Username/Password Authentication for SOCKS V5
INTERNET-DRAFT
Expires: In Six Months M. Leech
<draft-ietf-aft-username-password-01.txt>
Username/Password Authentication for SOCKS V5
Status of this Memo
This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.
Internet-Drafts are draft document valid for a maximum of six months
and may be updated, replaced or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress".
To learn the current status of any Internet-Draft, please check the
"1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
Directories on ds.internic.net (US East Coast), nic.nordu.net
(Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific
Rim).
1. Introduction
The protocol specification for SOCKS Version 5 specifies a
generalized framework for the use of arbitrary authentication
protocols in the initial socks connection setup. This document
describes one of those protocols, as it fits into the SOCKS Version 5
authentication "subnegotiation".
2. Initial negotiation
Once the SOCKS V5 server has started, and the client has selected the
Username/Password Authentication protocol, the Username/Password
subnegotiation begins. This begins with the client producing a
Username/Password request:
+----+------+----------+------+----------+
|VER | ULEN | UNAME | PLEN | PASSWD |
+----+------+----------+------+----------+
| 1 | 1 | 1 to 255 | 1 | 1 to 255 |
+----+------+----------+------+----------+
Leech [Page 1]
INTERNET-DRAFT Username Authentication for SOCKS V5 March 1995
The VER field contains the current version of the subne-
gotiation, which is X'01'. The ULEN field contains the
length of the UNAME field that follows. The UNAME field
contains the username as known to the source operating
system. The PLEN field contains the length of the PASSWD
field that follows. The PASSWD field contains the pass-
word association with the given UNAME.
The server verifies the supplied UNAME and PASSWD, and
sends the following response:
+----+--------+
|VER | STATUS |
+----+--------+
| 1 | 1 |
+----+--------+
A STATUS field of X'00' indicates success. If the server
returns a `failure' (STATUS value other than X'00') sta-
tus, it MUST close the connection.
3. Security Considerations
This document describes a subnegotiation that provides
authentication services to the SOCKS protocol. Since the
request carries the password in cleartext, this subnego-
tiation is not recommended for environments where "sniff-
ing" is possible and practical.
4. Authors Address
Marcus Leech
Bell-Northern Research Ltd
P.O. Box 3511, Station C
Ottawa, ON
CANADA K1Y 4H7
+1 613 763 9145
Email: mleech@bnr.ca
Leech [Page 2]
Username/Password Authentication for SOCKS V5[RFC 1929]
最新推荐文章于 2020-04-21 14:45:39 发布