Article delegate-en/3434 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A3433@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] SSL between SOCKS-DeleGate (Re: STLS=fsv for SOCKS)
01 Aug 2006 17:52:47 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A3433@delegate-en.ML_> on 08/02/06(02:15:55) I wrote:
 |As long as I know, SSL between SOCKS-DeleGate has not been implemented yet
 |because there has no such request, and I have a little hesitation over the
 |specification.  SSL can be applied to the whole of SOCKS protocol or it can
 |be applied only to the application protocol as the payload.  Maybe it should
 |follow the convension of STLS in DeleGate-DeleGate connection (by MASTER).
 |That is, to apply TLS to the whole SOCKS protocol, specify as this: 
 |
 |  STLS=fsv
 |
 |I implemented it in 9.2.4-pre8 and uploaded.  It can be used as this:
 |
 |  hosta% delegated -P9999 STLS=fsv SERVER=socks SOCKS=hostb:9999
 |  hostb% delegated -P9999 STLS=fcl SERVER=socks
 |
 |The modification to support STLS=fsv was like the enclosed patch.

I noticed that FTP/PORT command freezes with this SOCKS/SSL because
STLS=fsv is not applied to the BIND command of SOCKS.
It'll be fixed as the enclosed patch in the next pre-release.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** ../arc/delegate9.2.4-pre8/src/socks.c	Wed Aug  2 01:13:21 2006
--- src/socks.c	Wed Aug  2 02:46:30 2006
***************
*** 402,407 ****
--- 402,417 ----
  	if( sock < 0 )
  		return -1;
  
+ 	if( needSTLS_SV(Conn) ){
+ 		int insertTLS_SV(Connection *Conn,int client,int server);
+ 		int fsv;
+ 		fsv = insertTLS_SV(Conn,ClientSock,sock);
+ 		if( 0 <= fsv ){
+ 			dup2(fsv,sock);
+ 			close(fsv);
+ 		}
+ 	}
+ 
  	sv->s_sock = sock;
  	if( socks_bind(Conn,sv,dsthost,dstport,uname,AVStr(rhost),rport) == 0 )
  		return sock;

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V