Reputation: 2589
How to check if FTP server offers TLS support in python?
How can I check if a FTP server allows for TLS when I connect using ftplib? I Found easy documentation on how to use TLS, but no solution on how to check for it. My script is supposed to connect either way, but use TLS if possible.
So do I just connect using TLS and if it fails I do it without? I am sure there must be a better way.
Thank you for your help.
Upvotes: 4
Views: 1508
Answers (1)
Reputation: 202242
Note that trying an encryption only, is as bad as not using any encryption at all. And maybe even worse, as it gives an impression of security, while there's none.
When you are under an MITM attack, an attacker will divert a TCP traffic to him/her and simulate encryption rejection, making you send your credentials plain-text straight to the attacker.
Anyway:
Call
FTP_TLS.auth, check if it throws or not.
If the server supports TLS, the FTP_TLS.auth will enable encryption and the FTP_TLS.login (even with secure=False) will continue using it. If the server does not support encryption, the FTP_TLS.login (with secure=False) continues unencrypted.
Note that FTP_TLS.login (with its secure parameter) is an undocumented method – If you do not want to use it, you can fallback to creating a plain FTP, when FTP_TLS.auth throws.
To check explicitly, you can also use FTP.voidcmd('FEAT') and look for AUTH TLS (or AUTH SSL) in the response.
But there's nothing wrong about trying AUTH TLS/AUTH SSL (what the FTP_TLS.auth does) straight away.
Upvotes: 1
Related Questions
- How to upgrade all Python packages with pip
- How do I check if a list is empty?
- How slicing in Python works
- How do I check whether a file exists without exceptions?
- How do I merge two dictionaries in a single expression in Python?
- How can I delete a file or folder in Python?
- How do I get the current time in Python?
- How can I access environment variables in Python?
- How do I concatenate two lists in Python?
- How to check if the string is empty in Python?