FTPS Configuration
The component accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.FTP Configuration Settings
| ActiveModePORTAddress: Allows the specification of the PORT address value for active mode connections.When using an active mode configuration (Passive = False) with a firewall, it may sometimes be necessary to specify the actual PORT value to be sent to the server. ActiveModePORTAddress takes the protocol-level parameter in the form "a,b,c,d,e,f" where "a,b,c,d" is the external IP address separated by commas, and e and f represent, respectively, the high byte (divide by 256) and the low byte (mod 256) values of the external port where the FTP client is listening.
This config must be used in conjunction with PortRange to ensure that the correct port is used by the client. | |
| ActiveModeIP: Allows the specification of the IP address that the server will connect to for active mode connections.The ActiveModeIP config can be used to specify the IP address that the server will connect to when
using an active mode configuarion (Passive = False). When this config is set, the port number where the component
listens for active mode connections will still be managed by the component. The PortRange can also
be used to ensure that the correct port is used by the client.
Note that this config will be ignored if ActiveModePORTAddress is also specified. | |
| AppendToLocalFile: Append downloaded files to a local file.If set to true, the downloaded files will be appended to the file specified in LocalFile. | |
| CalculatePercentDone: Enables or Disables calculating the percent complete for downloads.When set to True, the component sends an FTP "SIZE" command to retrieve the file size before beginning a download. When downloading a large quantity of small files, performance may be increased by disabling this feature. | |
| CheckTotalEntry: Whether to ignore directory listing total lines.Some servers will include "total" information when returning a directory listing that contains some non-entry data. When CheckTotalEntry is set to True (default), the component will ignore lines beginning with "total" to account for this. In some cases, it may be desirable to include these lines in the resulting DirList data; this can be done by setting this configuration setting to False. | |
DirEntryPattern: Allows the use of regular expressions to parse non-standard directory entry formats.In some cases, the server may return a directory entry format that can not be automatically parsed by the adapter.
In this case the full entry format can be seen in the DirEntry parameter of DirList.
You can then use this property to define a regular expression to parse the entry. The value of this setting is specified in the following format:
A,B,C,X=Y|RegExA,B,C, and X represent integer values that correspond to the capturing groups of the regular expression in the following order:
Since group X represents the IsDir value, the user must specify Y to indicate what value that group must have in order for IsDir to be true. Take for instance a simple entry in this format:
22 Test.txtIn this example "22" is the FileSize and "Test.txt" is the FileName. In order to parse this entry we will define the DirEntryPattern as: 2,1,-1,-1|([0-9]+)\s(.*)The first value "2" indicates that the first field (FileName) corresponds to the second capturing group in the regular expression. The second value "1" indicates that the second field (FileSize) corresponds to the first capturing group in the regular expression. The capturing group is the regular expression in parenthesis. In the above example, the first capturing group is ([0-9]+) and the second capturing group is (.*). As seen in the above example -1 can also be specified as the integer value. When this is specified that field is ignored. | |
| DILinger: When set to True, DI connections are terminated gracefully.
This property controls how the DI connection is closed. The default is True.
In the case that DILinger is True (default), there are two scenarios for determining how long the connection will linger. The first, if DILingerTime is 0 (default), the system will attempt to send pending data for a connection until the default IP protocol timeout expires. In the second scenario, DILingerTime is a positive value, the system will attempt to send pending data until the specified DILingerTime is reached. If this attempt fails, then the system will reset the connection. The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the component returns control immediately, the system could hold system resources until all pending data is sent (even after your application closes). Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (by a client acknowledgment, for example), setting this property to False might be the appropriate course of action. | |
| DILingerTime: Time in seconds to have the DI connection linger. LingerTime is the time, in seconds, to leave the socket connection linger. This value is 0 by default, which means it will use the default IP protocol timeout. | |
| IgnoreEntries: Directory entry data to ignore.Sometimes the FTP server will return data in a directory listing that is not entry data and can be ignored. The IgnoreEntries configuration setting takes a comma-separated list of entries to ignore. Only the beginning of the entries need to be specified and correct case is not required. | |
| FileTimeFormat: The format of file time reported by the server.The default value is "M/d/yyyy hh:mm:ss tt". When set, the component will format the time returned by the server in the FileTime property.
To disable all formatting set this to empty string.
Note: This setting only applies to the FileTime property. It does not apply to the FileTime parameter of the DirList event. | |
| MaxDirEntries: Instructs component to save the amount of entries specified that are returned by the server after a ListDirectory call has been made.This config should be set when populating the DirList collection
after a call to either ListDirectory or ListDirectoryLong. This value
represents the number of entries that are to be saved in the collection
.
To save all items to the collection , set this config to -1. If no items are wanted, set this to 0, which will not save any to the collection . The default for this config is -1, so all items will be included in the collection . NOTE: This functionality is only available in Java and .NET. | |
| PortRange: Allows the specification of a port range where the component listens for active mode connections.When set to use active mode (Passive = False), the component uses any available port
to listen to incoming connections from the server. You can override this behavior by setting
PortRange to a value containing the range of ports the component will be
listening to.
The range is provided as start-end, for instance: "1024-" stands for anything higher than 1024, "1024-2048" stands for ports between 1024 and 2048 inclusive, "4000-4010, 50000-50010" stands for ports between 4000 and 4010 or between 50000 and 50010. | |
| RealTimeUpload: Enables real time uploading.When this value is set to "True" the component will upload the data in the file specified by LocalFile and continue monitoring LocalFile for additional data to upload until no new data is found for RealTimeUploadAgeLimit seconds. This allows you to start uploading a file immediately after the file is created and continue uploading as data is written to the file. The default value is "False". | |
| RealTimeUploadAgeLimit: The age limit in seconds when using RealTimeUpload.This value is only applicable when RealTimeUpload is set to "True". This specifies the number of seconds for which the component will monitor LocalFile for new data to upload. If this limit is reached and no new data is found in LocalFile the upload will complete. The default value is "1". | |
| ReuseSSLSessionInDI: Whether the SSL session will be reused for the DI connection.When set to True (default), the component will ask the server to reuse the existing DI SSL session. When set to False, a new SSL session will always be created for the DI connection. | |
| ReusePISSLSessionInDI: Whether the PI SSL session will be reused for the DI connection.When set to True, the component will reuse the PI SSL session when creating the DI connection. The default value for this configuration setting is False, in which case, the component will create a separate SSL session for the DI connection. | |
| UseEPSV: Allows extended passive mode.When set, extended passive mode will be used. | |
| UseMLSD: Uses listings for machine processing.When this is set to True the component will list files in the directory using the MLSD command. This command is an extension
to the protocol which defines a more standardized and reliable directory listing format.
Not all servers support this command. The default value is False.
When set to True, set RemoteFile to the filemask and call either ListDirectory or ListDirectoryLong. There is no difference between the two methods when this setting is enabled. | |
| UseMLST: Uses single file listing for machine processing.This setting is similar to UseMLSD except that it is only valid for a single file.
When this is set to True the component will list the file or folder specified by RemoteFile. If RemoteFile
is not set, a listing for the current directory itself will be returned. This command is an extension
to the protocol which defines a more standardized and reliable directory listing format, but for a single file or folder only.
Not all servers support this command. The default value is False.
When set to True, set RemoteFile to the file or folder you wish to get information about and call either ListDirectory or ListDirectoryLong. There is no difference between the two methods when this setting is enabled. When both UseMLSD and UseMLST are set, UseMLSD takes precedence. | |
| UseModeZ: Allows compression to be used when transferring data.The default value is false. When set to true the component will issue the "MODE Z" command to the FTP server. This will enable deflate compression so all data transferred is first compressed either by the server (when downloading) or by the component (when uploading). Note that not all servers support this feature. | |
| ModeZCompressionLevel: Used to specify the level of compression used.The default value is 7. Valid values are from 0 to 9. A higher value indicates a higher compression level is used. This is only valid when UseModeZ is set to True. | |
| UseRemoteHostAddressForPassive: Instructs the component to use the address specified by RemoteHost when establishing a data connection.When this setting is True (default), the component will use the address specified by RemoteHost when establishing a
data connection for directory listings and file transfers. When this setting is False, the component will use the address
provided by the server in response to the PASV command.
