnectionSecurityChanged(null, new ConnectionSecurityChangedEventArgs()
{
EndPoint = ClientInitialRemoteEndPoint,
Security = ClientDataConnection.IsEncryptionActivated
? ConnectionSecurity.Both
: ConnectionSecurity.ControlConnectionSecured
});
Logger.Log($"Successfully authenticated via TLS : {ClientInitialRemoteEndPoint.ToString()}"
, RecordKind.Status);
}
public async Task OnDataChannelEncryptionEnabled()
{
if (!IsEncryptionSupported)
{
SendResponse(new FtpReply()
{
ReplyCode = FtpReplyCode.NotImplemented, Message = "Server is not configured to support SSL/TLS."
}, false);
return;
}
ClientDataConnection.ActivateEncryption();
ActionsTracker.ConnectionSecurityChanged(null, new ConnectionSecurityChangedEventArgs()
{
EndPoint = ClientInitialRemoteEndPoint,
Security = ConnectionFlags.HasFlag(ControlConnectionFlags.UsingTLSorSSL)
? ConnectionSecurity.Both
: ConnectionSecurity.DataChannelSecured
});
Logger.Log($"Enabled encryption for datachannel : {ClientInitialRemoteEndPoint.ToString()}"
, RecordKind.Status);
}
