Provided by: libglobus-ftp-control-doc_4.7-1_all bug

NAME

       globus_ftp_extensions - GridFTP: Protocol Extensions to FTP for the Grid

Introduction

       This section defines extensions to the FTP specification STD 9, RFC 959, FILE TRANSFER
       PROTOCOL (FTP) (October 1985) These extensions provide striped data transfer, parallel
       data transfer, extended data transfer, data buffer size configuration, and data channel
       authentication.

       The following new commands are introduced in this specification

       · Striped Passive (SPAS)

       · Striped Data Port (SPOR)

       · Extended Retrieve (ERET)

       · Extended Store (ESTO)

       · Set Data Buffer Size (SBUF)

       · Data Channel Authentication Mode (DCAU)

       A new transfer mode (extended-block mode) is introduced for parallel and striped data
       transfers. Also, a set of extension options to RETR are added to control striped data
       layout and parallelism.

       The following new feature names are to be included in the FTP server's response to FEAT if
       it implements the following sets of functionality

       PARALLEL
           The server supports the SPOR, SPAS, the RETR options mentioned above, and extended
           block mode.

       ESTO
           The server implements the ESTO command as described in this document.

       ERET
           The server implements the ERET command as described in this document.

       SBUF
           The server implements the SBUF command as described in this document.

       DCAU
           The server implements the DCAU command as described in this document, including the
           requirement that data channels are authenticated by default, if RFC 2228
           authentication is used to establish the control channel.

Terminology

       Parallel transfer
           From a single data server, splitting file data for transfer over multiple data
           connections.

       Striped transfer
           Distributing a file's data over multiple independent data nodes, and transerring over
           multiple data connections.

       Data Node
           In a striped data transfer, a data node is one of the stripe destinations returned in
           the SPAS command, or one of the stripe destinations sent in the SPOR command.

       DTP
           The data transfer process establishes and manages the data connection. The DTP can be
           passive or active.

       PI
           The protocol interpreter. The user and server sides of the protocol have distinct
           roles implemented in a user-PI and a server-PI.

FTP Standards Used

       · RFC 959, FILE TRANSFER PROTOCOL (FTP), J. Postel, R. Reynolds (October 1985)

         · Commands used by GridFTP

           · USER

           · PASS

           · ACCT

           · CWD

           · CDUP

           · QUIT

           · REIN

           · PORT

           · PASV

           · TYPE

           · MODE

           · RETR

           · STOR

           · STOU

           · APPE

           · ALLO

           · REST

           · RNFR

           · RNTO

           · ABOR

           · DELE

           · RMD

           · MKD

           · PWD

           · LIST

           · NLST

           · SITE

           · SYST

           · STAT

           · HELP

           · NOOP

         · Features used by GridFTP

           · ASCII and Image types

           · Stream mode

           · File structure

       · RFC 2228, FTP Security Extensions, Horowitz, M. and S. Lunt (October 1997)

         · Commands used by GridFTP

           · AUTH

           · ADAT

           · MIC

           · CONF

           · ENC

         · Features used by GridFTP

           · GSSAPI authentication

       · RFC 2389, Feature negotiation mechanism for the File Transfer Protocol, P. Hethmon , R.
         Elz (August 1998)

         · Commands used by GridFTP

           · FEAT

           · OPTS

         · Features used by GridFTP

       · FTP Extensions, R. Elz, P. Hethmon (September 2000)

         · Commands used by GridFTP

           · SIZE

         · Features used by GridFTP

           · Restart of a stream mode transfer

Striped Passive (SPAS)

       This extension is used to establish a vector of data socket listeners for for a server
       with one or more stripes. This command MUST be used in conjunction with the extended block
       mode. The response to this command includes a list of host and port addresses the server
       is listening on.

       Due to the nature of the extended block mode protocol, SPAS must be used in conjunction
       with data transfer commands which receive data (such as STOR, ESTO, or APPE) and can not
       be used with commands which send data on the data channels.

       Syntax

       The syntax of the SPAS command is:

       spas = "SPAS" <CRLF>

       Responses

       The server-PI will respond to the SPAS command with a 229 reply giving the list of host-
       port strings for the remote server-DTP or user-DTP to connect to.

       spas-response = "229-Entering Striped Passive Mode" CRLF
                        1*(<SP> host-port CRLF)
                        229 End

       Where the command is correctly parsed, but the server-DTP cannot process the SPAS request,
       it must return the same error responses as the PASV command.