This setting is only applicable when Passive is True. |
FTPS Configuration Settings
| UseClearChannel: Allows for the Clear Command Channel (CCC) command. When set, the component will send the CCC command to the server requesting a clear (unprotected) command channel. | |
| UseClearDataChannel: Allows for the PROT C command. When this is set, the component will use a clear (unprotected) data channel by sending the PROT C command to the server. | |
| UseOldAUTHSSL: Allows use of the 'AUTH SSL' command instead of 'AUTH TLS'.
By default, the component uses the standard "AUTH TLS" command to initiate
the SSL handshake with the server. This configuration setting is included
for optional support of older servers which support only the "AUTH SSL".
command.
Using "AUTH SSL" instead of "AUTH TLS" is STRONGLY discouraged due to potential security vulnerabilities. If you must use this configuration setting, please do so very carefully. | |
| UseProtWhenImplicit: Sends the PROT P command to the server. When SSLStartMode is set to sslImplicit, setting this to true will instruct the component to send the PROT P command to the server. This explicitly tells the server that the data channel will be protected. The default value is true. | |
| VirtualHostName: Sends the HOST command to the server.Defined in RFC 7151, the HOST command allows user-FTP processes to specify which virtual host to connect to for a server-FTP process that is handling requests for multiple virtual hosts on a single IP address. When this config is set, the HOST command is sent to the server prior to authenticating. |
IPPort Configuration Settings
| ConnectionTimeout: Sets a separate timeout value for establishing a connection.When set, this configuration setting allows you to specify a different timeout value for establishing a connection. Otherwise, the component will use Timeout for establishing a connection and transmitting/receiving data. | |||||||||
| FirewallAutoDetect: Tells the component whether or not to automatically detect and use firewall system settings, if available.This is the same as AutoDetect. This setting is provided for use by components that do not directly expose Firewall properties. | |||||||||
| FirewallHost: Name or IP address of firewall (optional).If a FirewallHost is given, requested connections will be authenticated through the specified firewall
when connecting.
If the FirewallHost setting is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the FirewallHost setting is set to the corresponding address. If the search is not successful, an error is returned. NOTE: This is the same as Host. This setting is provided for use by components that do not directly expose Firewall properties. | |||||||||
| FirewallListener: If true, the component binds to a SOCKS firewall as a server (IPPort only).This entry is for IPPort only and does not work for other components that descend from IPPort.
If this entry is set, the component acts as a server. RemoteHost and RemotePort are used to tell the SOCKS firewall in which address and port to listen to. The firewall rules may ignore RemoteHost, and it is recommended that RemoteHost be set to empty string in this case. RemotePort is the port in which the firewall will listen to. If set to 0, the firewall will select a random port. The binding (address and port) is provided through the ConnectionStatus event. The connection to the firewall is made by calling the Connect method. | |||||||||
| FirewallPassword: Password to be used if authentication is to be used when connecting through the firewall.If FirewallHost is specified, the FirewallUser and FirewallPassword settings
are used to connect and authenticate to the given firewall. If the authentication fails, the component throws an exception.
NOTE: This is the same as Password. This setting is provided for use by components that do not directly expose Firewall properties. | |||||||||
| FirewallPort: The TCP port for the FirewallHost;.Note that the FirewallPort is set automatically when FirewallType is set to a valid value.
NOTE: This is the same as Port. This setting is provided for use by components that do not directly expose Firewall properties. | |||||||||
FirewallType: Determines the type of firewall to connect through.The appropriate values are as follows:
NOTE: This is the same as FirewallType. This setting is provided for use by components that do not directly expose Firewall properties. | |||||||||
| FirewallUser: A user name if authentication is to be used connecting through a firewall.If the FirewallHost is specified, the FirewallUser and FirewallPassword
settings are used to connect and authenticate to the Firewall. If the authentication fails, the component throws an exception.
