Hi Yutaka, I moved the proxy (dg 9.8.1) to linux, where the encryption (-Fenc) works OK :-) Just one more question: can I somehow make delegate to not put my parent proxy password into logs and '$dgroot/etc/params/${port/:/_}' file? Currently I'm just removing the params file, and replacing the passwords in logfile with ***. Doing that just after delegate start works ok for me, but is not very clean ;-) Also if anyone's interested, I'm attaching some bash scripts I use with delegate: addprivateproxy .. make encrypted /etc/delegate/$user/dg.enc, plaintext /etc/delegate/$user/dg.port, and create dgroot /var/delegate/$user startprivateproxy .. start proxy with encrypted configuration for current user stopprivateproxy .. stop tailprivateproxy .. display log in multitail proxy_shell .. create special user for running the proxy, and give him this shell for proxy control via ssh sedf .. shortcut to apply sed command on file, used by startprivateproxy to remove parent proxy password from logfile The encryption password is generated to allow automatic start (security by obscurity), which can be easily changed to prompt. Enjoy! Jan -----Original Message----- From: Killian, Jan Sent: Monday, May 05, 2008 2:16 PM To: 'feedback@delegate.org' Subject: RE: parameter encryption with -Fenc (Re: Delegate - encrypted .cdh config on win xp) Hi Yutaka, Thanks for your kind and detailed explanation of the credhy/enc/imp concepts. I tried the first 2 methods with 9.8.1 and 9.7.7-fix1, but it does not work for me on xp sp2. 0. Unencrypted: * edited dg.cnf to contain: MYAUTH=**USERDOMAIN**\\**USERNAME**:**PASSWORD**:http-proxy * excecuted: "d:\app\delegate\dg.exe" -P**PORT** -r -vt -- SERVER=http PROXY="**PARENT_PROXY**:**PARENT_PROXY_PORT**" DGROOT="d:\tmp\.dg" ADMIN="**USERNAME**" CACHE=no RES_WAIT=0 PERMIT=*:*:-/22 +=d:\tmp\.dg\dg.cnf => everything worked OK 1. Credhy: * generated random config password: 1a1dd8f59d8d585ca91bffd8f9db50b7 * encrypted config file: "d:\app\delegate\dg.exe" DGROOT="d:\tmp\.dg" -Fcredhy 1a1dd8f59d8d585ca91bffd8f9db50b7 < dg.cnf > dg.cdh KEY = 62201621622B273AB65F44C8597779D45461D4267A8E119BA7576FA82102728ACDFC CRC32 = 0xB1004B5D 2969586525 * stored config password in dgauth: "d:\app\delegate\dg.exe" DGROOT="d:\tmp\.dg" -Fauth -a config:1a1dd8f59d8d585ca91bffd8f9db50b7 -dgauth@admin **** Specify the key of encryption for 'dgauth' **** CRYPT=pass:temppwd +OK added the auth. PATH: d:\tmp\.dg/adm/authorizer/-dgauth@admin/e42d0b5c151e782b46c5374afb07528f AUTH: dgauth://config@-dgauth@admin:8787 PASS: a900f83595ab4c61e25be86188fe355f 0B0A6EC74A42BFF7FDAD3304C5BD0DFF205F6D8F61425A1DF90D109ADE77958867768790 44D11B862EEB61FA7E5749EXPIRE: 1B * started delegate: * "d:\app\delegate\dg.exe" -P**PORT** -r -vt -- SERVER=http PROXY="**PARENT_PROXY**:**PARENT_PROXY_PORT**" DGROOT="d:\tmp\.dg" ADMIN="**USERNAME**" CACHE=no RES_WAIT=0 PERMIT=*:*:-/22 +=d:\tmp\.dg\dg.cdh **** Specify the key of encryption for 'dgauth' **** CRYPT=pass:temppwd "d:\tmp\.dg/act/pid/**PORT**": kill(2572,SIGTERM) = -1 (0) ** ERROR ** Config: WindowsNT; FileSize-Bits=64/64,32/32,32; sockbuf=0000/0000X; sockpair=8192/64512,2016++; thread=Winthread; stty=none; fmem=953/0/2047M; MSC=1400 DeleGate/9.7.7-fix1 (November 14, 2007) => browser connection to proxy timed out: 05/05 13:55:47.36 [2104] 0+0: ... gethostname(**HOSTNAME**) 05/05 13:55:47.36 [2104] 0+0: configuring default RESOLV ... 05/05 13:55:47.36 [2104] 0+0: ... gethostname()='**HOSTNAME**' 05/05 13:55:47.36 [2104] 0+0: ... SYS: **HOSTNAME** -> **MY_IP** 05/05 13:55:47.42 [2104] 0+0: ... DNS: **MY_IP** -> **HOSTNAME**.**MY_DOMAIN** 05/05 13:55:47.42 [2104] 0+0: ... DNS available 05/05 13:55:47.42 [2104] 0+0: ... NIS not available (no default domain) 05/05 13:55:47.42 [2104] 0+0: ... export RES_ORDER=CFD 05/05 13:55:47.42 [2104] 0+0: export RESOLV=cache,file,dns (set by default) SRCSIGN=9.7.7-fix1:20071114171500+0900:2e734f2b9afeeb83:Author@DeleGate.. ORG:InIqseLisMa5s/g8g4TxnCZqRxPujG6ho6PMayMdxITXCowDzJC6CqkGe2DJSCCpaaMZ wzVIPinIp0Y/9UMecCDEtCNaMe6Jrx6ZvT8KwUdLhaj5OJxu9kyuaiT4em/iPlfQPmVrpvRU yT26/4uYWkbp+6i+onxQ8zk9yb0jpAE= BLDSIGN=9.7.7-fix1:20071114171724+0900:2e734f2b9afeeb83::- 05/05 13:55:47.43 [2104] 0+0: --INITIALIZATION START-08050513+0100: 9.7.7-fix1 on WindowsNT-- 05/05 13:55:47.43 [2104] 0+0: EXECDIR=d:\app\delegate 05/05 13:55:47.43 [2104] 0+0: BINSHELL=/bin/sh 05/05 13:55:47.43 [2104] 0+0: MAXIMA=delegated:64 for small mem=945M (WIN) 55:47.434 [2104] #### send_file (2104,1)[1876,7] -> 2104[1864,0] (0,Err=87) (WIN) 55:47.434 [2104] #### file to be sent fd=1 -> 0 8380000 137887744 05/05 13:55:47.51 [2104] 0+0: #### KEY CRYPT=master DUMPED 4B0D8D8C TO d:\tmp\.dg/adm/authorizer/31b73f7af387eceac89f05ba7df52d25/save/-dgauth 05/05 13:55:47.51 [2104] 0+0: #### start a service... 05/05 13:55:47.53 [2104] 0+0: server_open(delegate,:**PORT**,listen=20) 05/05 13:55:47.53 [2104] 0+0: server_open(delegate,:**PORT**) BOUND 05/05 13:55:52.65 [3512] 0+0: ## RES_ORDER=CFD 05/05 13:55:52.67 [3512] 0+0: ... gethostname(**HOSTNAME**) SRCSIGN=9.7.7-fix1:20071114171500+0900:2e734f2b9afeeb83:Author@DeleGate.. ORG:InIqseLisMa5s/g8g4TxnCZqRxPujG6ho6PMayMdxITXCowDzJC6CqkGe2DJSCCpaaMZ wzVIPinIp0Y/9UMecCDEtCNaMe6Jrx6ZvT8KwUdLhaj5OJxu9kyuaiT4em/iPlfQPmVrpvRU yT26/4uYWkbp+6i+onxQ8zk9yb0jpAE= BLDSIGN=9.7.7-fix1:20071114171724+0900:2e734f2b9afeeb83::- 05/05 13:55:52.68 [3512] 0+0: --INITIALIZATION START-08050513+0100: 9.7.7-fix1 on WindowsNT-- 05/05 13:55:52.68 [3512] 0+0: EXECDIR=d:\app\delegate 05/05 13:55:52.68 [3512] 0+0: BINSHELL=/bin/sh 05/05 13:55:52.68 [3512] 0+0: MAXIMA=delegated:64 for small mem=946M 05/05 13:55:52.70 [3512] 0+0: server_open(delegate,:**PORT**,listen=20) 05/05 13:55:52.75 [3512] 0+0: server_open(delegate,:**PORT**) BOUND 05/05 13:55:52.75 [3512] 0+0: DGROOT=d:\tmp\.dg^M 05/05 13:55:52.75 [3512] 0+0: <DeleGate/9.7.7-fix1> [3512] -P**PORT** READY^M 05/05 13:55:52.75 [3512] 0+0: PORT= **PORT**/10 (38,148) 05/05 13:55:52.75 [3512] 0+0: OWNER=nobody => OWNER=?/?(?/?) 