       OPTS for SPAS

       There are no options in this SPAS specification, and hence there is no OPTS command
       defined.

Striped Data Port (SPOR)

       This extension is to be used as a complement to the SPAS command to implement striped
       third-party transfers. This command MUST always be used in conjunction with the extended
       block mode. The argument to SPOR is a vector of host/TCP listener port pairs to which the
       server is to connect. This

       Due to the nature of the extended block mode protocol, SPOR must be used in conjunction
       with data transfer commands which send data (such as RETR, ERET, LIST, or NLST) and can
       not be used with commands which receive data on the data channels.

       Syntax

       The syntax of the SPOR command is:

       SPOR 1*(<SP> <host-port>) <CRLF>

       The host-port sequence in the command structure MUST match the host-port replies to a SPAS
       command.

       Responses

       The server-PI will respond to the SPOR command with the same response set as the PORT
       command described in the ftp specification.

       OPTS for SPOR

       There are no options in this SPOR specification, and hence there is no OPTS command
       defined.

Extended Retrieve (ERET)

       The extended retrieve extension is used to request that a retrieve be done with some
       additional processing on the server. This command an extensible way of providing server-
       side data reduction or other modifications to the RETR command. This command is used in
       place of OPTS to the RETR command to allow server side processing to be done with a single
       round trip (one command sent to the server instead of two) for latency-critical
       applications.

       ERET may be used with either the data transports defined in RFC 959, or using extended
       block mode as defined in this document. Using an ERET creates a new virtual file which
       will be sent, with it's own size and byte range starting at zero. Restart markers
       generated while processing an ERET are relative to the beginning of this view of the file.

       Syntax

       The syntax of the ERET command is

       ERET <SP> <retrieve-mode> <SP> <filename>

       retrieve-mode ::= P <SP> <offset> <SP> <size>
       offset ::= 64 bit integer
       size ::= 64 bit integer

       The retrieve-mode defines behavior of the extended-retrieve mode. There is one mode
       defined by this specification, but other general purpose or application-specific ones may
       be added later.

       modes_ERET Extended Retrieve Modes

       Partial Retrieve Mode (P)
           A section of the file will be retrieved from the data server. The section is defined
           by the starting offset and extent size parameters. When used with extended block mode,
           the extended block headers sent along with data will send the data with offset of 0
           meaning the beginning of the section of the file which was requested.

Extended Store (ESTO)

       The extended store extension is used to request that a store be done with some additional
       processing on the server. Arbitrary data processing algorithms may be added by defining
       additional ESTO store-modes. Similar to the ERET, the ESTO command expects data sent to
       satisfy the request to be sent as if it were a new file with data block offset 0 being
       beginning the beginning of the new file.

       The format of the ESTO command is

       ESTO <SP> <store-mode> <filename>

       store-mode ::= A <SP> <offset>

       The store-mode defines the behavior of the extended store. There is one mode defined by
       this specification, but others may be added later.

       Extended Store Modes

       Adjusted store (A)
           The data in the file is to stored with offset added to the file pointer before storing
           the blocks of the file. In extended block mode, this value is added to the offset in
           the extended block header by the server when writing to disk. Extended block headers
           should therefore send the beginning of the byte range on the data channel with offset
           of zero. In stream mode, the offset is added to the implicit offset of 0 for the
           beginning of the data before writing. If a stream mode restart marker is used in
           conjunction with this ESTO mode, the restart marker's offset is added to the offset
           passed as the parameter to the adjusted store.

Set Buffer Size (SBUF)

       This extension adds the capability of a client to set the TCP buffer size for subsequent
       data connections to a value. This replaces the server-specific commands SITE RBUFSIZE,
       SITE RETRBUFSIZE, SITE RBUFSZ, SITE SBUFSIZE, SITE SBUFSZ, and SITE BUFSIZE. Clients may
       wish to consider supporting these other commands to ensure wider compatibility.

       Syntax

       The syntax of the SBUF command is

       sbuf = SBUF <SP> <buffer-size>

       buffer-size ::= <number>

       The buffer-size value is the TCP buffer size in bytes. The TCP window size should be set
       accordingly by the server.

       Response Codes

       If the server-PI is able to set the buffer size state to the requested buffer-size, then
       it will return a 200 reply.

       Note:
           Even if the SBUF is accepted by the server, an error may occur later when the data
           connections are actually created, depending on how the server or client operating
           systems' TCP implementations.