NOTE: This is the same as User. This setting is provided for use by components that do not directly expose Firewall properties. | |||||||||
| KeepAliveTime: The inactivity time in milliseconds before a TCP keep-alive packet is sent.When set, TCPKeepAlive will automatically be set to true.
By default the operating system will determine the
time a connection is idle before a TCP keep-alive packet is sent. This system default if this value is not specified here is 2 hours. In many
cases a shorter interval is more useful. Set this value to the desired interval in milliseconds.
Note: This value is not applicable in Java. | |||||||||
| KeepAliveInterval: The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received.When set, TCPKeepAlive will automatically be set to true.
A TCP keep-alive packet will be sent after a period of inactivity as
defined by KeepAliveTime. If no acknowledgement is received from the remote host the keep-alive packet
will be re-sent. This setting specifies the interval at which the successive keep-alive packets are sent in milliseconds.
This system default if this value is not specified here is 1 second.
Note: This value is not applicable in Java or MAC. | |||||||||
| Linger: When set to True, connections are terminated gracefully.This property controls how a connection is closed. The default is True.
In the case that Linger is True (default), there are two scenarios for determining how long the connection will linger. The first, if LingerTime is 0 (default), the system will attempt to send pending data for a connection until the default IP protocol timeout expires. In the second scenario, LingerTime is a positive value, the system will attempt to send pending data until the specified LingerTime is reached. If this attempt fails, then the system will reset the connection. The default behavior (which is also the default mode for stream sockets) might result in a long delay in closing the connection. Although the component returns control immediately, the system could hold system resources until all pending data is sent (even after your application closes). Setting this property to False forces an immediate disconnection. If you know that the other side has received all the data you sent (by a client acknowledgment, for example), setting this property to False might be the appropriate course of action. | |||||||||
| LingerTime: Time in seconds to have the connection linger. LingerTime is the time, in seconds, to leave the socket connection linger. This value is 0 by default, which means it will use the default IP protocol timeout. | |||||||||
| LocalHost: The name of the local host through which connections are initiated or accepted.
The LocalHost setting contains the name of the local host
as obtained by the gethostname() system call, or if the
user has assigned an IP address, the value of that address.
In multi-homed hosts (machines with more than one IP interface) setting LocalHost to the value of an interface will make the component initiate connections (or accept in the case of server components) only through that interface. If the component is connected, the LocalHost setting shows the IP address of the interface through which the connection is made in internet dotted format (aaa.bbb.ccc.ddd). In most cases, this is the address of the local host, except for multi-homed hosts (machines with more than one IP interface). | |||||||||
| LocalPort: The TCP port in the local host where the component binds.
This must be set before a connection is
attempted. It instructs the component to bind to a specific
port (or communication endpoint) in the local machine.
Setting this to 0 (default) enables the system to choose a port at random. The chosen port will be shown by LocalPort after the connection is established. LocalPort cannot be changed once a connection is made. Any attempt to set this when a connection is active will generate an error. This; setting is useful when trying to connect to services that require a trusted port in the client side. An example is the remote shell (rsh) service in UNIX systems. | |||||||||
| MaxLineLength: The maximum amount of data to accumulate when no EOL is found.MaxLineLength is the size of an internal buffer, which holds received data while waiting for an EOL
string.
If an EOL string is found in the input stream before MaxLineLength bytes are received, the DataIn event is fired with the EOL parameter set to True, and the buffer is reset. If no EOL is found, and MaxLineLength bytes are accumulated in the buffer, the DataIn event is fired with the EOL parameter set to False, and the buffer is reset. The minimum value for MaxLineLength is 256 bytes. The default value is 2048 bytes. The maximum value is 65536 bytes. | |||||||||
| MaxTransferRate: The transfer rate limit in bytes per second.This setting can be used to throttle outbound TCP traffic. Set this to the number of bytes to be sent per second. By default this is not set and there is no limit. | |||||||||
| RecordLength: The length of received data records.If set to a positive value, this setting defines the length of data records to be received. The component will accumulate data
until RecordLength is reached and only then fire the DataIn event with data of length RecordLength.