05/05 13:55:52.76 [3512] 0+0: REMITTABLE = http,https/{80,443},gopher,ftp,wais 05/05 13:55:52.78 [3512] 0+0: --- [dgzlib1] 0 dglibdgzlib1.dll 05/05 13:55:52.78 [3512] 0+0: --- [d:\app\delegate\dgzlib1.dll] 05/05 13:55:52.78 [3512] 0+0: --- [dgzlib1] 10000000 d:\app\delegate\dgzlib1.dll 05/05 13:55:52.78 [3512] 0+0: ---- [dgzlib1] loaded 15 syms, unknown=0+0, already=0 05/05 13:55:52.78 [3512] 0+0: +++ loaded Zlib 1.2.3.f-DeleGate-v2 05/05 13:55:52.78 [3512] 0+0: #### gzip/gunzip = dynamically linked 05/05 13:55:52.78 [3512] 0+0: ADMIN=**USERNAME** protocol=http(specialist) 05/05 13:55:52.78 [3512] 0+0: WORKDIR=d:\tmp\.dg/work/**PORT** 05/05 13:55:52.79 [3512] 0+0: MOUNT[0]X[2] /-/builtin/icons/* = default 05/05 13:55:52.79 [3512] 0+0: MOUNT[1]X[3] /-/* = forbidden,from=!.RELIABLE,default 05/05 13:55:52.79 [3512] 0+0: MOUNT[2]X[0] /-* = default 05/05 13:55:52.79 [3512] 0+0: MOUNT[3]X[1] /=* = default 05/05 13:55:52.79 [3512] 0+0: MOUNT[4]=[4] /favicon.ico builtin:icons/ysato/default.ico default,direction=fo,onerror=404,expires=15m 05/05 13:55:52.79 [3512] 0+0: #### stack size limit = FFFFFFFF (-1) 05/05 13:55:52.79 [3512] 0+0: Stay open PIDFILE for accept() lock[fd=14] 05/05 13:55:52.79 [3512] 0+0: StickyReport[15,16]127.0.0.1:1823><127.0.0.1:1824 8192/64512 8192/65536 05/05 13:55:52.79 [3512] 0+0: env[49] LIBPATH=.;C:\WINDOWS\system32;d:\tmp\.dg/lib;d:\app\delegate;d:\tmp\.dg/ etc 05/05 13:55:52.79 [3512] 0+0: arg[1] LIBPATH=.;D:\Tmp\.dg;d:\tmp\.dg/lib;d:\app\delegate;d:\tmp\.dg/etc 05/05 13:55:52.79 [3512] 0+0: arg[2] RESOLV=cache,file,dns 05/05 13:55:52.79 [3512] 0+0: arg[3] SERVER=http 05/05 13:55:52.79 [3512] 0+0: arg[4] PROXY=**PARENT_PROXY**:**PARENT_PROXY_PORT** 05/05 13:55:52.79 [3512] 0+0: arg[5] DGROOT=d:\tmp\.dg 05/05 13:55:52.79 [3512] 0+0: arg[6] ADMIN=**USERNAME** 05/05 13:55:52.79 [3512] 0+0: arg[7] CACHE=no 05/05 13:55:52.79 [3512] 0+0: arg[8] RES_WAIT=0 05/05 13:55:52.79 [3512] 0+0: arg[9] PERMIT=*:*:-/22 05/05 13:55:52.82 [3512] 0+0: Encrypted with the CRYPT MasterKey: 350->351 ${ETCDIR}/params/${PORT}.cdh 05/05 13:55:52.82 [3512] 0+0: DELEGATE_Modified[1]: 481ef5c8 1209988552 05/05 13:55:52.82 [3512] 0+0: --INITIALIZATION DONE-08050513+0100: 9.7.7-fix1 on WindowsNT-- (WIN) 55:58.184 [3512] spawn() = 380 [2584], children(alive=1/1) 0.047s 05/05 13:55:58.18 [3512] 1+0: spawn() = 380 [2584], children(alive=1/1) 0.047s 05/05 13:56:28.48 [3580] 0+0: PORT> -P**PORT** 05/05 13:56:28.48 [3580] 0+0: Kill(3512,15) (WIN) 56:28.481 [3580] kill(3512,15) = -1, failed GetExitCodeProcess() 05/05 13:56:28.48 [3580] 0+0: Kill(3512,15)=-1, errno=0 (WIN) 56:28.496 [3580] [672] svc DO_FINALIZE 0 0 (WIN) 56:28.668 [3512] [2276] svc Terminate... 05/05 13:56:28.67 [3512] 1+0: TERMINATE... 05/05 13:56:28.68 [3512] 1+0: #### KEY CRYPT=master DUMPED 4B0D8D8C TO d:\tmp\.dg/adm/authorizer/31b73f7af387eceac89f05ba7df52d25/save/-dgauth 05/05 13:56:28.68 [3512] 1+0: Kill(380,15) 05/05 13:56:28.68 [3512] 1+0: StickyKill(15): 1/1 killed 05/05 13:56:28.68 [3512] 1+0: unlinked d:\tmp\.dg/work/**PORT**/3512 05/05 13:56:28.68 [3512] 1+0: removed d:\tmp\.dg/work/**PORT**/ (WIN) 56:28.684 [3512] wait3(N) = 380 [2584] 0, children(alive=0/1) 0.00s 05/05 13:56:28.68 [3512] 1+0: wait3(N) = 380 [2584] 0, children(alive=0/1) 0.00s 05/05 13:56:28.70 [3512] 1+0: TERMINATED. 