Data Channel Authentication (DCAU)

       This extension provides a method for specifying the type of authentication to be performed
       on FTP data channels. This extension may only be used when the control connection was
       authenticated using RFC 2228 Security extensions.

       The format of the DCAU command is

       DCAU <SP> <authentication-mode> <CRLF>

       authentication-mode ::= <no-authentication>
                             | <authenticate-with-self>
                             | <authenticate-with-subject>

       no-authentication ::= N
       authenticate-with-self ::= A
       authenticate-with-subject ::= S <subject-name>

       subject-name ::= string

       Authentication Modes

           · No authentication (N)
              No authentication handshake will be done upon data connection establishment.

           · Self authentication (A)
              A security-protocol specific authentication will be used on the data channel. The
             identity of the remote data connection will be the same as the identity of the user
             which authenticated to the control connection.

           · Subject-name authentication (S)
              A security-protocol specific authentication will be used on the data channel. The
             identity of the remote data connection MUST match the supplied subject-name string.

       The default data channel authentication mode is A for FTP sessions which are RFC 2228
       authenticated---the client must explicitly send a DCAU N message to disable it if it does
       not implement data channel authentication.

       If the security handshake fails, the server should return the error response 432 (Data
       channel authentication failed).

Extended Block Mode

       The striped and parallel data transfer methods described above require an extended
       transfer mode to support out-of-sequence data delivery, and partial data transmission per
       data connection. The extended block mode described here extends the block mode header to
       provide support for these as well as large blocks, and end-of-data synchronization.

       Clients indicate that they want to use extended block mode by sending the command

       MODE <SP> E <CRLF>

       on the control channel before a transfer command is sent.

       The structure of the extended block header is

       Extended Block Header

       +----------------+-------/-----------+------/------------+
       | Descriptor     |    Byte Count     |    Offset Count   |
       |         8 bits |        64 bits    |          64 bits  |
       +----------------+-------/-----------+------/------------+

       The descriptor codes are indicated by bit flags in the descriptor byte. Six codes have
       been assigned, where each code number is the decimal value of the corresponding bit in the
       byte.

       Code     Meaning

        128     End of data block is EOR (Legacy)
         64     End of data block is EOF
         32     Suspected errors in data block
         16     Data block is a restart marker
          8     End of data block is EOD for a parallel/striped transfer
          4     Sender will close the data connection

       With this encoding, more than one descriptor coded condition may exist for a particular
       block. As many bits as necessary may be flagged.

       Some additional protocol is added to the extended block mode data channels, to properly
       handle end-of-file detection in the presence of an unknown number of data streams.

       · When no more data is to be sent on the data channel, then the sender will mark the last
         block, or send a zero-length block after the last block with the EOD bit (8) set in the
         extended block header.

       · After receiving an EOD the data connection can be cached for use in a subsequent
         transfer. To signifiy that the data connection will be closed the sender sets the close
         bit (4) in the header on the last message sent.

       · The sender communicates end of file by sending an EOF message to all servers receiving
         data. The EOF message format follows.

       Extended Block EOF Header

       +----------------+-------/--------+------/---------------+
       | Descriptor     |     unused     |  EOD count expected  |
       |         8 bits |     64 bits    |        64 bits       |
       +----------------+-------/--------+------/---------------+

       EOF Descriptor. The EOF header descriptor has the same definition as the regular data
       message header described above.

       EOD Count Expected. This 64 bit field represents the total number of data connections that
       will be established with the server receiving the file. This number is used by the
       receiver to determine it has received all of the data. When the number of EOD messages
       received equals the number represented by the 'EOD Count Expected' field the receiver has
       hit end of file.

       Simply waiting for EOD on all open data connections is not sufficient. It is possible that
       the receiver reads an EOD message on all of its open data connects while an additional
       data connection is in flight. If the receiver were to assume it reached end of file it
       would fail to receive the data on the in flight connection.

       To handle EOF in the multi-striped server case a 126 response has been introduced. When
       receiving data from a striped server a client makes a control connection to a single host,
       but several host may create several data connections back to the client. Each host can
       independently decide how many data connections it will use, but only a single EOF message
       may be sent to back to the client, therefore it must be possible to aggregate the total
       number of data connections used in the transfer across the stripes. The 126 response
       serves this purpose.

       The 126 is an intermediate response to RETR command. It has the following format.

