Hello,
We are trying to use ftp-proxy in our structure and we've noticed the
following behaviour with the simple Bind to the Ldap directory.
The first simple BIND made to the server ldap (Iplanet) returns the
following result according to password.
In Ftp-client:
- With good user and bad password: result=invalid credentials , it's not
ok (normal)
- With good user and password : result= succeed (normal)
- without password (but good user): result = succeed the proxy
continues to process the ftp request (strange!)
I read the code of proxy-suite-1.9.2.2, and i write a correction
In ftp-ldap.c ligne 184:
// Patch Fred Bug mot de passe nul
if (*pwd == '\0') {
syslog_write(U_ERR, "Bad password");
exit(-1);
}
I work on various modifications for ftp-proxy (ex: identification
with Ldap Group) and that works correctly.
But i have one question, i want to create policy rules for destination
(not for user)
Is it already possible ?
For sample:
permit:
IPserverftp -> for all destination IP
->;cmds=ALLO,APPE,DELE,MKD,RMD,RNFR,RNTO,STOR,STOU
And
IPserverftp -> 10.0.0.1->;All cmds
Cordially
--
Cordialement
Bourgeois Frédéric
Ministère de l'intérieur
DSIC/SDIEE/BEERTD/CGN/
Section THESEE
Frederic.bourgeois (nospam) @interieur.gouv.fr