<x-html>
<br><font size=2 face="sans-serif">Hi,</font>
<br>
<br><font size=2 face="sans-serif">its started via xinetd. The startup
option are: -e -b</font>
<br>
<br><font size=2 face="sans-serif">Thanks and regards</font>
<br><font size=2 face="sans-serif">Thomas</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Andreas Schoenberg <[EMAIL
PROTECTED]></b>
</font>
<br><font size=1 face="sans-serif">Sent by: [EMAIL PROTECTED]</font>
<p><font size=1 face="sans-serif">23.03.2005 15:11</font>
<table border>
<tr valign=top>
<td bgcolor=white>
<div align=center><font size=1 face="sans-serif">Please respond to<br>
[EMAIL PROTECTED]</font></div></table>
<br>
<td width=59%>
<table width=100%>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td><font size=1 face="sans-serif">"general-l List Member" <[EMAIL
PROTECTED]></font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td><font size=1 face="sans-serif">[general-l] run time error
{04}</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><font size=2><tt>Hi,<br>
<br>
which options did you use to start ftp.proxy?<br>
<br>
<br>
Andreas<br>
<br>
<br>
<br>
--general-l------------------------------------<br>
To unsubscribe please visit:<br>
http://www.ftpproxy.org/html/maillinglists.html<br>
<br>
</tt></font>
<br>
</x-html>
From [EMAIL PROTECTED] Fri Apr 15 12:25:32 2005
Return-Path: <[EMAIL PROTECTED]>
Received: from mail.compucation.de (mail.compucation.de [213.185.64.44])
by um1.pce.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) with ESMTP
id j3FAPYw20898
(using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO)
for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 12:25:34 +0200
Received: from mail.ifra.com (mail.ifra.com [195.143.61.126])
by compucation.de (mail.compucation.de [213.185.64.44])
(MDaemon.PRO.v8.0.0.R)
with ESMTP id md50000049151.msg
for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 12:25:05 +0200
In-Reply-To: <[EMAIL PROTECTED]>
To: "general-l List Member" <[EMAIL PROTECTED]>
Subject: [general-l] run time error {05}
MIME-Version: 1.0
X-Mailer: Lotus Notes Release 6.5.2 June 01, 2004
Message-ID: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Date: Fri, 15 Apr 2005 12:24:57 +0200
X-MIMETrack: Serialize by Router on IFRA_GATE/IFRA/DE(Release 6.5.2|June 01,
2004) at 04/15/2005
12:24:59 PM,
Serialize complete at 04/15/2005 12:24:59 PM
X-MDRemoteIP: 195.143.61.126
Sender: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
X-MDMailing-List: [EMAIL PROTECTED]
X-MDSend-Notifications-To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-MDAV-Processed: mail.compucation.de, Fri, 15 Apr 2005 12:25:10 +0200
X-UIDL: ,08"!f6)!!FZX!!0(*"!
X-Eudora2Unix: 3905-11-05T08:39:37Z converted
<x-html>
<br><font size=2 face="sans-serif">Hi,</font>
<br>
<br><font size=2 face="sans-serif">its started via xinetd. The startup
option are: -e -b</font>
<br>
<br><font size=2 face="sans-serif">Thanks and regards</font>
<br><font size=2 face="sans-serif">Thomas</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Andreas Schoenberg <[EMAIL
PROTECTED]></b>
</font>
<br><font size=1 face="sans-serif">Sent by: [EMAIL PROTECTED]</font>
<p><font size=1 face="sans-serif">23.03.2005 15:11</font>
<table border>
<tr valign=top>
<td bgcolor=white>
<div align=center><font size=1 face="sans-serif">Please respond to<br>
[EMAIL PROTECTED]</font></div></table>
<br>
<td width=59%>
<table width=100%>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td><font size=1 face="sans-serif">"general-l List Member" <[EMAIL
PROTECTED]></font>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td>
<tr valign=top>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td><font size=1 face="sans-serif">[general-l] run time error
{04}</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><font size=2><tt>Hi,<br>
<br>
which options did you use to start ftp.proxy?<br>
<br>
<br>
Andreas<br>
<br>
<br>
<br>
--general-l------------------------------------<br>
To unsubscribe please visit:<br>
http://www.ftpproxy.org/html/maillinglists.html<br>
<br>
</tt></font>
<br>
</x-html>
From [EMAIL PROTECTED] Fri Apr 15 12:39:14 2005
X-Persona: <FTP-Proxy>
Return-path: <[EMAIL PROTECTED]>
Received: from mail.ifra.com (mail.ifra.com [195.143.61.126])
by compucation.de (mail.compucation.de [213.185.64.44])
(MDaemon.PRO.v8.0.0.R)
with ESMTP id md50000049152.msg
for <[email protected]>; Fri, 15 Apr 2005 12:34:45 +0200
To: "ftp.proxy" <[email protected]>
Subject: [general-l] run time error {05}
MIME-Version: 1.0
