FTP协议的分析和扩展[6]|中文方案文档站(提供各类方案下载,WORD文档下载,范文,案例等)

| LIST/RETR <-----> ... | | sslClose() <-----> ... -+ |
| close() <-----> ... -+ | |
| | |
\======================================================================/

>>3.5 一些杂乱图示
在3.3种引用了一个Explicit SSL连接指令序列，这里是对应的Implicit SSL连接过

程:
/======================================================================\
| WinSock 2.0 -- OpenSSL 0.9.7d 17 Mar 2004 |
| [R] Connecting to 192.168.21.3 -> IP=192.168.21.3 PORT=9909 |
| [R] Connected to 192.168.21.3 |
| [R] Connected. Negotiating SSL/TLS session.. |
| [R] SSL/TLS negotiation successful... |
| [R] TLSv1/SSLv3 encrypted session using cipher AES256-SHA (256 bits) |
| [R] 220 Please enter your login name now. |
| [R] PBSZ 0 |
| [R] 200 PBSZ Command OK. Protection buffer size set to 0. |
| [R] USER elly |
| [R] 331 Password required for elly . |
| [R] PASS (hidden) |
| [R] 230 User elly logged in. |
| [R] SYST |
| [R] 215 UNIX Type: L8 , CP:936 |
| [R] PROT P |
| [R] 200 PROT P accepted. |
| [R] PASV |
| [R] 227 Entering Passive Mode (192,168,21,3,5,122) |
| [R] Opening data connection IP: 192.168.21.3 PORT: 1402 |
| [R] LIST -al |
| [R] Connected. Negotiating SSL/TLS session.. |
| [R] 150 Opening ASCII data connection for ls / using SSL/TLS. |
| [R] SSL/TLS negotiation successful... |
| [R] TLSv1/SSLv3 encrypted session using cipher AES256-SHA (256 bits) |
| [R] List Complete: 181 bytes in 0.17 seconds (1.04 KBps) |
\======================================================================/

Explicit SSL模式下ftp client <-- server的通讯数据，可以看到AUTH SSL之后的指令全部都
已经加密，无法看到。对应2.3节中的传统通讯过程，这确保了传输过程中数据无法被窃听到。
在Implicit SSL模式中，从初始化连接开始的数据将全部加密，无法分析，因此此处不摘录。
/======================================================================\
21:34:22.095241 IP 192.168.0.1.2279 > 192.168.0.3.999: S 1727744887:1727744887(0) win 65535 <mss 1460,nop,nop,sackOK> (DF)
0x0000 4500 0030 e6b7 4000 8006 92bb c0a8 0001 E..0..@.........
0x0010 c0a8 0003 08e7 03e7 66fb 4b77 0000 0000 ........f.Kw....
0x0020 7002 ffff 428a 0000 0204 05b4 0101 0402 p...B...........
21:34:22.095576 IP 192.168.0.3.999 > 192.168.0.1.2279: S 3598555607:3598555607(0) ack 1727744888 win 65535 <mss 1460,nop,nop,sackOK> (DF)
0x0000 4500 0030 8d9e 4000 8006 ebd4 c0a8 0003 E..0..@.........
0x0010 c0a8 0001 03e7 08e7 d67d 99d7 66fb 4b78 .........}..f.Kx
0x0020 7012 ffff d223 0000 0204 05b4 0101 0402 p....#..........
21:34:22.095639 IP 192.168.0.1.2279 > 192.168.0.3.999: . ack 1 win 65535 (DF)
0x0000 4500 0028 e6b8 4000 8006 92c2 c0a8 0001 E..(..@.........
0x0010 c0a8 0003 08e7 03e7 66fb 4b78 d67d 99d8 ........f.Kx.}..
0x0020 5010 ffff fee7 0000 P.......
21:34:22.108439 IP 192.168.0.3.999 > 192.168.0.1.2279: P 1:115(114) ack 1 win 65535 (DF)
0x0000 4500 009a 8da4 4000 8006 eb64 c0a8 0003 E.....@....d....
0x0010 c0a8 0001 03e7 08e7 d67d 99d8 66fb 4b78 .........}..f.Kx
0x0020 5018 ffff 5cb5 0000 3232 302d 5468 6973 P...\...220-This
0x0030 2073 6572 7665 7220 6973 2066 6f72 2070 .server.is.for.p
0x0040 7269 7661 7465 2075 7365 206f 6e6c 790d rivate.use.only.
0x0050 0a32 .2
21:34:22.257722 IP 192.168.0.1.2279 > 192.168.0.3.999: . ack 115 win 65421 (DF)
0x0000 4500 0028 e6c1 4000 8006 92b9 c0a8 0001 E..(..@.........
0x0010 c0a8 0003 08e7 03e7 66fb 4b78 d67d 9a4a ........f.Kx.}.J
0x0020 5010 ff8d fee7 0000 P.......
21:34:22.257941 IP 192.168.0.3.999 > 192.168.0.1.2279: P 115:154(39) ack 1 win 65535 (DF)
0x0000 4500 004f 8da7 4000 8006 ebac c0a8 0003 E..O..@.........
0x0010 c0a8 0001 03e7 08e7 d67d 9a4a 66fb 4b78 .........}.Jf.Kx
0x0020 5018 ffff 96b3 0000 3232 3020 506c 6561 P.......220.Plea
0x0030 7365 2065 6e74 6572 2079 6f75 7220 6c6f se.enter.your.lo
0x0040 6769 6e20 6e61 6d65 206e 6f77 2e0d 0a gin.name.now...
21:34:22.264587 IP 192.168.0.1.2279 > 192.168.0.3.999: P 1:11(10) ack 154 win 65382 (DF)
0x0000 4500 0032 e6c2 4000 8006 92ae c0a8 0001 E..2..@.........
0x0010 c0a8 0003 08e7 03e7 66fb 4b78 d67d 9a71 ........f.Kx.}.q
0x0020 5018 ff66 e88e 0000 4155 5448 2053 534c P..f....AUTH.SSL
0x0030 0d0a ..
21:34:22.371140 IP 192.168.0.3.999 > 192.168.0.1.2279: P 154:205(51) ack 11 win 65525 (DF)
0x0000 4500 005b 8dac 4000 8006 eb9b c0a8 0003 E..[..@.........
0x0010 c0a8 0001 03e7 08e7 d67d 9a71 66fb 4b82 .........}.qf.K.
0x0020 5018 fff5 9a03 0000 3233 3420 4155 5448 P.......234.AUTH
0x0030 2043 6f6d 6d61 6e64 204f 4b2e 2049 6e69 .Command.OK..Ini
0x0040 7469 616c 697a 696e 6720 5353 4c20 636f tializing.SSL.co
0x0050 6e6e nn
21:34:22.374945 IP 192.168.0.1.2279 > 192.168.0.3.999: P 11:141(130) ack 205 win 65331 (DF)
0x0000 4500 00aa e6c6 4000 8006 9232 c0a8 0001 E.....@....2....

FTP协议的分析和扩展[6]

[入库：2006年2月23日] [更新：2007年3月24日]