The proxy can authenticate the clients using passwords. GSS-API and other authentication methods supported by the SOCKSv5 protocol are not supported. The process of negotiating the authentication between the client and the Socks proxy is the following:
The client sends the list of authentication methods is supports to the SOCKS server.
The Socks proxy replies to the client on behalf of the SOCKS server, depending on the configuration of the Socks proxy:
If the client selected password-based authentication and the
disable_auth_v5option is set toFALSEand therequire_auth_v5is set toTRUE(which are the defaults), Zorp replies that password authentication is supported.If the
require_auth_v5is set toFALSE, and the client supports thenoneauthentication method, the connection is accepted without authentication.In other cases, the client receives an authentication error.
The Socks proxy supports inband authentication as well. For details on inband authentication, see Section 5.1.10, Class InbandAuthentication.
Published on March 04, 2024
© BalaSys IT Ltd.
Send your comments to support@balasys.hu