       126 <SP> 1*(count of data connections)

       Several 'Count of data connections' can be in a single reply. They correspond to the
       stripes returned in the response to the SPAS command.

       Discussion of protocol change to enable bidirectional data channels brought up the
       following problem if doing bidirectional data channels

       If the client is pasv, and sending to a multi-stripe server, then the server creates data
       connections connections; since the client didn't do SPAS, it cannot associate HOST/PORT
       pairs on the data connections with stripes on the server (it doesn't even know how many
       there are). it cannot reliably determine which nodes to send data to. (Becomes even more
       complex in the third-party transfer case, because the sender may have multiple stripes of
       data.) The basic problem is that we need to know logical stripe numbers to know where to
       send the data.

       EOF Handling in Extended Block Mode

       If you are in either striped or parallel mode, you will get exactly one EOF on each SPAS-
       specified ports (stripes). Hosts in extended block mode must be prepared to accept an
       arbitrary number of connections on each SPOR port before the EOF block is sent.

       Restarting

       In general, opaque restart markers passed via the block header should not be used in
       extended block mode. Instead, the destination server should send extended data marker
       responses over the control connection, in the following form:

       extended-mark-response = "111" <SP> "Range Marker" <SP> <byte-ranges-list>

       byte-ranges-list       = <byte-range> [ *("," <byte-range>) ]
       byte-range             = <start-offset> "-" <end-offset>

       start-offset         ::= <number>
       end-offset           ::= <number>

       The byte ranges in the marker are an incremental set of byte ranges which have been stored
       to disk by the data server. The complete restart marker is a concatenation of all byte
       ranges received by the client in 111 responses.

       The client MAY combine adjacent ranges received over several range responses into any
       number of ranges when sending the REST command to the server to restart a transfer.

       For example, the client, on receiving the responses:

       111 Range Marker 0-29
       111 Range Marker 30-89

       may send, equivalently,

       REST 0-29,30-89
       REST 0-89
       REST 30-59,0-29,60-89

       to restart the transfer after those 90 bytes have been received.

       The server MAY indicate that a given range of data has been received in multiple
       subsequent range markers. The client MUST be able to handle this. For example:

       111 Range Marker 30-59
       111 Range Marker 0-89

       is equivalent to

       111 Range Marker 30-59
       111 Range Marker 0-29,60-89

       Similarly, the client, if it is doing no processing of the restart markers, MAY send
       redundant information in a restart.

       Should these be allowed as restart markers for stream mode?

       Performance Monitoring

       In order to monitor the performance of extended block mode transfer, an additional
       preliminary reply MAY be transmitted over the control channel. This reply is of the form:

       extended-perf-response  = "112-Perf Marker" CRLF
                                 <SP> "Timestamp:" <SP> <timestamp> CRLF
                                 <SP> "Stripe Index:" <SP> <stripe-number> CRLF
                                 <SP> "Stripe Bytes Transferred:" <SP> <byte count> CRLF
                                 <SP> "Total Stripe Count:" <SP> <stripe count> CRLF
                                 "112 End" CRLF

       timestamp               = <number> [ "." <digit> ]

       <timestamp> is seconds since the epoch

       The performance marker can contain these or any other perf-line facts which provide useful
       information about the current performance.

       All perf-line facts represent an instantaneous state of the transfer at the given
       timestamp. The meaning of the facts are

       · Timestamp - The time at which the server computed the performance information. This is
         in seconds since the epoch (00:00:00 UTC, January 1, 1970).

       · Stripe Index - the index (0-number of stripes on the STOR side of the transfer) which
         this marker pertains to.

       · Stripe Bytes Transferred - The number of bytes which have been received on this stripe.

       A transfer start time can be specified by a perf marker with 'Stripe Bytes Transferred'
       set to zero. Only the first marker per stripe can be used to specify the start time of
       that stripe. Any subsequent markers with 'Stripe Bytes Transferred' set to zero simply
       indicates no data transfer over the interval.

       A server should send a 'start' marker for each stripe. A server should also send a final
       perf marker for each stripe. This is a marker with 'Stripe Bytes Transferred' set to the
       total transfer size for that stripe.

Options to RETR

       The options described in this section provide a means to convey striping and transfer
       parallelism information to the server-DTP. For the RETR command, the Client-FTP may
       specify a parallelism and striping mode it wishes the server-DTP to use. These options are
       only used by the server-DTP if the retrieve operation is done in extended block mode.
       These options are implemented as RFC 2389 extensions.