X-Mailer: Lotus Notes Release 6.5.2 June 01, 2004
Message-ID: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Date: Fri, 15 Apr 2005 12:34:37 +0200
X-MIMETrack: Serialize by Router on IFRA_GATE/IFRA/DE(Release 6.5.2|June 01,
2004) at 04/15/2005
12:34:40 PM,
Serialize complete at 04/15/2005 12:34:40 PM
X-MDRcpt-To: [EMAIL PROTECTED]
X-Rcpt-To: [EMAIL PROTECTED]
X-MDRemoteIP: 195.143.61.126
Sender: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
X-MDMailing-List: [EMAIL PROTECTED]
X-MDSend-Notifications-To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [email protected]
X-MDAV-Processed: mail.compucation.de, Fri, 15 Apr 2005 12:35:13 +0200
X-Eudora2Unix: 3905-11-05T08:39:37Z converted
<x-html>
<br><font size=2 face="sans-serif">Hi,</font>
<br>
<br><font size=2 face="sans-serif">its started via xinetd. The startup
option are: -e -b</font>
<br>
<br><font size=2 face="sans-serif">Thanks and regards</font>
<br><font size=2 face="sans-serif">Thomas</font>
</x-html>
From [EMAIL PROTECTED] Fri Apr 15 12:39:06 2005
Return-Path: <[EMAIL PROTECTED]>
Received: from mail.compucation.de (mail.compucation.de [213.185.64.44])
by um1.pce.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) with ESMTP
id j3FAZKw20995
(using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO)
for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 12:35:20 +0200
Received: from mail.ifra.com (mail.ifra.com [195.143.61.126])
by compucation.de (mail.compucation.de [213.185.64.44])
(MDaemon.PRO.v8.0.0.R)
with ESMTP id md50000049152.msg
for <[EMAIL PROTECTED]>; Fri, 15 Apr 2005 12:34:45 +0200
To: "general-l List Member" <[EMAIL PROTECTED]>
Subject: [general-l] run time error {05}
MIME-Version: 1.0
X-Mailer: Lotus Notes Release 6.5.2 June 01, 2004
Message-ID: <[EMAIL PROTECTED]>
From: [EMAIL PROTECTED]
Date: Fri, 15 Apr 2005 12:34:37 +0200
X-MIMETrack: Serialize by Router on IFRA_GATE/IFRA/DE(Release 6.5.2|June 01,
2004) at 04/15/2005
12:34:40 PM,
Serialize complete at 04/15/2005 12:34:40 PM
X-MDRemoteIP: 195.143.61.126
Sender: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
X-MDMailing-List: [EMAIL PROTECTED]
X-MDSend-Notifications-To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-MDAV-Processed: mail.compucation.de, Fri, 15 Apr 2005 12:34:49 +0200
X-UIDL: Y/>"!(5?!!,,R"!5oV!!
X-Eudora2Unix: 3905-11-05T08:39:37Z converted
<x-html>
<br><font size=2 face="sans-serif">Hi,</font>
<br>
<br><font size=2 face="sans-serif">its started via xinetd. The startup
option are: -e -b</font>
<br>
<br><font size=2 face="sans-serif">Thanks and regards</font>
<br><font size=2 face="sans-serif">Thomas</font>
</x-html>
From [EMAIL PROTECTED] Wed Apr 20 10:22:22 2005
Return-Path: <[EMAIL PROTECTED]>
Received: from mail.compucation.de (mail.compucation.de [213.185.64.44])
by um1.pce.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) with ESMTP
id j3K8FXw26088
(using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO)
for <[EMAIL PROTECTED]>; Wed, 20 Apr 2005 10:15:35 +0200
Received: from asg.ftpproxy.org by compucation.de
(Cipher TLSv1:RC4-MD5:128) (MDaemon.PRO.v8.0.1.R)
with ESMTP id md50000049595.msg
for <[EMAIL PROTECTED]>; Wed, 20 Apr 2005 10:14:50 +0200
Message-ID: <[EMAIL PROTECTED]>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.1.2
Date: Wed, 20 Apr 2005 10:14:27 +0200
To: "general-l List Member" <[EMAIL PROTECTED]>
From: Andreas Schoenberg <[EMAIL PROTECTED]>
Subject: [general-l] can not install ftp.proxy {02}
In-Reply-To: <[EMAIL PROTECTED]
e>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Spam-Processed: mail.compucation.de, Wed, 20 Apr 2005 10:14:50 +0200
(not processed: message from valid local sender)
X-MDRemoteIP: 213.185.64.46
Sender: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
X-MDMailing-List: [EMAIL PROTECTED]
X-MDSend-Notifications-To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-MDAV-Processed: mail.compucation.de, Wed, 20 Apr 2005 10:14:52 +0200
X-UIDL: N`,"!~0]!!2LB"!6D\!!
X-Eudora2Unix: 3905-11-05T08:39:37Z converted
<x-flowed>
At 16:37 14.4.2005, you wrote:
>hello all,
>
>i try to install ftp.proxy in my openbsd 3.6 machine,
>but i get this message:
>
># cd ftpproxy-1.2.3/
># ls
>HISTORY INSTALL LICENSE Makefile
> doc ftpproxy.lsm samples src
># make
>"Makefile", line 6: Need an operator
>Fatal errors encountered -- cannot continue
>
>any body knows what should i do?
>or ftp.proxy do not compatible with openbsd 3.6 ?
>please help me
>
Hello,
please use gmake to build ftp.proxy on OpenBSD.
