[tahoe-dev] documentation on how to use the accounts.url option in the sftp and ftp frontends

Brian Warner warner at lothar.com
Wed Jan 11 20:07:13 UTC 2012


On 1/11/12 5:23 AM, Patrick R McDonald wrote:

> This question came up in IRC the other day.  accounts.url specifies a
> login service (similar to that used by Allmydata).  It would send your
> credentials (email address and password, if memory serves) and if these
> were correct, it would return a rootcap.  I need to make a ticket to
> update this in the documentation.  It is already in my todo list.

Yup, that's correct. Obviously "accounts.url" should point to a secure,
preferably localhost-only service, to avoid making it too easy to
attackers to use it to guess passwords (or, if they managed to spoof DNS
and cause the tahoe gateway to talk to the wrong Account server, to
reveal the username+passwords that users sent to the FTP/SFTP server).

I don't have any docs offhand for this service, but the relevant code is
in src/allmydata/frontends/auth.py (in the AccountURLChecker class). It
looks like it builds a form with three fields: "action" =
"authenticate", "email" = the username, and "passwd" = the password.
Then it POSTs it to the given URL (the form is submitted as old-style
multipart/form-data, so a MIME body with one field per subpart). The
response is expected to either be a rootcap string (possibly with extra
whitespace, which is stripped), or the string "0" (which means bad
password or unknown username).

It'd be great if the docs had some basic PHP code to implement the login
service, or something. Maybe Peter could dig up the Allmydata code we
used for this: I'm sure it just did a little database check.

cheers,
 -Brian



More information about the tahoe-dev mailing list