Article delegate-en/4627 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A4624@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: FTP Delegate
10 Nov 2009 09:20:36 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A4624@delegate-en.ML_> on 11/10/09(01:48:42)
you frederic montiton <pbijabdyi-qjyh54nbbnxr.ml@ml.delegate.org> wrote:
 |Thanks for your quick reply, but my problem is away, 
 |
 |I must use the following syntax (for compatibility with existing internal applications) to connect to external ftp servers.
 |
 |proxy_username@anonymous@ftp.sunfreeware.com@ip_2nd_Delegate
 |
 |and
 |
 |proxy_password@email@domain
 |
 |
 |I'm able to be authenticated by proxy-ftp with AUTHORIZER=-localdb (created with -Fauth command)
 |I'm able to proxying a none-proxy authenticated connection on Internet
 |
 |But I can't do both ...
 |
 |Do you've any suggestion to accomplish this kind of typical ftp accross proxy authentication ?

I'm not sure what is the typical syntax for chained FTP servers with
authentication at each hop.  Also your syntax can be interpreted as
follows typially:

  a@b@c@d -> user "a" at host "b" via host "c" via host "d"

Thus it is difficult to let your interpretation be the default.
I made a very tentative implementation for it as the enclosed patch
which is activates by "-strip{@}," prefixed to the real list of
authentication severs, as follows for example.

  AUTHORIZER="-strip{@},-list{pxuser:pxpass}"
  AUTHORIZER="-strip{@},-pam"
  AUTHORIZER="-strip{@},-localdb"
  ...

Cheers,
Yutaka
--
  9 9   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( ~ )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** dist/src/delegate9.9.6-pre1/src/access.c	Sat Sep  5 20:41:01 2009
--- ./src/access.c	Tue Nov 10 18:05:04 2009
***************
*** 2594,2599 ****
--- 2594,2601 ----
  	CStr(serv,512);
  	CStr(sv1,1024);
  	const char *muser;
+ 	IStr(suserb,256);
+ 	IStr(spassb,256);
  
  	lineScan(host,servs);
  	if( realm = strchrX(servs,'@',"{(",")}") ){
***************
*** 2613,2618 ****
--- 2615,2638 ----
  	sc = list2vect(servs,',',8,(const char**)sv);
  	muser = 0;
  	for( si = 0; si < sc; si++ ){
+ 		if( ident && strneq(sv[si],"-strip",6) ){
+ 			const char *up,*pp;
+ 			IStr(dlm,8);
+ 
+ 			strcpy(dlm,"^");
+ 			Xsscanf(sv[si]+6,"{%[^}]}",DVStr(dlm,1));
+ 			up = wordScanY(user,suserb,dlm); if( *up ) up++;
+ 			pp = wordScanY(pass,spassb,dlm); if( *pp ) pp++;
+ 			if( ident && *user && *pass ){
+ 				ident->i_stat |=  AUTH_GEN|AUTH_MAPPED;
+ 				Xsscanf(up,"%[^@]@%[^\n]",AVStr(ident->i_user),
+ 					AVStr(ident->i_Host));
+ 				strcpy(ident->i_pass,pp);
+ 			}
+ 			user = suserb;
+ 			pass = spassb;
+ 			continue;
+ 		}
  		muser = 0;
  		if( strtailchr(sv[si]) == ')' ){
  			if( dp = strrchr(sv[si],'(') ){
*** dist/src/delegate9.9.6-pre1/src/ftp.c	Thu Sep 10 05:25:23 2009
--- ./src/ftp.c	Tue Nov 10 18:05:29 2009
***************
*** 2735,2740 ****
--- 2735,2747 ----
  	bzero(&ident,sizeof(ident));
  	ok = doAUTH(Conn,0,tc,proto,host,port,AVStr(up),BVStr(ahost),0,&ident);
  
+ 	if( ident.i_stat & (AUTH_GEN|AUTH_MAPPED) ){
+ 		if( FCF.fc_proxy == NULL || isinList(FCF.fc_proxy,"user") ){
+ 			strcpy(cuser,ident.i_user);
+ 			strcpy(cpass,ident.i_pass);
+ 			strcpy(ahost,ident.i_Host);
+ 		}
+ 	}
  	if( FCF.fc_authproxy & PXA_USERGEN ){
  		/* if with maped-username with AUTHORIZER=asv(mapped-user) */
  		if( ident.i_stat & AUTH_MAPPED ){
***************
*** 2944,2949 ****
--- 2951,2963 ----
   fprintf(tc,"530 [Proxy] Login failed.\r\n");
  				}
  			}else{
+ 			if( strchr(pxuser,'@') && cuser[0] && cpass[0] ){
+ 				change_server(Conn,FS,fc,tc,com,pxhost,cuser,
+ 					cpass,FS->fs_TYPE);
+ 				clearVStr(cuser);
+ 				clearVStr(cpass);
+ 				continue;
+ 			}else
  FS->fs_anonymousOK = 1; /* temporary */
  
  				/* tentative ... this should be treated more

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V