Prevent sending encrypted resp to unencrypted cmd #315

giampaolo · Mar 6, 2020 · f1a3b6e · f1a3b6e
1 parent 8b2d2ec
commit f1a3b6e
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/pyftpdlib/handlers.py b/pyftpdlib/handlers.py
@@ -3600,6 +3600,10 @@ def handle_failed_ssl_handshake(self):
             self.log("SSL handshake failed.")
             self.close()
 
+        def clear_incoming_buffer(self):
+            self.ac_in_buffer = b''
+            self.incoming = []
+
         def ftp_AUTH(self, line):
             """Set up secure control channel."""
             arg = line.upper()
@@ -3609,6 +3613,7 @@ def ftp_AUTH(self, line):
                 # From RFC-4217: "As the SSL/TLS protocols self-negotiate
                 # their levels, there is no need to distinguish between SSL
                 # and TLS in the application layer".
+                self.clear_incoming_buffer()
                 self.respond('234 AUTH %s successful.' % arg)
                 self.secure_connection(self.ssl_context)
             else: