Bug 85464 (ftps)

Support FTP over TLS/SSL (FTPS)

RESOLVED WONTFIX

Status

()

P5
enhancement
RESOLVED WONTFIX
17 years ago
7 days ago

People

(Reporter: lord, Unassigned)

Tracking

(Blocks: 3 bugs, {helpwanted})

Trunk
Future
helpwanted
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [necko-would-take], URL)

(Reporter)

Description

17 years ago
It would be nice to support SSL/FTP.

Updated

17 years ago
Keywords: helpwanted
Target Milestone: --- → Future

Comment 1

17 years ago
If you have any useful reading (RFC's, etc), please add them. QA could also use
a list of servers you think we should test against.
Summary: Support SSL/FTP → [RFE] Support SSL/FTP

Comment 3

17 years ago
reassigning to bbaetz@cs.mcgill.ca.
Assignee: dougt → bbaetz
Do you know of any server which implements this?

Updated

17 years ago
QA Contact: tever → benc

Comment 5

17 years ago
That was my next question.

Comment 6

17 years ago
I don't know whether this is the same. But I have a solaris server running which
simply uses stunnel to encrypt all the ftp transfer. There are several clients
which support this, like sftp on Linux and psftp (putty) for windows. I think
for this kind of secure ftp, everything should be there already. The encryption
is the same as for secure websites and we have ftp too.
No, stunnel is separate (although I guess it would be easy to support, for PASV
at least)

Comment 8

17 years ago
*** Bug 130634 has been marked as a duplicate of this bug. ***

Comment 9

17 years ago
similar: bug 39714
I have no time to work on mozilla at the moment, so dougt is taking over FTP

open ftp bugs -> him
Assignee: bbaetz → dougt

Updated

16 years ago
Summary: [RFE] Support SSL/FTP → Support SSL/FTP

Comment 11

16 years ago
Setting OS=All and adding (SFTP) to summary to catch searches.
OS: Windows 2000 → All
Summary: Support SSL/FTP → Support SSL/FTP (SFTP)

Updated

15 years ago
Blocks: 179456

Updated

15 years ago
Blocks: 231457

Comment 12

15 years ago
See the following link for URI spec.

http://www.ietf.org/internet-drafts/draft-ietf-secsh-scp-sftp-ssh-uri-01.txt

Do we want to support all three of these protocols? (SCP, SFTP, and SSH)
Currently I use mostly SSH. 

Comment 13

15 years ago
The last two comments are misleading. This bug is about FTP over SSL (FTPS). 

SFTP is file transfer via SSH. Also the bugs this bug is blocking are about the
latter. So I'm removing them.
No longer blocks: 179456, 231457
Summary: Support SSL/FTP (SFTP) → Support FTP over TLS/SSL (FTPS)

Updated

14 years ago
Blocks: 245908

Comment 14

14 years ago
I know of one server that supports this (ftps/995): http://www.sambar.com. I use
CuteFTP's ftps capabilities in combination with this server and can atest to its
functionality.

Comment 15

14 years ago
(In reply to comment #4)
> Do you know of any server which implements this?

any server with openSSH installation will support scp/sftp by default on recent
installations:
<http://www.openssh.org/>

Comment 16

14 years ago
(In reply to comment #4)
> Do you know of any server which implements this?

here is a list of distros which ship with openSSH (and scp/sftp):
<http://www.openssh.org/users.html>

Comment 17

14 years ago
Simon's comment doesnt address point 4 because it asks about SSL, not SSH.

I personally would rather see the pure SSL implementation sooner than SSH. SSL
is used much more widely, and is built-in to the server products, whereas SSH is
frequently a tunnel that has to be configured on the server (and is in fact
built on openSSL). SSL is also more "industry strength" when it comes to key
management and tools (signing, CRLs, critical-subjects), IMO . Its also the
standard for imap/pop servers, in addition to www and ftp. And its tight
integration with those server types allows them to actually interogate the
protocol, so that they can reject connections with too-low cipher stregth, or
perform client-cert verification. This is a far cry from the other protocols
passive-tunnel setups.

If a day comes around though when ssh is integrated into Mozilla, cool.
Hopefully its first for would be in a shell-component. :-) My vote remains for
SSL/TLS.

