Secure FTP_TLS data connection from man-in-the-middle attacks by default

Author: hartwork

Doc/library/ftplib.rst

@@ -454,10 +454,6 @@ FTP_TLS objects
    Connect to port 21 implicitly securing the FTP control connection
    before authenticating.
 
-   .. note::
-      The user must explicitly secure the data connection
-      by calling the :meth:`prot_p` method.
-
    :param str host:
       The hostname to connect to.
       If given, :code:`connect(host)` is implicitly called by the constructor.
@@ -516,8 +512,6 @@ FTP_TLS objects
       >>> ftps = FTP_TLS('ftp.pureftpd.org')
       >>> ftps.login()
       '230 Anonymous user logged in'
-      >>> ftps.prot_p()
-      '200 Data protection level set to "private"'
       >>> ftps.nlst()
       ['6jack', 'OpenBSD', 'antilink', 'blogbench', 'bsdcam', 'clockspeed', 'djbdns-jedi', 'docs', 'eaccelerator-jedi', 'favicon.ico', 'francotone', 'fugu', 'ignore', 'libpuzzle', 'metalog', 'minidentd', 'misc', 'mysql-udf-global-user-variables', 'php-jenkins-hash', 'php-skein-hash', 'php-webdav', 'phpaudit', 'phpbench', 'pincaster', 'ping', 'posto', 'pub', 'public', 'public_keys', 'pure-ftpd', 'qscan', 'qtc', 'sharedance', 'skycache', 'sound', 'tmp', 'ucarp']
 

Lib/ftplib.py

@@ -681,9 +681,6 @@ class FTP_TLS(FTP):
         Connect as usual to port 21 implicitly securing the FTP control
         connection before authenticating.
 
-        Securing the data connection requires user to explicitly ask
-        for it by calling prot_p() method.
-
         Usage example:
         >>> from ftplib import FTP_TLS
         >>> ftps = FTP_TLS('ftp.python.org')
@@ -733,6 +730,7 @@ def auth(self):
                 resp = self.voidcmd('AUTH SSL')
             self.sock = self.context.wrap_socket(self.sock, server_hostname=self.host)
             self.file = self.sock.makefile(mode='r', encoding=self.encoding)
+            self.prot_p()
             return resp
 
         def ccc(self):

Lib/test/test_ftplib.py

@@ -917,7 +917,6 @@ def setUp(self, encoding=DEFAULT_ENCODING):
         self.client.connect(self.server.host, self.server.port)
         # enable TLS
         self.client.auth()
-        self.client.prot_p()
 
 
 @skipUnless(ssl, "SSL not available")
@@ -944,15 +943,9 @@ def test_control_connection(self):
         self.assertIsInstance(self.client.sock, ssl.SSLSocket)
 
     def test_data_connection(self):
-        # clear text
-        with self.client.transfercmd('list') as sock:
-            self.assertNotIsInstance(sock, ssl.SSLSocket)
-            self.assertEqual(sock.recv(1024),
-                             LIST_DATA.encode(self.client.encoding))
-        self.assertEqual(self.client.voidresp(), "226 transfer complete")
+        self.client.login()
 
-        # secured, after PROT P
-        self.client.prot_p()
+        # secured
         with self.client.transfercmd('list') as sock:
             self.assertIsInstance(sock, ssl.SSLSocket)
             # consume from SSL socket to finalize handshake and avoid
@@ -961,7 +954,7 @@ def test_data_connection(self):
                              LIST_DATA.encode(self.client.encoding))
         self.assertEqual(self.client.voidresp(), "226 transfer complete")
 
-        # PROT C is issued, the connection must be in cleartext again
+        # PROT C is issued, the connection must be in cleartext
         self.client.prot_c()
         with self.client.transfercmd('list') as sock:
             self.assertNotIsInstance(sock, ssl.SSLSocket)
@@ -1000,7 +993,6 @@ def test_context(self):
         self.assertIs(self.client.sock.context, ctx)
         self.assertIsInstance(self.client.sock, ssl.SSLSocket)
 
-        self.client.prot_p()
         with self.client.transfercmd('list') as sock:
             self.assertIs(sock.context, ctx)
             self.assertIsInstance(sock, ssl.SSLSocket)
@@ -1028,7 +1020,6 @@ def test_check_hostname(self):
         # exception quits connection
 
         self.client.connect(self.server.host, self.server.port)
-        self.client.prot_p()
         with self.assertRaises(ssl.CertificateError):
             with self.client.transfercmd("list") as sock:
                 pass
@@ -1039,7 +1030,6 @@ def test_check_hostname(self):
         self.client.quit()
 
         self.client.connect("localhost", self.server.port)
-        self.client.prot_p()
         with self.client.transfercmd("list") as sock:
             pass