Article delegate-en/4023 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4022@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: Testing the HTTP/HTTPS and FTP Delegate proxy
29 Jul 2008 15:44:21 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A4022@delegate-en.ML_> on 07/29/08(22:05:48)
you "Jean Aumont" <pvahqbdyi-lnxhrzueoznr.ml@ml.delegate.org> wrote:
 |AUTHORIZER="-none:ftp:ftp.openbsd.org:10.*.*.*"
...
 |AUTHORIZER="-list{uid1:pwd1,uid2:pwd2,uid3:pwd3,uid4:pwd4}:ftp:*:10.*.*.*"
...
 |AUTHORIZER="-never"
 |
 |Everything work except for Requirement #1, where I log to 
 |the Delegate proxy without password using the "-n" option 
 |of the FTP client which restrains ftp from attempting 
 |``auto-login'' upon initial connection.
 |Do you think that this requirement can be meet.

As I wrote, DeleGate as a FTP proxy does not support AUTHORIZER which
are not in MOUNT option.  In short, in FTP proxy, the destiantion
condition of AUTHORIZER is ignored.  It can be extended as I wrote:

 |Your usage might be realized extending FTP proxy so that is apply
 |authentication information as:
 |USER user@server + PASS pass >>> AUTHORIZER="-list{user:pass}:*:server"

The enclosed patch is a very tentative implementation of it.

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** dist/src/delegate9.8.4-pre2/src/ftp.c	Fri Jul 11 14:24:56 2008
--- src/ftp.c	Wed Jul 30 00:34:41 2008
***************
*** 2599,2604 ****
--- 2599,2630 ----
  		fclose(hfp);
  }
  static int controlCWD(FtpStat *FS,FILE *tc,PCStr(dir));
+ 
+ static int ftp_doAUTH(Connection *Conn,FILE *fc,FILE *tc,PCStr(dstproto),PCStr(dsthost),int dstport,PVStr(auser),PVStr(ahost),iFUNCP func,AuthInfo *arg){
+ 	int ok;
+ 	const char *proto = dstproto;
+ 	const char *host = dsthost;
+ 	int port = dstport;
+ 	refQStr(hostp,auser);
+ 	refQStr(passp,auser);
+ 	IStr(hostb,MaxHostNameLen);
+ 
+ 	if( 1 ){
+ 		if( hostp = strrchr(auser,'@') ){
+ 			sv1log("<<<< AUTH[%s] HOST[%s]\n",auser,host);
+ 			port = scan_hostport(proto,hostp+1,AVStr(hostb));
+ 			host = hostb;
+ 			truncVStr(hostp);
+ 			if( passp = strchr(hostp+1,':') )
+ 				strcpy(hostp,passp);
+ 			sv1log(">>>> AUTH[%s] HOST[%s]\n",auser,host);
+ 		}
+ 	}
+ 	ok = doAUTH(Conn,fc,tc,proto,host,port,BVStr(auser),BVStr(ahost),0,0);
+ 	return ok;
+ }
+ #define doAUTH ftp_doAUTH
+ 
  static void proxyFTP(Connection *Conn)
  {	FILE *tc,*fc;
  	CStr(req,1024);

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V