Comment 18

14 years ago
Can we cahnge the summary to be 

              Support FTP over TLS/SSL (FTPS) (*not* SFTP)

I'm thinking it could prevent more naming errors like we have in the comments.

As for servers which support ftps, try WU.  Yeah!  I think wu-ftpd does TLS. 
Now I just can't remember if the RPM I installed shipped with its own pem or if
I had to regenerate something.  Hmm.  It may have been Just That Easy, though,
just an RPM to set up a valid test-server.  Shout if you want me to open it for
testing from a certain IP.

Comment 19

14 years ago
Here is a very good resource page on FTPS:

http://www.ford-hutchinson.com/~fh-1-pfh/ftps-ext.html

Comment 20

14 years ago
Stupid question: How come that currently tls isn't supported for ftp?
For any other protocol that a transport level security extension exists
for (http,nntp,pop,imap,ldap, ...), this is supported by mozilla 
(fortunately - forcing users to transmit cleartext passwords is really
a bad thing), so I guess most of the necessary code must already be there.

little side note - in general, the use of a separate port with implicit
encryption is deprecated in favor of an explicit negotiation. With other
protocols, the separate port is more widespread, but in the case of ftp
servers, "AUTH TLS" seems to be the more established than the use of
port 990 for an encrypted command channel.

Comment 21

13 years ago
FWIW, filezilla server (http://filezilla.sf.net) supports FTPS using TLS negotiation.

Comment 22

11 years ago
mass reassigning to nobody.
Assignee: dougt → nobody

Comment 23

10 years ago
FTPS/FTPES-Support would be nice in Firefox and Thunderbird

Comment 24

10 years ago
This is really needed for a secure and convinient method way of file transfer.
Guys, random advocacy posts are going to fix this bug. All they do is make it harder for anyone trying to fix the bug to find any relevant posts within.
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
*sigh* are *not* going to fix this bug

Comment 27

9 years ago
I think firefox has ftps support in it because fireftp uses it. But it fails with vsftd servers: https://bugzilla.mozilla.org/show_bug.cgi?id=478322

Comment 28

9 years ago
Yes ftps support seems to be built in but the firefox GUI does not use it....

Anyway mozilla seems to no be concerned about that, The bug you show has not been solved since more than five months. The fix could have been part of ff35.............
The fix for bug 660749 won't change anything in FTP, so if/when we support ftps:// we will have to make a similar change.
Depends on: 660749
Whiteboard: [necko-would-take]

Comment 32

6 months ago
For 17 years this has been asked. Wow, that must be a record of some sort :)
So is this going to be stale until such point as you decide to remove FTP support entirely, with how you've been adding a pref for FTP now?
I have a public vsftpd server implementing ftp and ftpes protocol. It is only accessible over IPv6, however:

ftpes://lavender.qlfiles.net

I can view it using ftpes URL if I am in FileZilla, but not from Firefox. I am, however, using Firefox ESR 52.7.3.

Updated

3 months ago
Blocks: 1463440

Updated

2 months ago
Blocks: 1335586
See Also: → bug 1429023
I think we should mark this bug as WONTFIX. We have a vague plans of deprecating FTP completely in Firefox, there is no point in adding more code in this area.
Flags: needinfo?(ckerschb)
(In reply to Tom Schuster [:evilpie] from comment #34)
> I think we should mark this bug as WONTFIX. We have a vague plans of
> deprecating FTP completely in Firefox, there is no point in adding more code
> in this area.

Yes, that sounds reasonable to me. Since we (sooner or later) would like to deprecate FTP completely, we should not add more code in that area to our codebase.
Status: NEW → RESOLVED
Last Resolved: 2 months ago
Flags: needinfo?(ckerschb)
Resolution: --- → WONTFIX

Updated

2 months ago
Blocks: 1438713

Updated

2 months ago
No longer depends on: 660749

Comment 36

7 days ago
(In reply to Bradley Baetz (:bbaetz) from comment #4)
> Do you know of any server which implements this?

The npm `ftp-srv` package implements this, same with the npm `ftp` client package.

- https://www.npmjs.com/package/ftp-srv#api
- https://www.npmjs.com/package/ftp#methods
Alias: ftps
You need to log in before you can comment on or make changes to this bug.