Andreas
--general-l------------------------------------
To unsubscribe please visit:
http://www.ftpproxy.org/html/maillinglists.html
</x-flowed>
From [EMAIL PROTECTED] Wed Apr 20 10:22:21 2005
X-Persona: <FTP-Proxy>
Return-path: <[EMAIL PROTECTED]>
Received: from asg.ftpproxy.org by compucation.de
(Cipher TLSv1:RC4-MD5:128) (MDaemon.PRO.v8.0.1.R)
with ESMTP id md50000049595.msg
for <[email protected]>; Wed, 20 Apr 2005 10:14:50 +0200
Message-ID: <[EMAIL PROTECTED]>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.1.2
Date: Wed, 20 Apr 2005 10:14:27 +0200
To: "ftp.proxy" <[email protected]>
From: Andreas Schoenberg <[EMAIL PROTECTED]>
Subject: [general-l] can not install ftp.proxy {02}
In-Reply-To: <[EMAIL PROTECTED]
e>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Spam-Processed: mail.compucation.de, Wed, 20 Apr 2005 10:14:50 +0200
(not processed: message from valid local sender)
X-MDRcpt-To: [EMAIL PROTECTED]
X-Rcpt-To: [EMAIL PROTECTED]
X-MDRemoteIP: 213.185.64.46
Sender: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
X-MDMailing-List: [EMAIL PROTECTED]
X-MDSend-Notifications-To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [email protected]
X-MDAV-Processed: mail.compucation.de, Wed, 20 Apr 2005 10:15:04 +0200
X-Eudora2Unix: 3905-11-05T08:39:37Z converted
<x-flowed>
At 16:37 14.4.2005, you wrote:
>hello all,
>
>i try to install ftp.proxy in my openbsd 3.6 machine,
>but i get this message:
>
># cd ftpproxy-1.2.3/
># ls
>HISTORY INSTALL LICENSE Makefile
> doc ftpproxy.lsm samples src
># make
>"Makefile", line 6: Need an operator
>Fatal errors encountered -- cannot continue
>
>any body knows what should i do?
>or ftp.proxy do not compatible with openbsd 3.6 ?
>please help me
>
Hello,
please use gmake to build ftp.proxy on OpenBSD.
Andreas
--general-l------------------------------------
To unsubscribe please visit:
http://www.ftpproxy.org/html/maillinglists.html
</x-flowed>
From [EMAIL PROTECTED] Tue May 31 14:21:11 2005
Return-Path: <[EMAIL PROTECTED]>
Received: from mail.compucation.de (mail.compucation.de [213.185.64.44])
by um1.pce.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) with ESMTP
id j4VCIGv21810
(using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO)
for <[EMAIL PROTECTED]>; Tue, 31 May 2005 14:18:16 +0200
Received: from go4.ext.ti.com (go4.ext.ti.com [192.91.75.132])
by compucation.de (mail.compucation.de [213.185.64.44])
(Cipher TLSv1:RC4-MD5:128) (MDaemon.PRO.v8.0.2.R)
with ESMTP id md50000055265.msg
for <[EMAIL PROTECTED]>; Tue, 31 May 2005 14:17:17 +0200
Message-ID: <[EMAIL PROTECTED]>
Date: Tue, 31 May 2005 17:47:03 +0530
From: "Venkatachalam, Saravanakumar" <[EMAIL PROTECTED]>
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "general-l List Member" <[EMAIL PROTECTED]>
Subject: [general-l] FTP proxy authentication {01}
Content-Transfer-Encoding: 7bit
X-Lookup-Warning: MAIL lookup on [EMAIL PROTECTED] does not match 192.91.75.132
X-MDRemoteIP: 192.91.75.132
Sender: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
X-MDMailing-List: [EMAIL PROTECTED]
X-MDSend-Notifications-To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-MDAV-Processed: mail.compucation.de, Tue, 31 May 2005 14:17:21 +0200
X-UIDL: Za9"!ZnW!!8In!!G`C!!
X-Eudora2Unix: 3905-11-05T08:39:37Z converted
<x-flowed>
Dear List,
I need dual authentications to happen if a user wanted to connect to an
ftp site.
1) Login to proxy with your local username/password
2) Connect to remote site with the user command
Instead of FTPing directly to the remote FTP site, we need to FTP to
ftp-proxy on port 21. we then login to the proxy using your web access
password. If authenticated successfully, you can then connect to any
remote FTP site using the user [EMAIL PROTECTED] command.
Please help me configuring ftp.proxy to work for the above mentioned
requirement.
Thanks,
saravan
--general-l------------------------------------
To unsubscribe please visit:
http://www.ftpproxy.org/html/maillinglists.html
</x-flowed>
From [EMAIL PROTECTED] Tue May 31 17:48:38 2005
Return-Path: <[EMAIL PROTECTED]>
Received: from mail.compucation.de (mail.compucation.de [213.185.64.44])
by um1.pce.de (8.11.3/8.11.3/SuSE Linux 8.11.1-0.5) with ESMTP
id j4VFmPv24912
(using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO)
for <[EMAIL PROTECTED]>; Tue, 31 May 2005 17:48:25 +0200
Received: from sccimhc92.asp.att.net (sccimhc92.asp.att.net [63.240.76.166])
by compucation.de (mail.compucation.de [213.185.64.44])
(MDaemon.PRO.v8.0.2.R)
with ESMTP id md50000055305.msg
for <[EMAIL PROTECTED]>; Tue, 31 May 2005 17:48:20 +0200
Message-ID: <[EMAIL PROTECTED]>
Date: Tue, 31 May 2005 10:48:02 -0500
From: Greg Lyons <[EMAIL PROTECTED]>
User-Agent: Debian Thunderbird 1.0.2 (X11/20050331)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: "general-l List Member" <[EMAIL PROTECTED]>
Subject: [general-l] FTP proxy authentication {02}
References: <[EMAIL PROTECTED]>
In-Reply-To: <[EMAIL PROTECTED]>
Content-Transfer-Encoding: 7bit
X-Lookup-Warning: MAIL lookup on [EMAIL PROTECTED] does not match 63.240.76.166
X-MDRemoteIP: 63.240.76.166
Sender: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
X-MDMailing-List: [EMAIL PROTECTED]
X-MDSend-Notifications-To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-MDAV-Processed: mail.compucation.de, Tue, 31 May 2005 17:48:23 +0200
X-UIDL: YZ6"!JEI"!%J8!!8Q7!!
X-Eudora2Unix: 3905-11-05T08:39:37Z converted
I had the same requirement a few years back, and I created the following
patch against 1.1.5. If ftp.proxy is evoked with the "-2" switch, it
will act exactly as you describe. It also allows the user to use the
"SITE" command instead of the "USER" command to connect to the remote
site after authentication. I have no idea whether this patch applies
cleanly to the current source tree.
diff -ruNd ftp-old/ftpproxy-1.1.5/Makefile ftp-new/ftpproxy-1.1.5/Makefile
--- ftp-old/ftpproxy-1.1.5/Makefile Thu Jan 24 12:44:16 2002
+++ ftp-new/ftpproxy-1.1.5/Makefile Wed May 8 10:27:55 2002
@@ -1,6 +1,8 @@
DIR = ftpproxy-1.1.5
TAR = ftpproxy-1.1.5
+PREFIX = /usr
+ETC = /etc
TARGETS = ftp.proxy
@@ -10,8 +12,9 @@
cd src; make all
install: all
- cd src; strip $(TARGETS) && cp $(TARGETS) /usr/local/sbin
- cd doc; cp *.1 /usr/local/man/man1
+ cd src; strip $(TARGETS) && cp $(TARGETS) $(PREFIX)/sbin
+ cd doc; cp *.1 $(PREFIX)/man/man1
+ cd xinetd.d; cp ftpproxy $(ETC)/xinetd.d
ftp.proxy:
diff -ruNd ftp-old/ftpproxy-1.1.5/doc/ftp.proxy.1
ftp-new/ftpproxy-1.1.5/doc/ftp.proxy.1
--- ftp-old/ftpproxy-1.1.5/doc/ftp.proxy.1 Mon Feb 4 11:57:01 2002
+++ ftp-new/ftpproxy-1.1.5/doc/ftp.proxy.1 Wed May 8 10:25:21 2002
@@ -236,6 +236,19 @@
set \fIprefix\fR as variable prefix for the variable passwd to the access
and command control program.
.TP
+\fB-2\fR
+Use two-phase authentication. In this scenario, the user issues the USER and
+PASS commands for local authentication only. Then, the user can issue remote
+USER <user>@<site> and PASS commands, or alternatively, a SITE command to
+connect to a site without authenticating.
+.TP
+\fB-f\fR
+When two-phase authentication is in place, this option allows for fast
+verification of local credentials. This allows immediate feedback for the
+user if the local username/password are incorrect. The drawback is that your
+ACP cannot restrict remote hostnames or usernames, since they haven't been
+entered yet.
+.TP
\fB-V\fR
show version number
.TP
diff -ruNd ftp-old/ftpproxy-1.1.5/src/ftp.c ftp-new/ftpproxy-1.1.5/src/ftp.c
--- ftp-old/ftpproxy-1.1.5/src/ftp.c Mon Feb 4 11:11:21 2002
+++ ftp-new/ftpproxy-1.1.5/src/ftp.c Tue Jul 22 11:10:58 2003
@@ -73,6 +73,7 @@
{ "MDTM", 1, 1, 1, 257, 1 },
{ "MKD", 1, 1, 1, 257, 1 },
{ "MODE", 1, 0, 0, 200, 0 },
+ { "PASS", 1, 0, 0, 0, 0 },
{ "PWD", 0, 0, 0, 257, 0 },
{ "QUIT", 0, 0, 0, 221, 0 },
{ "REIN", 0, 0, 0, 0, /* 220, */ 0 }, /* wird nicht unterstuetzt */
@@ -87,6 +88,7 @@
{ "STRU", 1, 0, 0, 0, /* 200, */ 0 }, /* wird nicht unterstuetzt */
{ "SYST", 0, 0, 0, 215, 0 },
{ "TYPE", 1, 0, 0, 200, 0 },
+ { "USER", 1, 0, 1, 0, 1 },
{ "XCUP", 1, 1, 1, 200, 1 },
{ "XCWD", 1, 1, 1, 250, 1 },
{ "XMKD", 1, 1, 1, 257, 1 },
@@ -1203,19 +1205,19 @@
return (CCP_ERROR);
}
-
/*
- * dologin() accepts now blanks with in and at the end of
- * passwords - 22JAN02asg
+ * if local == 1, local user and password are collected. Otherwise,
+ * the remote username and password are collected. If -2 command line
+ * argument is used, SITE command is also accepted for remote
invocation.
+ *
+ * Returns -1 if SITE command was used, 0 if USER was used. Positive
+ * number on error.