05/05 13:56:28.70 [3512] 1+0: AcceptByMain: break on TERMINATE. 05/05 13:56:28.70 [3512] 1+0: main loop break on TERMINATE. 05/05 13:56:28.70 [3512] 1+0: _main() done 05/05 13:56:28.70 [3512] 1+0: SetStatus: STOPPED (WIN) 56:28.700 [3512] [1980] svc SetStatus: STOPPED 05/05 13:56:28.70 [3512] 1+0: SetStatus: STOP (WIN) 56:28.700 [3512] [2276] svc SetStatus: STOP (WIN) 56:28.700 [3512] [1980] svc ExitThread() from ServiceStart() (WIN) 56:28.700 [3512] [2276] svc start_service() done (1,1,0) (WIN) 56:28.700 [3512] [2276] svc DO_INITIALIZE -> DO_FINALIZE (WIN) 56:28.700 [3512] [2276] svc DO_FINALIZE 0 0 * With 9.8.1 I also noticed that the browser request made delegate spawn another dg.exe process, that was not later killed with -Fkill. With 9.7.7-fix1 I cannot reproduce it anymore. 2. Enc: * encrypted config file: "d:\app\delegate\dg.exe" DGROOT="d:\tmp\.dg" -Fenc -ktemppwd < dg.cnf > dg.enc * started delegate: "d:\app\delegate\dg.exe" -P**PORT** -r -vt -- SERVER=http PROXY="**PARENT_PROXY**:**PARENT_PROXY_PORT**" DGROOT="d:\tmp\.dg" ADMIN="**USERNAME**" CACHE=no RES_WAIT=0 PERMIT=*:*:-/22 +=d:\tmp\.dg\dg.enc **** PASSWD=ext:::temppwd Config: WindowsNT; FileSize-Bits=64/64,32/32,32; sockbuf=0000/0000X; sockpair=8192/64512,2016++; thread=Winthread; stty=none; fmem=954/0/2047M; MSC=1400 DeleGate/9.7.7-fix1 (November 14, 2007) => browser immeadiatelly reported that it cannot connect to proxy: 05/05 14:05:53.06 [2692] 0+0: ... gethostname(**HOSTNAME**) 05/05 14:05:53.06 [2692] 0+0: configuring default RESOLV ... 05/05 14:05:53.06 [2692] 0+0: ... gethostname()='**HOSTNAME**' 05/05 14:05:53.06 [2692] 0+0: ... SYS: **HOSTNAME** -> **MY_IP** 05/05 14:05:53.13 [2692] 0+0: ... DNS: **MY_IP** -> **HOSTNAME**.**MY_DOMAIN** 05/05 14:05:53.13 [2692] 0+0: ... DNS available 05/05 14:05:53.13 [2692] 0+0: ... NIS not available (no default domain) 05/05 14:05:53.13 [2692] 0+0: ... export RES_ORDER=CFD 05/05 14:05:53.13 [2692] 0+0: export RESOLV=cache,file,dns (set by default) SRCSIGN=9.7.7-fix1:20071114171500+0900:2e734f2b9afeeb83:Author@DeleGate.. ORG:InIqseLisMa5s/g8g4TxnCZqRxPujG6ho6PMayMdxITXCowDzJC6CqkGe2DJSCCpaaMZ wzVIPinIp0Y/9UMecCDEtCNaMe6Jrx6ZvT8KwUdLhaj5OJxu9kyuaiT4em/iPlfQPmVrpvRU yT26/4uYWkbp+6i+onxQ8zk9yb0jpAE= BLDSIGN=9.7.7-fix1:20071114171724+0900:2e734f2b9afeeb83::- 05/05 14:05:53.13 [2692] 0+0: --INITIALIZATION START-08050514+0100: 9.7.7-fix1 on WindowsNT-- 05/05 14:05:53.13 [2692] 0+0: EXECDIR=d:\app\delegate 05/05 14:05:53.13 [2692] 0+0: BINSHELL=/bin/sh 05/05 14:05:53.13 [2692] 0+0: MAXIMA=delegated:64 for small mem=955M (WIN) 05:53.141 [2692] #### send_file (2692,1)[1880,7] -> 2692[1896,0] (0,Err=87) (WIN) 05:53.141 [2692] #### file to be sent fd=1 -> 0 A840000 176422912 05/05 14:05:53.22 [2692] 0+0: CRC ERROR 0 FFFFFFB0 05/05 14:05:53.22 [2692] 0+0: #### KEY PASSWD=ext DUMPED 61E46143 TO /var/tmp/authorizer/6ca8a167c094fa1d8952965a912a2c63/save/-dgauth 05/05 14:05:53.22 [2692] 0+0: #### start a service... 