Thanks, Mykyta.
Section 3.3 already addresses that scenario in the second paragraph - and the
server behaviors are exactly what you were suggesting:
As discussed in section 3 of this document, if a HOST command is sent
after a user has been authenticated the server SHOULD do one of the
following:
a. Send a 503 reply for an invalid sequence of commands.
b. Treat the HOST command as though a REIN command was sent and
reset the user-PI to the state that existed after the previous
HOST command was sent and before the user had been authenticated,
and then return the appropriate reply for the HOST command.
Thanks again!
Robert McMurray
-----Original Message-----
From: Mykyta Yevstifeyev [mailto:evnikita2(_at_)gmail(_dot_)com]
Sent: Friday, June 24, 2011 9:53 AM
To: ietf(_at_)ietf(_dot_)org; ftpext(_at_)ietf(_dot_)org
Subject: Re: [ftpext] Last Call: <draft-ietf-ftpext2-hosts-02.txt> (File
Transfer Protocol HOST Command for Virtual Hosts) to Proposed Standard
Hello,
This document is well written; I'm strongly for its publication on Standards
Track. I have an only remark. This document doesn't seem to mention what is
the behavior of the server if HOST command is sent after one HOST has already
been sent. Eg.
C> HOST example.com
S> 220 Host OK
C> USER foo
S> 331 Specify password
C> PASS bar
S> 230 Logged in
C> HOST example.org
S> ????
I suppose the server may treat this as REIN and then switching to specified
host, if the user is authenticated, and just switch to such host if the user
isn't already logged in. Another option is sending 503 reply, as invalid
sequence of commands.
Thanks,
Mykyta Yevstifeyev
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf