kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

proper FTP/TLS connection

This commit is contained in:
Benjamin Sonntag 2015-04-20 19:16:23 +02:00
parent d82f87a366
commit 39020569f0
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
etc/alternc/templates/proftpd/proftpd.conf
View File

@ -43,7 +43,7 @@ RequireValidShell off
# If you have a firewall, you should open this portrange # If you have a firewall, you should open this portrange
# (or change it) # (or change it)
# since ip_conntrack_ftp cannot decrypt TLS session. # since ip_conntrack_ftp cannot decrypt TLS session.
PassivePorts 49152 65534 PassivePorts 50000 60000
<Directory /*> <Directory /*>
DenyAll DenyAll
@ -143,4 +143,12 @@ TransferLog /var/log/proftpd/xferlog
# clients will close the data connection, or there will be a timeout # clients will close the data connection, or there will be a timeout
# on an idle data connection. # on an idle data connection.
TLSRenegotiate required off TLSRenegotiate required off
# As of ProFTPD 1.3.3rc1, mod_tls only accepts SSL/TLS data connections that reuse
# the SSL session of the control connection, as a security measure.
# Unfortunately, there are some clients (e.g. curl) which do not reuse SSL sessions.
# To relax the requirement that the SSL session from the control connection
# be reused for data connections, use the following
TLSOptions NoSessionReuseRequired
</IfModule> </IfModule>