FTPS Server

FTPS Server Example

A simple FTPS (FTP over SSL/TLS) server implementation for NetBurner embedded devices that demonstrates secure file transfer capabilities with SSL encryption.

Overview

This example creates a basic FTPS server that runs on a NetBurner device and listens for secure client connections on port 990. The server implements the core functionality needed for encrypted file transfers while maintaining simplicity for educational and development purposes.

Key Features:**

• SSL/TLS encrypted FTP server (FTPS)
• Self-signed certificate authentication
• File download capability
• File upload with content display
• Real-time connection monitoring
• Configurable data channel encryption

Architecture

The application consists of several key components:

Core Files

• main.cpp - Main server implementation and callback functions
• ServerCert.cpp - Embedded self-signed SSL certificate
• ServerKey.cpp - Embedded SSL private key

SSL Configuration

• Command Channel: Always encrypted when FTPS is enabled
• Data Channel: Optionally encrypted (configurable)
• Certificate: Built-in self-signed certificate for testing
• Port: 990 (standard FTPS implicit SSL port)

Functionality

File Operations

Download (Client -> Server)

• Available File: ReadFile.txt
• Content: Hardcoded text string demonstrating file serving
• Purpose: Shows how to serve files to FTPS clients

Upload (Server -> Client)

• Accepted File: WriteFile.txt only
• Processing: Content is displayed on the serial debug port
• Storage: Files are not permanently stored (memory only)
• Purpose: Demonstrates file reception and processing

Authentication

• Simple authentication mechanism (currently accepts any credentials)
• Extensible design for custom authentication logic
• Session management with start/end callbacks

Directory Operations

• Basic file listing support
• Single-level directory structure
• No subdirectory creation/deletion (returns FTPD_FAIL)
• No file deletion or renaming capabilities

Configuration Options

Network Settings

const int listenPort = 990;                    // FTPS port (21 for plain FTP)
const bool enableFTPS = true;                  // Enable SSL encryption
const bool enableEncryptedDataChannel = false; // Data channel encryption

Security Notes

• Uses implicit SSL (connection encrypted from start)
• Self-signed certificate included for testing
• Data channel encryption disabled by default for compatibility
• Authentication currently accepts any credentials

Usage Instructions

Setup Requirements

1. NetBurner device with network connectivity
2. FTPS client software (WinSCP, FileZilla with FTPS support)
3. Serial terminal software (MTTTY) for monitoring

Running the Server

1. Flash the application to your NetBurner device
2. Connect serial terminal to debug port
3. Wait for network initialization (5 seconds timeout)
4. Server will start and display status messages

Connecting with FTPS Client

1. Configure client for FTPS (not SFTP)
2. Connect to NetBurner device IP on port 990
3. Use any username/password (authentication currently accepts all)
4. Accept the self-signed certificate when prompted

File Operations

• Download: Select ReadFile.txt to download sample content
• Upload: Send a text file named WriteFile.txt to see content on serial port

Development Notes

Extending the Example

This basic implementation can be enhanced by:

• Adding proper file system support (EFFS-FAT or EFFS-STD)
• Implementing robust authentication
• Adding directory navigation
• Supporting file deletion and renaming
• Using production certificates

Callback Functions

The server implements these FTPD callback functions:

• FTPD_ListFile() - File listing
• FTPD_SendFileToClient() - File downloads
• FTPD_GetFileFromClient() - File uploads
• FTPD_FileExists() - File existence checks
• FTPD_AbleToCreateFile() - Upload permissions
• FTPDSessionStart() / FTPDSessionEnd() - Session management

Monitoring and Debugging

• Serial port displays server status and connection information
• SSL socket status updated every 5 seconds
• File upload content shown in real-time
• Error messages and diagnostic information available

Security Considerations

Production Deployment

For production use, consider:

• Replace self-signed certificate with CA-signed certificate
• Implement proper user authentication
• Enable data channel encryption if required
• Add input validation and error handling
• Implement proper file system permissions

Current Limitations

• Self-signed certificate (browser warnings)
• Basic authentication (accepts any credentials)
• No persistent file storage
• Limited file operations
• Single file download/upload support

Compatibility

FTPS Clients

Tested with:

• WinSCP (recommended)
• FileZilla (FTPS mode)
• Other RFC 4217 compliant FTPS clients

NetBurner Platform

• Requires NNDK (NetBurner Network Development Kit)
• SSL/TLS library support
• Network stack initialization
• Serial debugging capabilities

Troubleshooting

Common Issues

• Connection refused: Check network connectivity and port configuration
• Certificate errors: Accept self-signed certificate in client
• Authentication failed: Verify FTPS (not SFTP) mode in client
• File not found: Ensure exact filename match (ReadFile.txt)
• Upload rejected: Use exact filename WriteFile.txt

Debug Information

Monitor serial output for:

• Server startup status
• SSL socket connections
• File transfer progress
• Error messages and diagnostics