This allows data to be received as records of known length. This value can be changed at any time, including within the DataIn event.
The default value is 0, meaning this setting is not used. | |||||||||
| TCPKeepAlive: Determines whether or not the keep alive socket option is enabled.If set to true, the socket's keep-alive option is enabled and keep-alive packets will be sent periodically
to maintain the connection. Set KeepAliveTime and KeepAliveInterval to
configure the timing of the keep-alive packets.
Note: This value is not applicable in Java. | |||||||||
UseIPv6: Whether to use IPv6.When set to 0 (default), the component will use IPv4 exclusively.
When set to 1, the component will use IPv6 exclusively. To instruct the component to prefer IPv6 addresses, but use IPv4 if IPv6 is not supported on the system, this setting should be set to 2. The default value is 0.
Possible values are:
| |||||||||
| CloseStreamAfterTransfer: If true, the component will close the upload or download stream after the transfer.This setting determines whether the input or output stream is closed after the transfer completes. When set to True (default), all streams will be closed after a transfer is completed. In order to keep streams open after the transfer of data, set this to False. the default value is True. | |||||||||
| TcpNoDelay: Whether or not to delay when sending packets.
When true, the socket will send all data that is ready to send at once. When
false, the socket will send smaller buffered packets of data at small intervals.
This is known as the Nagle algorithm.
By default, this config is set to false. | |||||||||
| TLS12SignatureAlgorithms: Defines the allowed TLS 1.2 signature algorithms when UseManagedSecurityAPI is True.This setting specifies the allowed server certificate signature algorithms when UseManagedSecurityAPI is
True and SSLEnabledProtocols is set to allow TLS 1.2.
When specified the component will verify that the server certificate signature algorithm is among the values specified in this setting. If the server certificate signature algorithm is unsupported the component throws an exception. The format of this value is a comma separated list of hash-signature combinations. For instance:
IPPort.Config("UseManagedSecurityAPI=true");
IPPort.Config("SSLEnabledProtocols=3072"); //TLS 1.2
IPPort.Config("TLS12SignatureAlgorithms=sha1-rsa,sha1-dsa,sha256-rsa,sha256-dsa");
The default value for this setting is "sha1-rsa,sha1-dsa,sha224-rsa,sha224-dsa,sha256-rsa,sha256-dsa,sha384-rsa,sha384-dsa,sha512-rsa,sha512-dsa".
In order to not restrict the server's certificate signature algorithm, specify an empty string as the value for this setting, which will cause the signature_algorithms TLS 1.2 extension to not be sent.
|
SSL Configuration Settings
| ReuseSSLSession: Determines if the SSL session is reused.
If set to true, the component will reuse the context if and only if the following criteria are met:
| |||||||||||||||||||||||||
| SSLCipherStrength: The minimum cipher strength used for bulk encryption.
This minimum cipher strength largely dependent on the security modules installed
on the system. If the cipher strength specified is not supported,
an error will be returned when connections are initiated.
Please note that this setting contains the minimum cipher strength requested from the security library. The actual cipher strength used for the connection is shown by the SSLStatus event. Use this setting with caution. Requesting a lower cipher strength than necessary could potentially cause serious security vulnerabilities in your application. When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList config setting. | |||||||||||||||||||||||||
| SSLEnabledProtocols: Used to enable/disable the supported security protocols.Used to enable/disable the supported security protocols.
Not all supported protocols are enabled by default (the value of this setting is 4032). If you want more granular control over the enabled protocols, you can set this property to the binary 'OR' of one or more of the following values:
When the provider is OpenSSL, SSLCipherStrength is currently not supported. This functionality is instead made available through the OpenSSLCipherList config setting. TLS 1.1 and TLS1.2 support are only available starting with Windows 7. | |||||||||||||||||||||||||
| SSLProvider: The name of the security provider to use.
Change this setting to use security providers other than the system default.
