Secure FTP Enhancements – Build 1299 February 9, 2019 Technical Consulting Post in communications,New Feature,Scripting The following CBS functions have been enhanced in Build 1299: ReadSFTP()WriteSFTP()GetSFTPFolder()Erase SFTP() These functions now accept additional communications parameters. Consult the Visual Builder Documentation for more information. The new parameters are described below. FTP_OPTION_NONENo special parameters are specified.FTP_OPTION_PASSIVEThis option specifies that the client should attempt to establish the data connection with the server. When the client uploads or downloads a file, normally the server establishes a second connection back to the client which is used to transfer the file data. However, if the local system is behind a firewall or a NAT router, the server may not be able to create the data connection and the transfer will fail. By specifying this option, it forces the client to establish an outbound data connection with the server. It is recommended that applications use passive mode whenever possible.FTP_OPTION_FIREWALLThis option specifies that the client should always use the host IP address to establish the data connection with the server, not the address returned by the server in response to the PASV command. This option may be necessary if the server is behind a router that performs Network Address Translation (NAT) and it returns an unreachable IP address for the data connection. If this option is specified, it will also enable passive mode data transfers.FTP_OPTION_NOAUTHThis option specifies that the server does not require authentication, or that it requires an alternate authentication method. When this option is used, the client connection is flagged as authenticated as soon as the connection to the server has been established. Note that using this option to bypass authentication may result in subsequent errors when attempting to retrieve a directory listing or transfer a file. It is recommended that you consult the technical reference documentation for the server to determine its specific authentication requirements.FTP_OPTION_KEEPALIVEThis option specifies that the client should attempt to keep the connection with the server active for an extended period of time. It is important to note that regardless of this option, the server may still choose to disconnect client sessions that are holding the command channel open but are not performing file transfers.FTP_OPTION_NOAUTHRSAThis option specifies that RSA authentication should not be used with SSH-1 connections. This option is ignored with SSH-2 connections and should only be specified if required by the server. This option has no effect on standard or secure connections using SSL.FTP_OPTION_NOPWDNULThis option specifies that the user password cannot be terminated with a null character. This option is ignored with SSH-2 connections and should only be specified if required by the server. This option has no effect on standard or secure connections using SSL.FTP_OPTION_NOREKEYThis option specifies that the client should never attempt a repeat key exchange with the server. Some SSH servers do not support rekeying the session, and this can cause the client to become non-responsive or abort the connection after being connected for an hour. This option has no effect on standard or secure connections using SSL.FTP_OPTION_COMPATSIDThis compatibility option changes how the session ID is handled during public key authentication with older SSH servers. This option should only be specified when connecting to servers that use OpenSSH 2.2.0 or earlier versions. This option has no effect on standard or secure connections using SSL.FTP_OPTION_COMPATHMACThis compatibility option changes how the HMAC authentication codes are generated. This option should only be specified when connecting to servers that use OpenSSH 2.2.0 or earlier versions. This option has no effect on standard or secure connections using SSL.FTP_OPTION_VIRTUALHOST This option specifies that the server supports virtual hosting, where multiple domains are hosted by a server using the same external IP address. If this option is enabled, the client will send the HOST command to the server upon establishing a connection.FTP_OPTION_VERIFYThis option specifies that file transfers should be automatically verified after the transfer has completed. If the server supports the XMD5 command, the transfer will be verified by calculating an MD5 hash of the file contents. If the server does not support the XMD5 command, but does support the XCRC command, the transfer will be verified by calculating a CRC32 checksum of the file contents. If neither the XMD5 or XCRC commands are supported, the transfer is verified by comparing the size of the file. Automatic file verification is only performed for binary mode transfers because of the end-of-line conversion that may occur when text files are uploaded or downloaded.FTP_OPTION_TUNNELThis option specifies that a tunneled TCP connection and/or port-forwarding is being used to establish the connection to the server. This changes the behavior of the client with regards to internal checks of the destination IP address and remote port number, default feature selection and how the connection is established. This option also forces all connections to be outbound and enables the firewall compatibility features in the client.FTP_OPTION_TRUSTEDSITEThis option specifies that the server is trusted. The server certificate will not be validated and the connection will always be permitted. This option only affects connections using either the SSL or TLS protocols.FTP_OPTION_SECUREThis option specifies that the client should attempt to establish a secure connection with the server. This option is the same as specifying FTP_OPTION_SECURE_IMPLICIT which immediately performs the SSL/TLS protocol negotiation when the connection is established.FTP_OPTION_SECURE_IMPLICITThis option specifies that the client should attempt to immediately establish secure SSL/TLS connection with the server. This option is typically used when connecting to a server on port 990, which is the default port number used for FTPS.FTP_OPTION_SECURE_EXPLICITThis option specifies that the client should establish a standard connection to the server and then use the AUTH command to negotiate an explicit secure connection. This option is typically used when connecting to the server on ports other than 990.FTP_OPTION_SECURE_SHELLThis option specifies that the client should use the Secure Shell (SSH) protocol to establish the connection. This option will automatically be selected if the connection is established using port 22, the default port for SSH.FTP_OPTION_IPV6ONLYUse IPV6 only.FTP_OPTION_FREETHREADThis option specifies that the handle returned by this function may be used by any thread, and is not limited to the thread which created it. The application is responsible for ensuring that access to the handle is synchronized across multiple threads.FTP_OPTION_DEFAULTUse default parameters.