*/
-
-int dologin(ftp_t *x)
+int get_user_pass(ftp_t *x, int local)
{
- int c, i, rc;
- char *p, word[80], line[300];
- struct hostent *hostp;
- struct sockaddr_in saddr;
-
+ char line[300], *p, word[80];
+ int i, c, site = 0;
+
while (1) {
if (readline_fd(x, 0, line, sizeof(line)) == NULL)
return (1);
@@ -1234,19 +1236,38 @@
get_word(&p, word, sizeof(word));
strupr(word);
if (strcmp(word, "USER") == 0) {
- get_word(&p, x->username, sizeof(x->username));
+ if (local == 1)
+ get_word(&p, x->local.username,
sizeof(x->local.username));
+ else
+ get_word(&p, x->username, sizeof(x->username));
cfputs(x, "331 password required");
}
else if (strcmp(word, "PASS") == 0) {
- if (*x->username == 0) {
- cfputs(x, "503 give USER first");
- continue;
+ if (local == 1) {
+ if (*x->local.username == 0) {
+ cfputs(x, "503 give USER first");
+ continue;
+ }
+ }
+ else {
+ if (*x->username == 0) {
+ cfputs(x, "503 give USER first");
+ continue;
+ }
}
- if (x->config->allow_passwdblanks == 0)
- get_word(&p, x->password, sizeof(x->password));
- else
- copy_string(x->password, p,
sizeof(x->password));
+ if (local == 1) {
+ if (x->config->allow_passwdblanks == 0)
+ get_word(&p, x->local.password,
sizeof(x->local.password));
+ else
+ copy_string(x->local.password, p,
sizeof(x->local.password));
+ }
+ else {
+ if (x->config->allow_passwdblanks == 0)
+ get_word(&p, x->password,
sizeof(x->password));
+ else
+ copy_string(x->password, p,
sizeof(x->password));
+ }
break;
}
@@ -1254,42 +1275,109 @@
cfputs(x, "221 goodbye");
return (2);
}
+ else if ((strcmp(word, "SITE") == 0) && (x->config->phaseauth
== 1) && (local == 0)) {
+ get_word(&p, x->server.name, sizeof(x->server.name));
+ site = -1;
+ break;
+ }
else {
cfputs(x, "530 login first");
}
}
+ return site;
+}
+
+ /*
+ * dologin() accepts now blanks with in and at the end of
+ * passwords - 22JAN02asg
+ *
+ * * It also support two-phase authentication (-2 on the command
+ * line), whereby a user can login using local credentials, then
+ * issue the USER and PASS commands again using the
+ * USER <user>@<host> syntax.
+ * * Also added is the ability to use the SITE command to connect
+ * to the remote site without logging in to it remote USER and
+ * PASS commands can be issued later.
+ * * When two-phase auth is used, an available option is to verify
+ * the user's local user and password before expecting the remote
+ * USER or SITE command (-f on the command line)
+ * 6MAY02gdl
+ */
+int dologin(ftp_t *x)
+{
+ int rc, site = 0;
+ char *p, line[300], code[4];
+ struct hostent *hostp;
+ struct sockaddr_in saddr;
+
+ /*
+ * Get local username and password first
+ */
+ if (x->config->phaseauth == 1) {
+ site = get_user_pass(x, 1);
+ if (site > 0) {
+ return site;
+ }
- if (x->config->selectserver == 0) {
- if ((p = strchr(x->username, '@')) != NULL && (p =
strchr(x->username, '%')) != NULL) {
- cfputs(x, "500 service unavailable");
- syslog(LOG_NOTICE, "-ERR: hostname supplied: %s", p);
- exit (1);
+ if (x->config->fastauth == 1) {
+ if (*x->config->acp != 0) {
+ if (run_acp(x) != 0)
+ exit (0);
+ }
+ cfputs(x, "230- ");
+ cfputs(x, "230- Login accepted.");
+ cfputs(x, "230- ");
+ cfputs(x, "230- Depending on your FTP client, you may
now connect using one of two");
+ cfputs(x, "230- commands:");
+ cfputs(x, "230- user <remoteuser>@<remotehost>");
+ cfputs(x, "230- - OR -");
+ cfputs(x, "230- quote site <remotehost>");
+ cfputs(x, "230 ");
}
+ }
- copy_string(x->server.name, x->config->u.server,
sizeof(x->server.name));
+ /*
+ * Get remote USER or SITE command
+ */
+ site = get_user_pass(x, 0);
+ if (site > 0) {
+ return site;
}
- else {
- /*
- * Es wird das erste Vorkommen des @-Zeichens gesucht, nicht das
- * letzte, da sonst Proxy-Routing durch den Client ermoeglicht
- * wird.
- */
+ if (site != -1) {
- if ((p = strchr(x->username, '@')) == NULL && (p =
strchr(x->username, '%')) == NULL) {
- cfputs(x, "500 service unavailable");
- syslog(LOG_NOTICE, "-ERR: missing hostname");
- exit (1);
+ if (x->config->selectserver == 0) {
+ if ((p = strrchr(x->username, '@')) != NULL && (p =
strrchr(x->username, '%')) != NULL) {
+ cfputs(x, "500 service unavailable");
+ syslog(LOG_NOTICE, "-ERR: hostname supplied:
%s", p);
+ exit (1);
+ }
+
+ copy_string(x->server.name, x->config->u.server,
sizeof(x->server.name));
}
+ else {
- *p++ = 0;
- copy_string(x->server.name, p, sizeof(x->server.name));
+ /*
+ * Es wird das erste Vorkommen des @-Zeichens gesucht,
nicht das
+ * letzte, da sonst Proxy-Routing durch den Client
ermoeglicht
+ * wird.