Use this setting with caution. Disabling SSL security or pointing to the wrong provider could potentially cause serious security vulnerabilities in your application. The special value "*" (default) picks the default SSL provider defined in the system. Note: On Windows systems, the default SSL Provider is "Microsoft Unified Security Protocol Provider" and cannot be changed. | |||||||||||||||||||||||||
SSLSecurityFlags: Flags that control certificate verification.The following flags are defined (specified in hexadecimal
notation). They can be or-ed together to exclude multiple
conditions:
This functionality is currently not available in Java or when the provider is OpenSSL. | |||||||||||||||||||||||||
| SSLEnabledCipherSuites: The cipher suite to be used in an SSL negotiation.The enabled cipher suites to be used in SSL negotiation.
By default, the enabled cipher suites will include all available ciphers ("*"). The special value "*" means that the component will pick all of the supported cipher suites. If SSLEnabledCipherSuites is set to any other value, only the specified cipher suites will be considered. Multiple cipher suites are separated by semicolons. Example values when UseManagedSecurityAPI is False (default):
obj.config("SSLEnabledCipherSuites=*");
obj.config("SSLEnabledCipherSuites=CALG_AES_256");
obj.config("SSLEnabledCipherSuites=CALG_AES_256;CALG_3DES");
Possible values when UseManagedSecurityAPI is False (default) include:
obj.config("SSLEnabledCipherSuites=*");
obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA");
obj.config("SSLEnabledCipherSuites=TLS_DHE_DSS_WITH_AES_128_CBC_SHA;TLS_DH_ANON_WITH_AES_128_CBC_SHA");
Possible values when UseManagedSecurityAPI is True include:
SSLEnabledCipherSuites is used together with SSLCipherStrength. Note: This configuration setting is available only in .NET and Java. |
Socket Configuration Settings
| AbsoluteTimeout: Determines whether timeouts are inactivity timeouts or absolute timeouts.If AbsoluteTimeout is set to True, any method which does not complete within Timeout seconds
will be aborted. By default, AbsoluteTimeout is False, and the timeout is an inactivity timeout.
Note: This option is not valid for UDP ports. | |
| FirewallData: Used to send extra data to the firewall.When the firewall is a tunneling proxy, use this property to send custom (additional) headers to the firewall (e.g. headers for custom authentication schemes). | |
| InBufferSize: The size in bytes of the incoming queue of the socket.
This is the size of an internal queue in the TCP/IP stack.
You can increase or decrease its size depending on the amount
of data that you will be receiving. Increasing the value of the
InBufferSize setting can provide significant improvements in
performance in some cases.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the component is activated the InBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small. | |
| OutBufferSize: The size in bytes of the outgoing queue of the socket.This is the size of an internal queue in the TCP/IP stack.
You can increase or decrease its size depending on the amount
of data that you will be sending. Increasing the value of the
OutBufferSize setting can provide significant improvements in
performance in some cases.
Some TCP/IP implementations do not support variable buffer sizes. If that is the case, when the component is activated the OutBufferSize reverts to its defined size. The same happens if you attempt to make it too large or too small. |
Base Configuration Settings
| GUIAvailable: Tells the component whether or not a message loop is available for processing events.
In a GUI-based application, long-running blocking operations may cause the application to stop responding to input until the operation returns. The component will attempt to discover whether or not the application has a message loop and, if one is discovered, it will process events in that message loop during any such blocking operation.
In some non-GUI applications an invalid message loop may be discovered that will result in errant behavior. In these cases, setting GuiAvailable to false will ensure that the component does not attempt to process external events. | |
| UseBackgroundThread: Whether threads created by the component are background threads.If set to True, when the component creates a thread the thread's IsBackground property will be explicitly set to True. By default this setting is False. | |
| UseManagedSecurityAPI: Tells the component whether or not to use the system security libraries or a managed implementation.
By default the component will use the system security libraries to perform cryptographic functions. This means
calls to unmanaged code will be made. In certain environments this is not desirable. To use a completely managed security
implementation set this setting to True. Setting this to True tells the component to use the internal managed implementation
instead of using the system's security API.
Note that when this value is set the product's system dll is no longer required as a reference, as all unmanaged code is stored in this file. |