On 17/12/2011 2:24 a.m., Al Batard wrote:
Hi,
This is the log of the ftp connection to ftp site that accepts anonymous and
login/pass (ftp://login:pass@ftpsite in url). Only Anonymous is used. Not my
login / password.
On a ftp site with anonymous login denied, user / password appear in log.
- log of the ftp site with anonymous and login / pass authorized :
2011/12/16 13:46:53.474| ftp>> 220 FTP Server ready.
2011/12/16 13:46:53.474| ftp<< USER anonymous
<snip>
2011/12/16 13:46:53.653| ftp>> 150 Opening ASCII mode data connection for file
list
2011/12/16 13:46:53.744| ftp>> 226 Transfer complete
2011/12/16 13:46:53.744| ftp<< QUIT
2011/12/16 13:46:53.771| ftp>> 221 Goodbye.
This is a successful transfer. The data got to Squid using anonymous
access. There is no problem with auth here.
Do you have a trace from this server when requesting something from the
login-required area of the site?
- log of the ftp site with login / pass authorized only :
2011/12/16 13:50:09.781| ftp>> 220 FTP XXXXXXXXXXXXXXXX
2011/12/16 13:50:09.781| ftp<< USER login
I think there is some trace missing here. An earlier connect attempt to
the FTP server using anon access, which fails.
Either way, auth happened and the object was fetched. Again, no problem
with auth here.
Amos