+ */
+
+ if ((p = strrchr(x->username, '@')) == NULL && (p =
strrchr(x->username, '%')) == NULL) {
+ cfputs(x, "500 service unavailable");
+ syslog(LOG_NOTICE, "-ERR: missing hostname");
+ exit (1);
+ }
+
+ *p++ = 0;
+ copy_string(x->server.name, p, sizeof(x->server.name));
+ }
/*
- * Den Server auf der Serverliste suchen, wenn eine Liste
- * vorhanden ist.
- */
+ * Den Server auf der Serverliste suchen, wenn eine Liste
+ * vorhanden ist.
+ */
if ((p = x->config->u.serverlist) != NULL && *p != 0) {
int permitted;
@@ -1332,25 +1420,30 @@
* Wenn vorhanden Proxy Login und Passwort auslesen.
*/
- if ((p = strchr(x->username, ':')) != NULL) {
- *p++ = 0;
- copy_string(x->local.username, x->username,
sizeof(x->local.username));
- copy_string(x->username, p, sizeof(x->username));
- }
+ if (x->config->phaseauth == 0) {
+ if ((p = strchr(x->username, ':')) != NULL) {
+ *p++ = 0;
+ copy_string(x->local.username, x->username,
sizeof(x->local.username));
+ copy_string(x->username, p, sizeof(x->username));
+ }
- if ((p = strchr(x->password, ':')) != NULL) {
- *p++ = 0;
- copy_string(x->local.password, x->password,
sizeof(x->local.password));
- copy_string(x->password, p, sizeof(x->password));
+ if ((p = strchr(x->password, ':')) != NULL) {
+ *p++ = 0;
+ copy_string(x->local.password, x->password,
sizeof(x->local.password));
+ copy_string(x->password, p, sizeof(x->password));
+ }
}
+
/*
* Access Control Programm starten
*/
- if (*x->config->acp != 0) {
- if (run_acp(x) != 0)
- exit (0);
+ if (x->config->fastauth != 1) {
+ if (*x->config->acp != 0) {
+ if (run_acp(x) != 0)
+ exit (0);
+ }
}
/*
@@ -1367,10 +1460,14 @@
sfgets(x, line, sizeof(line));
- while (line[3] != ' ') {
- if (sfgets(x, line, sizeof(line)) == NULL) {
- syslog(LOG_NOTICE, "-ERR: lost server while reading
client greeting: %s", x->server.name);
- exit (1);
+ strncpy(code, line, 3);
+ code[4] = '\0';
+ if (line[3] != ' ') {
+ while(! ((strncmp(code, line, 3) == 0) && (line[3] == ' ' ||
line[3] == '\0'))) {
+ if (sfgets(x, line, sizeof(line)) == NULL) {
+ syslog(LOG_NOTICE, "-ERR: lost server while
reading client greeting: %s", x->server.name);
+ exit (1);
+ }
}
}
@@ -1388,48 +1485,35 @@
*
*/
- rc = sfputc(x, "USER", x->username, line, sizeof(line), NULL);
-
- if (rc == 230) {
- cfputs(x, "230 login accepted");
- syslog(LOG_NOTICE, "login accepted: [EMAIL PROTECTED], no
password needed.", x->username, x->server.name);
- return (0);
- }
- else if (rc != 331) {
- cfputs(x, "500 service unavailable");
- syslog(LOG_NOTICE, "-ERR: unexpected reply to USER: %s", line);
- exit (1);
- }
- else if (sfputc(x, "PASS", x->password, line, sizeof(line), NULL) !=
230) {
- cfputs(x, "530 bad login");
- syslog(LOG_NOTICE, "-ERR: reply to PASS: %s", line);
- exit (1);
- }
-
- cfputs(x, "230 login accepted");
- syslog(LOG_NOTICE, "login accepted: [EMAIL PROTECTED]", x->username,
x->server.name);
+ /* only login if USER [EMAIL PROTECTED] was given. SITE doesn't
require login */
+ if (site != -1) {
+ rc = sfputc(x, "USER", x->username, line, sizeof(line), NULL);
- return (0);
+ if (rc == 230) {
+ cfputs(x, "230-login accepted");
+ cfputs(x, "230 ");
+ syslog(LOG_NOTICE, "login accepted: [EMAIL PROTECTED],
no password needed.", x->username, x->server.name);
+ return (0);
+ }
+ else if (rc != 331) {
+ cfputs(x, "500 service unavailable");
+ syslog(LOG_NOTICE, "-ERR: unexpected reply to USER:
%s", line);
+ exit (1);
+ }
+ else if (sfputc(x, "PASS", x->password, line, sizeof(line),
NULL) != 230) {
+ cfputs(x, "530 bad login");
+ syslog(LOG_NOTICE, "-ERR: reply to PASS: %s", line);
+ exit (1);
+ }
-/*
- if (sfputc(x, "USER", x->username, line, sizeof(line), NULL) != 331) {
- cfputs(x, "500 service unavailable");
- syslog(LOG_NOTICE, "-ERR: unexpected reply to USER: %s", line);
- exit (1);
- }
