From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <ee9e417a050403063622954ccb@mail.gmail.com>
Date: Sun,  3 Apr 2005 08:36:56 -0500
From: Russ Cox <russcox@gmail.com>
To: 9fans <9fans@cse.psu.edu>
Subject: Re: [9fans] Secure ftp Again
In-Reply-To: <fe0d1f945b47dc18b3a0828df09039d1@proxima.alt.za>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
References: <ee9e417a0504021905475c897e@mail.gmail.com>
	<fe0d1f945b47dc18b3a0828df09039d1@proxima.alt.za>
Topicbox-Message-UUID: 31e332d0-ead0-11e9-9d60-3106f5b1d025

> > If so, you need to change ftpfs/hget to pushtls after
> > connecting:
> >     TLSconn conn;
> >     fd = dial(etc.);
> >     memset(&conn, 0, sizeof conn);
> >     fd = tlsClient(fd, &conn);
> > instead of just calling dial.
>
> Shouldn't this be done by enhancing dial to understand a TLS
> qualifier?  How difficult would that be?  I'm a lot better at trivial
> changes, maybe I can figure my way around it if it makes sense.

changing dial? no.  writing a tlsdial?
maybe, but it doesn't happen very often.
what's more common is that you connect,
talk plaintext for a little while, and then decide
to start tls.  i don't think there are enough
instances yet to know what the common case is.

russ