As I use Wireshark to capture packets, i realize that the USER packet and PASS packet is sent in different packets. Is this some sort of standard? Why don't we combine username and password in 1 packet?
I was trying to find a lot of sources and stuff, but couldn't find anything related.
tldr;
USER
and PASS
commands are treated as separate requests because they are logically distinct steps in the authentication process that the server must handle independently.
The answer is in RFC959
4.2. FTP REPLIES
Some commands occur in sequential groups, such as
USER
,PASS
and
ACCT, or RNFR and RNTO. The replies show the existence of an
intermediate state if all preceding commands have been successful.
Note that "sequentially". Now in 5.4, we have the sequence of commands and replies.
For the LOGIN
:
5.4. SEQUENCING OF COMMANDS AND REPLIES
This listing forms the basis for the state
diagrams, which will be presented separately.
Connection Establishment
120
220
220
421
Login
USER
230
530
500, 501, 421
331, 332
PASS
230
202
530
500, 501, 503, 421
332
ACCT
230
202
530
500, 501, 503, 421
CWD
250
500, 501, 502, 421, 530, 550
CDUP
200
500, 501, 502, 421, 530, 550
SMNT
202, 250
500, 501, 502, 421, 530, 550
Note that each command has its own reply list from the server, and how USER
and PASS
are sequential commands.
In short, FTP's structure naturally leads to this: USER
and PASS
commands are treated as separate requests.
The server handles these commands sequentially and independently, meaning that the commands must be sent in different packets.