- else if (sfputc(x, "PASS", x->password, line, sizeof(line), NULL) !=
230) {
- cfputs(x, "530 bad login");
- syslog(LOG_NOTICE, "-ERR: reply to PASS: %s", line);
- exit (1);
+ cfputs(x, "230-login accepted");
+ cfputs(x, "230 ");
+ syslog(LOG_NOTICE, "login accepted: [EMAIL PROTECTED]",
x->username, x->server.name);
}
-
- cfputs(x, "230 login accepted");
- syslog(LOG_NOTICE, "login accepted: [EMAIL PROTECTED]", x->username,
x->server.name);
+ else
+ cfputs(x, "220 connected to remote FTP server");
return (0);
-*/
-
-
}
diff -ruNd ftp-old/ftpproxy-1.1.5/src/ftp.h ftp-new/ftpproxy-1.1.5/src/ftp.h
--- ftp-old/ftpproxy-1.1.5/src/ftp.h Thu Jan 31 11:52:27 2002
+++ ftp-new/ftpproxy-1.1.5/src/ftp.h Wed May 8 10:25:21 2002
@@ -58,6 +58,9 @@
int numeric_only;
unsigned int dataport;
+
+ int fastauth;
+ int phaseauth;
} config_t;
diff -ruNd ftp-old/ftpproxy-1.1.5/src/main.c ftp-new/ftpproxy-1.1.5/src/main.c
--- ftp-old/ftpproxy-1.1.5/src/main.c Mon Feb 4 12:00:27 2002
+++ ftp-new/ftpproxy-1.1.5/src/main.c Wed May 8 10:25:21 2002
@@ -115,6 +115,10 @@
}
else if (c == 'e')
config->selectserver = 1;
+ else if (c == 'f')
+ config->fastauth = 1;
+ else if (c == '2')
+ config->phaseauth = 1;
else if (c == 'l')
extralog = 1;
else if (c == 'm')
diff -ruNd ftp-old/ftpproxy-1.1.5/src/tags ftp-new/ftpproxy-1.1.5/src/tags
--- ftp-old/ftpproxy-1.1.5/src/tags Mon Feb 4 12:01:34 2002
+++ ftp-new/ftpproxy-1.1.5/src/tags Thu Jun 13 20:37:29 2002
@@ -2,20 +2,20 @@
!_TAG_FILE_SORTED 1 /0=unsorted, 1=sorted/
!_TAG_PROGRAM_AUTHOR Darren Hiebert /[EMAIL PROTECTED]/
!_TAG_PROGRAM_NAME Exuberant Ctags //
-!_TAG_PROGRAM_URL http://darren.hiebert.com/ctags/ /official site/
-!_TAG_PROGRAM_VERSION 3.3.1 /with C, C++, Eiffel, Fortran, and Java
support/
-CCP_ERROR ftp.h 68;" d
-CCP_OK ftp.h 67;" d
+!_TAG_PROGRAM_URL http://ctags.sourceforge.net /official site/
+!_TAG_PROGRAM_VERSION 5.0.1 //
+CCP_ERROR ftp.h 71;" d
+CCP_OK ftp.h 70;" d
DEBUG lib.c 35;" d file:
-DIR_MAXDEPTH ftp.h 64;" d
+DIR_MAXDEPTH ftp.h 67;" d
FTPMAXBSIZE ftp.h 36;" d
-MODE_PASSIVE ftp.h 76;" d
-MODE_PORT ftp.h 75;" d
-OP_GET ftp.h 78;" d
-OP_PUT ftp.h 79;" d
-PORT_CLOSED ftp.h 73;" d
-PORT_CONNECTED ftp.h 72;" d
-PORT_LISTEN ftp.h 71;" d
+MODE_PASSIVE ftp.h 79;" d
+MODE_PORT ftp.h 78;" d
+OP_GET ftp.h 81;" d
+OP_PUT ftp.h 82;" d
+PORT_CLOSED ftp.h 76;" d
+PORT_CONNECTED ftp.h 75;" d
+PORT_LISTEN ftp.h 74;" d
_FTP_INCLUDED ftp.h 26;" d
_IP_LIB_INCLUDED ip-lib.h 25;" d
_LIB_INCLUDED lib.h 24;" d
@@ -70,6 +70,7 @@
doquit ftp.c /^int doquit(ftp_t *x)$/;" f
dtc_t ftp.h /^ } dtc_t;$/;" t
extralog main.c /^int extralog = 0;$/;" v
+fastauth ftp.h /^ int fastauth;$/;" m
struct:_config
fd ftp.h /^ } fd;$/;" m struct:_ftp
fdset ftp.h /^ fd_set fdset;$/;" m
struct:_ftp::<anonymous>
filename ftp.h /^ char filename[200];$/;" m
struct:_dtc
@@ -82,6 +83,7 @@
get_interface_info ftp.c /^unsigned get_interface_info(int pfd, char
*ip, int max)$/;" f
get_port ip-lib.c /^unsigned int get_port(char *server, unsigned
int def_port)$/;" f
get_quoted lib.c /^char *get_quoted(char **from, int delim, char *to,
int max)$/;" f
+get_user_pass ftp.c /^int get_user_pass(ftp_t *x, int local)$/;" f
get_word lib.c /^char *get_word(char **from, char *to, int maxlen)$/;"
f
getc_fd ftp.c /^int getc_fd(ftp_t *x, int fd)$/;" f
getcmd ftp.c /^ftpcmd_t *getcmd(char *name)$/;" f
@@ -95,11 +97,11 @@
ipnum ftp.h /^ char ipnum[80];$/;" m struct:_port
islowercase lib.c /^int islowercase(unsigned int c)$/;" f
isock ftp.h /^ int isock;$/;" m struct:_dtc
-ispath ftp.c /^ int par, ispath, useccp;$/;" m
struct:_ftpcmd
+ispath ftp.c /^ int par, ispath, useccp;$/;" m
struct:_ftpcmd file:
isuppercase lib.c /^int isuppercase(unsigned int c)$/;" f
len ftp.h /^ int here, len;$/;" m struct:_bio
local ftp.h /^ } local;$/;" m struct:_ftp
-log ftp.c /^ int log;$/;" m struct:_ftpcmd
