Article delegate-en/3433 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3432@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] STLS=fsv for SOCKS (Re: delegate socks with authorizer and ssl)
01 Aug 2006 17:16:00 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi Papa,

In message <_A3432@delegate-en.ML_> on 08/01/06(13:22:08)
you Martin Papadopoulos <payeabdyi-c2jtqbf7abvr.ml@ml.delegate.org> wrote:
 |so far , i managed to have a socks delegate server with authorization,
 |as described in the manual with -Fauth.
 |on the client side i use a delegate proccess with
 |MYAUTH=someuser:somepw:socks  toward the socks server
 |everything works fine.
 |but when i try to applay ssl i can't get relayed data from the socks server.
 |i tried:
 |1) STLS=fsv <=< STLS=fcl
 |2) FSV=sslway FCL=sslway
 |i am not sure if the process already blocks at the authorization stage.
 |any help would be appreciated.

As long as I know, SSL between SOCKS-DeleGate has not been implemented yet
because there has no such request, and I have a little hesitation over the
specification.  SSL can be applied to the whole of SOCKS protocol or it can
be applied only to the application protocol as the payload.  Maybe it should
follow the convension of STLS in DeleGate-DeleGate connection (by MASTER).
That is, to apply TLS to the whole SOCKS protocol, specify as this: 

  STLS=fsv

I implemented it in 9.2.4-pre8 and uploaded.  It can be used as this:

  hosta% delegated -P9999 STLS=fsv SERVER=socks SOCKS=hostb:9999
  hostb% delegated -P9999 STLS=fcl SERVER=socks

The modification to support STLS=fsv was like the enclosed patch.

# p.s. you can cope with it with older versions by inserting Tcprelay-
# DeleGate just as a SSL wrapper like this:
#
#  hosta% delegated -P9999 SERVER=socks SOCKS=localhost:9998
#  hosta% delegated -P9998 STLS=fsv SERVER=tcprelay://hostb:9999
#  hostb% delegated -P9999 STLS=fcl SERVER=socks

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


diff -c1 -r delegate9.2.4-pre7/src/socks.c delegate9.2.4-pre8/src/socks.c
*** delegate9.2.4-pre7/src/socks.c	Thu Mar 16 19:48:35 2006
--- delegate9.2.4-pre8/src/socks.c	Wed Aug  2 01:13:21 2006
***************
*** 477,478 ****
--- 477,492 ----
  
+ 	if( needSTLS_SV(Conn) ){
+ 		int insertTLS_SV(Connection *Conn,int client,int server);
+ 		int fsv;
+ 		if( ServerFlags & PF_STLS_OPT ){
+ 			/* appliy TLS to the payload */
+ 		}else{
+ 			fsv = insertTLS_SV(Conn,ClientSock,sock);
+ 			if( 0 <= fsv ){
+ 				dup2(fsv,sock);
+ 				close(fsv);
+ 			}
+ 		}
+ 	}
+ 
  	sv->s_sock = sock;

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V