05/05 14:05:53.23 [2692] 0+0: server_open(delegate,:**PORT**,listen=20) 05/05 14:05:53.23 [2692] 0+0: server_open(delegate,:**PORT**) BOUND Could you kindly look at it, if you see where I'm making anything wrong? Thanks, Jan -----Original Message----- From: Yutaka Sato [mailto:feedback@delegate.org] Sent: Thursday, April 24, 2008 10:34 AM To: feedback@delegate.org Cc: Killian, Jan Subject: parameter encryption with -Fenc (Re: Delegate - encrypted .cdh config on win xp) Jan, In message <_A3961@delegate-en.ML_> on 04/24/08(16:23:34) I wrote: | |Then I encrypt the config: | |> "d:\app\delegate\dg.exe" DGROOT="d:\tmp\.dg" -Fcredhy testpwd < dg.conf > dg.cdh ... | |**** Specify the key of encryption for 'dgauth' | |**** CRYPT=pass:testpwd | |Here you need to specify the "MasterKey" for the repository of passwords |into which your "testpwd", the passphrase for encryption of configuration |parameters, is stored. And your passphrase needs to has been stored into |the repository as follows, encrypted with a specified MasterKey: | | > dg.exe DGROOT=d:/tmp/.dg -Fauth -a config:testpwd -dgauth@admin | **** Specify the key of encryption for 'dgauth' | **** CRYPT=pass:MasterKey | |See <URL:http://www.delegate.org/delegate/Manual.htm?EncryptedConf> for |more details. I should have said that the encryption of configuration parameters by "-Fcredhy" (introduced at DeleGate/9.0.1 ) was a very tentative one without ability of verification of integirity of the decripted data (with CRC or MD5 or so). Thus it generates broken data if a given key for decryption is not equal to the one at the encryption, as shown in your case. I added another way of encryption at DeleGate/9.4.0 by "-Fenc" which is simpler (without password repository) and safer (with integirty check). You can use it as follows: a) to see the usage > d.exe -Fenc Usage: -Fenc [-kKey] [infile] [-o outfile] [-a arg1 arg2 ...] b) generate an encrypted parameter > dg.exe -Fenc -ktestpwd -a MYAUTH=user:pass ADMIN=foo@bar +=enc:ext::1bt.fMObaW4Mc0Y34Bp5tEPLoMY6pkvjB4RYCymttSPWd5vp6ghqieamCg==: (this "+=enc:ext::...:" is an encrypted representation of "MYAUTH=user:pass ADMIN=foo@bar" with the encryption key "testpwd") c) use the encrypted parameter > dg.exe -v -P9999 +=enc:ext::1bt.fMObaW4Mc0Y34Bp5tEPLoMY6pkvjB4RYCymttSPWd5vp6ghqieamCg==: SERVER=http ... **** PASSWD=ext:::testpwd A little more tips: 1) encryption > dg.exe -Fenc -ktestpwd < conf > conf.enc 2) decription > dg.exe -Fdec -ktestpwd < conf.enc > conf 3a) substitution (asked the password interactively) > dg.exe +=conf.enc **** PASSWD=ext:::testpwd 3b) substitution giving the password > dg.exe +=conf.enc PASSWD=ext:::testpwd 3c) substitution without an external file for configuration > dg.exe +=enc:ext::1bt. ............. :" Cheers, Yutaka -- 9 9 Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/ ( ~ ) National Institute of Advanced Industrial Science and Technology _< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan Do the more with the less -- B. Fuller