+log ftp.c /^ int log;$/;" m struct:_ftpcmd
file:
lower lib.c /^static unsigned int lower[256], upper[256];$/;" v
file:
lowercase lib.c /^unsigned int lowercase(unsigned int c)$/;" f
main main.c /^int main(int argc, char *argv[], char *envp[])$/;" f
@@ -107,7 +109,7 @@
missing_arg main.c /^void missing_arg(int c, char *string)$/;" f
mode ftp.h /^ int mode; \/* PORT oder PASV
*\/$/;" m struct:_dtc
monitor ftp.h /^ int monitor;$/;" m
struct:_config
-name ftp.c /^ char name[20];$/;" m struct:_ftpcmd
+name ftp.c /^ char name[20];$/;" m struct:_ftpcmd file:
name ftp.h /^ char name[80];$/;" m struct:_ftp::<anonymous>
noctrl lib.c /^char *noctrl(char *buffer)$/;" f
numeric_only ftp.h /^ int numeric_only;$/;" m
struct:_config
@@ -116,9 +118,10 @@
osock ftp.h /^ int osock;$/;" m struct:_dtc
other ftp.h /^ int other;$/;" m struct:_dtc
outside ftp.h /^ port_t outside;$/;" m struct:_dtc
-par ftp.c /^ int par, ispath, useccp;$/;" m
struct:_ftpcmd
+par ftp.c /^ int par, ispath, useccp;$/;" m
struct:_ftpcmd file:
password ftp.h /^ char password[80];$/;" m
struct:_ftp::<anonymous>
password ftp.h /^ char password[200];$/;" m
struct:_ftp
+phaseauth ftp.h /^ int phaseauth;$/;" m
struct:_config
port ftp.h /^ unsigned int port;$/;" m struct:_ftp::<anonymous>
port ftp.h /^ unsigned int port;$/;" m struct:_ftp
port ftp.h /^ unsigned int port;$/;" m struct:_port
@@ -128,7 +131,7 @@
proxy_request ftp.c /^int proxy_request(config_t *config)$/;" f
readline_fd ftp.c /^char *readline_fd(ftp_t *x, int fd, char *line, int
size)$/;" f
reallocate lib.c /^void *reallocate(void *p, size_t size)$/;" f
-resp ftp.c /^ int resp;$/;" m struct:_ftpcmd
+resp ftp.c /^ int resp;$/;" m struct:_ftpcmd
file:
run_acp ftp.c /^int run_acp(ftp_t *x)$/;" f
run_ccp ftp.c /^int run_ccp(ftp_t *x, char *cmd, char *par)$/;"
f
sbuf ftp.h /^ bio_t cbuf, sbuf;$/;" m struct:_ftp
@@ -158,7 +161,7 @@
uid main.c /^int uid = -1;$/;" v
upper lib.c /^static unsigned int lower[256], upper[256];$/;" v
file:
uppercase lib.c /^unsigned int uppercase(unsigned int c)$/;" f
-useccp ftp.c /^ int par, ispath, useccp;$/;" m
struct:_ftpcmd
+useccp ftp.c /^ int par, ispath, useccp;$/;" m
struct:_ftpcmd file:
username ftp.h /^ char username[80];$/;" m
struct:_ftp::<anonymous>
username ftp.h /^ char username[200];$/;" m
struct:_ftp
varname ftp.h /^ char varname[80];$/;" m
struct:_config
diff -ruNd ftp-old/ftpproxy-1.1.5/xinetd.d/ftpproxy
ftp-new/ftpproxy-1.1.5/xinetd.d/ftpproxy
--- ftp-old/ftpproxy-1.1.5/xinetd.d/ftpproxy Wed Dec 31 18:00:00 1969
+++ ftp-new/ftpproxy-1.1.5/xinetd.d/ftpproxy Wed May 8 10:32:56 2002
@@ -0,0 +1,16 @@
+# default: off
+# description: An ftp proxy server. This is the tcp \
+# version.
+service ftpproxy
+{
+ disable = no
+ type = UNLISTED
+ socket_type = stream
+ protocol = tcp
+ user = root
+ group = nobody
+ port = 21
+ server = /usr/sbin/ftp.proxy
+ server_args = -b -e -l -2 -f -p 20 -a /usr/bin/test_acp
+ wait = no
+}
Venkatachalam, Saravanakumar wrote:
>
> Dear List,
>
> I need dual authentications to happen if a user wanted to connect to
> an ftp site.
>
> 1) Login to proxy with your local username/password
> 2) Connect to remote site with the user command
>
> Instead of FTPing directly to the remote FTP site, we need to FTP to
> ftp-proxy on port 21. we then login to the proxy using your web access
> password. If authenticated successfully, you can then connect to any
> remote FTP site using the user [EMAIL PROTECTED] command.
>
> Please help me configuring ftp.proxy to work for the above mentioned
> requirement.
>
> Thanks,
> saravan
>
>
>
>
>
> --general-l------------------------------------
> To unsubscribe please visit:
> http://www.ftpproxy.org/html/maillinglists.html
>
>
--general-l------------------------------------
To unsubscribe please visit:
http://www.ftpproxy.org/html/maillinglists.html
