Starksoft FTP/FTPS Component
From StarksoftWiki
Contents |
About
The Starksoft FTP/FTPS library component is a 100% managed implementation of the client FTP protocol using no third party code or dependencies other than the .NET Framework. The library was written completely in C# 2.0. The library implements the FTP protocol as defined by RFC 959, RFC 1579, RFC 2389, RFC 4217, and RFC 3659 specifications. The library is rich in features boasting a modular design for high extensibility and customization. In addition the library supports several extended features such as the File Exchange Protocol (FXP) to transfer data server to server, SSL/TLS protocol to secure your data transfers, zlib data compression for faster data transfers, non-standard extensions XCRC, XSHA1, and XMD5 for upload and download validation, SOCKS proxy and HTTP tunnel support, passive connections, as well as custom features such as directory lists in ADO.NET DataSet format and custom file system parsing should you need to implement your own directory format parser.
Free Open-Source Software
The Starksoft FTP/FTPS class library source code is licensed under the very permissive MIT open-source license. This license was chosen for maximum compatibility with the Mono class library license. The MIT open-source license does not have the same viral restrictions as the GPL license. In addition, the LGPL license was not chosen due to ambiguity concerning derivative works. Finally, the MIT license was also chosen for maximum adoption of the Starksoft FTP/FTPS library for both non-commercial and commercial uses.
Secure Data Transfers
Data security is a high priority requirement for many enterprise class applications. You can secure FTP sessions using the same technology and protocol as used to secure web application sessions. Secure Socket Layer (SSL 2.0 and SSL 3.0) and the newer Transport Layer Security (TLS 1.0) provides a secure tunnel for web applications and is defacto standard for securing web application data transmitted between the web client and the web server. The same protocol can be used to secure FTP commands and FTP data transfers and defined by RFC 2228. SSL and TLS provide data security using RSA or DSA public/private key exchanges which authenticate the FTP server as well encrypts FTP commands and data.
The Starksoft FTP/FTPS library provides support for explicit FTPS and implicit FTPS by implementing Secure Socket Layer protocol (SSL 2.0, SSL 3.0) and the newer Transport Layer Security (TLS 1.0) protocol in compliance to the RFC 2228 specification. Explicit FTPS means that the client must 'explicitly' send an FTP command instructing the FTP server to begin encrypt all data using either SSL or TLS security protocol. One of the additional advantages of explicit FTPS is that the encrypted connection can use the standard FTP port 21.
In addition, the Starksoft FTP/FTPS library always issues the AUTH command immediately upon connecting to the FTP server when explicit FTPS is specified. This is done in accordance with RFC 2228 to secure the FTP command connection. Issuing the explicit AUTH command invokes SSL/TLS security and insures no unsecured commands or data are ever transmitted to the FTP server. In addition, most modern FTPS server implementations require AUTH command to be the first command issued when SSL/TLS is enabled.
The older and now depreciated implicit FTPS is still supported by the Starksoft FTP/FTPS library. Implicit FTPS is not defined by an RFC specification and predates RFC 2228. As the name suggests, implicit FTPS requires the FTP client to 'implicitly' assume the FTP connection is always encrypted using SSL or TLS. Since the client does not send an 'explicit' AUTH command to the FTP server to secure the connection, the server must listen on a port other than port 21 to receive implicit FTPS connections. In practice, this port is generally the well known port 990.
The Starksoft FTP/FTPS library can secure your connection to your FTP server whether you are connecting to an explicit of implicit FTPS server using SSL or TLS. See the properties FtpClient.SecurityProtocol and FtpClient.SecurityCertificates and the event ValidateServerCertificate for more information.
Modular Design
The Starksoft FTP/FTPS library allows any developer to easily add FTP and FTPS functionality to any .NET 2.0 or higher application by simply referencing the library dll or compiling the source code into the project. The developer can also add FTP/FTPS functionality to any mono application on other supported platforms such as Linux or OS/X without recompiling the Starksoft FTP/FTPS library. The library is flexible and supports both client applications and back-end application architectures such as a web server application. The library is tuned for maximum transfer speeds with support for the most common extension and feature set as specified by prevailing RFC specifications.
The developer also has the option to extend the functionality of the Starksoft FTP/FTPS library when needed. If a custom directory parser is needed to parse unique directory listings, the developer only needs to implement the IFtpItemParser interface and then set the ItemParser property on the FtpClient object. Additional extensibility can be accomplished by using the Quote() method to send custom commands to the FTP server. Finally, the fully commented source code is provided allowing the developer to customize the implementation for his or her specific needs.
Event Pattern Asynchronous Method Calls
The Starksoft FTP/FTPS library provides extensive support for asynchronous method calls using the Event-based Asynchronous Pattern. The asynchronous event based pattern allows the developer to write asynchronous code just like any other .NET event. This pattern replaces the cumbersome Begin/End Asynchronous pattern.
Transfer Files Using Streams
All data transfer methods in the Starksoft FTP/FTPS library accept.NET System.IO.Stream parameters. This allows the consumer to provide any stream object that inherits from the System.IO.Stream abstract base class. Stream object parameters allow the consumer to pass any stream objects such as the .NET MemoryStream object for uploading and downloading data files. This implementation is very convenient on systems such as web servers where the processing thread may not have permissions to read or write to the local file system or a stream abstraction is a more elegant implementation approach.
Proxy Support
The Starksoft FTP/FTPS library also includes support for connecting through SOCKS proxy servers as well as HTTP Tunnel servers (sometimes called HTTP proxy servers). Proxy support is provided by the simple to use Starksoft Proxy Component library for creating SOCKS 4, SOCKS 5, SOCKS 5a, and HTTP proxy connections over TCP/IP. In addition, the Starksoft Proxy Component library is a stand-alone component that can be used to proxify other .NET applications where the System.Net.TcpClient class is utilized for establishing and maintaining TCP communications between the client application and remote servers. Please see the Starksoft Proxy Component documentation for more information.
