Support for HOST command in FTP client
Posted: 2010-01-30, 01:23 UTC
Basically this adds "virtual hosts" support to FTP, similar to what HTTP has.
When FTP client supports this, it sends "HOST <hostname>" before trying to log in. This lets server know what host client wants to use. For older clients it's possible to specify hostname as part of username in form "USER <hostname>|<username>". TC has no problem with this. And if there wasn't anything else, the need to implement this command would be quite low.
But the real beauty of HOST command shows when SSL is in use. It's issued even before AUTH SSL/TLS, so the server can present the correct certificate to client. It's great for server operators, because it's possible to have unlimited number of domains on single IP address, each with different certificate. And everything can work in clean way, i.e. requires no "yes, I know the hostname don't match, just ignore it" on the user side.
The only downside of this is that it's not exactly approved standard, it's still only draft:
http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts
On the other hand:
- this feature has been missing in FTP since beginning and many people want it
- the current draft looks very reasonable
- it's so simple that there really isn't much what could change before it goes final
- it's already supported by FTP servers (Microsoft's FTP 7.5, Serv-U 7+, possibly others)
So I believe TC should support it too. :)
When FTP client supports this, it sends "HOST <hostname>" before trying to log in. This lets server know what host client wants to use. For older clients it's possible to specify hostname as part of username in form "USER <hostname>|<username>". TC has no problem with this. And if there wasn't anything else, the need to implement this command would be quite low.
But the real beauty of HOST command shows when SSL is in use. It's issued even before AUTH SSL/TLS, so the server can present the correct certificate to client. It's great for server operators, because it's possible to have unlimited number of domains on single IP address, each with different certificate. And everything can work in clean way, i.e. requires no "yes, I know the hostname don't match, just ignore it" on the user side.
The only downside of this is that it's not exactly approved standard, it's still only draft:
http://tools.ietf.org/html/draft-hethmon-mcmurray-ftp-hosts
On the other hand:
- this feature has been missing in FTP since beginning and many people want it
- the current draft looks very reasonable
- it's so simple that there really isn't much what could change before it goes final
- it's already supported by FTP servers (Microsoft's FTP 7.5, Serv-U 7+, possibly others)
So I believe TC should support it too. :)