       The format of the RETR OPTS is specified by:

       retr-opts     = "OPTS" <SP> "RETR" [<SP> option-list] CRLF
       option-list   = [ layout-opts ";" ] [ parallel-opts ";" ]
       layout-opts   = "StripeLayout=Partitioned"
                     | "StripeLayout=Blocked;BlockSize=" <block-size>
       parallel-opts = "Parallelism=" <starting-parallelism> ","
                                      <minimum-parallelism>  ","
                                      <maximum-parallelism>

       block-size           ::= <number>
       starting-parallelism ::= <number>
       minimum-parallelism  ::= <number>
       maximum-parallelism  ::= <number>

       Layout Options

       The layout option is used by the source data node to send sections of the data file to the
       appropriate destination stripe. The various StripeLayout parameters are to be implemented
       as follows:

       Partitioned
           A partitioned data layout is one where the data is distributed evenly on the
           destination data nodes. Only one contiguous section of data is stored on each data
           node. A data node is defined here a single host-port mentioned in the SPOR command

       Blocked
           A blocked data layout is one where the data is distributed in round-robin fashion over
           the destination data nodes. The data distribution is ordered by the order of the host-
           port specifications in the SPOR command. The block-size defines the size of blocks to
           be distributed.

       PLVL Parallelism Options

       The parallelism option is used by the source data node to control how many parallel data
       connections may be established to each destination data node. This extension option
       provides for both a fixed level of parallelism, and for adapting the parallelism to the
       host/network connection, within a range. If the starting-parallelism option is set, then
       the server-DTP will make starting-parallelism connections to each destination data node.
       If the minimum-parallelism option is set, then the server may reduce the number of
       parallel connections per destination data node to this value. If the maximum-parallelism
       option is set, then the server may increase the number of parallel connections to per
       destination data node to at most this value.

References

       [1] Postel, J. and Reynolds, J., '<a href='ftp://ftp.isi.edu/in-notes/rfc959.txt'> FILE
       TRANSFER PROTOCOL (FTP)</a>', STD 9, RFC 959, October 1985.

       [2] Hethmon, P. and Elz, R., '<a href='ftp://ftp.isi.edu/in-notes/rfc2389.txt'> Feature
       negotiation mechanism for the File Transfer Protocol</a>', RFC 2389, August 1998.

       [3] Horowitz, M. and Lunt, S., '<a href='ftp://ftp.isi.edu/in-notes/rfc2228.txt'> FTP
       Security Extensions</a>', RFC 2228, October 1997.

       [4] Elz, R. and Hethom, P., '<a href='http://www.ietf.org/internet-drafts/draft-ietf-
       ftpext-mlst-13.txt'> FTP Extensions</a>', IETF Draft, May 2001.

Appendix I: Implementation under GSI

       There are several security components in this document which are extensions to the
       behavior of RFC 2228. These appendix attempts to clarify the protocol how these extensions
       map to the OpenSSL-based implementation of the GSSAPI known as GSI (Grid Security
       Infrastructure).

       A client implementation which communicates with a server which supports the DCAU extension
       should delegate a limited credential set (using the GSS_C_DELEG_FLAG and
       GSS_C_GLOBUS_LIMITED_DELEG_PROXY_FLAG flags to gss_init_sec_context()). If delegation is
       not performed, the client MUST request that DCAU be disable by requesting DCAU N, or the
       server will be unable to perform the default of DCAU A as described by this document.

       When DCAU mode 'A' or 'S' is used, a separate security context is established on each data
       channel. The context is established by performing the GSSAPI handshake with the active-DTP
       calling gss_init_sec_context() and the passive-DTP calling gss_accept_sec_context(). No
       delegation need be done on these data channels.

       Data channel protection via the PROT command MUST always be used in conjunction with the
       DCAU A or DCAU S commands. If a PROT level is set, then messages will be wrapped according
       to RFC 2228 Appendix I using the contexts established on each data channel. Tokens
       transferred over the data channels when either PROT or DCAU is used are not framed in any
       way when using GSI. (When implementing this specification with other GSSAPI mechanisms, a
       4 byte, big endian, binary token length should procede all tokens).

       If the DCAU mode or the PROT mode is changed between file transfers when caching data
       channels in extended block mode, all open data channels must be closed. This is because
       the GSI implementation does not support changing levels of protection on an existing
       connection.