[Cyberduck-trac] [Cyberduck] #2607: WebDAV using SOCKS

Cyberduck trac at trac.cyberduck.ch
Wed Feb 2 01:28:04 CET 2011

#2607: WebDAV using SOCKS
 Reporter:  anonymous    |       Owner:  dkocher
     Type:  enhancement  |      Status:  reopened
 Priority:  normal       |   Milestone:
Component:  webdav       |     Version:  3.0.2
 Severity:  normal       |  Resolution:
 Keywords:               |
Changes (by dmulter):

 * status:  closed => reopened
 * resolution:  worksforme =>


 This is still an issue with the latest version (3.8.1) on Snow Leopard
 (10.6.6). Sorry for the delay in re-opening, but just noticed it. Let me
 be a bit more specific:

 First some assumptions:
 * The host "server.domain.com" (SERVER) is a publicly accessible SSH
 server that also runs DNS services and a WebDAV server.
 * SERVER is also configured to resolve multiple subdomains of the form:
 SUBDOMAIN.domain.com. Clients can make DNS requests over SSH to resolve
 these subdomains, but the server won't resolve them over the public net.

 Steps to reproduce:
 * Go to System Preferences->Network, then Advanced, then Proxies, and
 select Automatic Proxy Configuration. Select a PAC file with contents
 function FindProxyForURL(url, host)
   // SOCKS proxy everything to SUBDOMAIN.domain.com
   if (isPlainHostName(host))
     return "DIRECT";
   else if (shExpMatch(url, "http://www.domain.com*"))
     return "DIRECT";
   else if (shExpMatch(url, "http://*.domain.com*"))
     return "SOCKS localhost:8001";
     return "DIRECT";

 * Open an SSH tunnel using a command like the following from a Terminal
 window. Note that it accesses a public server URL and maps the local SOCKS
 port. Also note that the PAC file will also route DNS requests over the
 tunnel, so SUBDOMAIN.domain.com will not be resolvable on the public DNS.
 ssh server.domain.com -D 8001
 * Now try to configure CyberDuck for a connection to WebDAV (non-SSL)
 using http://SUBDOMAIN.domain.com/webdav/. The connection will always
 * Now you'll see the confusion in Cyberduck. There is no need for a
 username, password, or port specification. If it really used the system
 network settings, it would dynamically route all requests over the SSH
 tunnel via system settings and the PAC file.

Ticket URL: <http://trac.cyberduck.ch/ticket/2607#comment:4>
Cyberduck <http://cyberduck.ch>
Open source FTP, SFTP, WebDAV, Cloud Files, Google Docs & Amazon S3 Browser for Mac & Windows.

More information about the Cyberduck-trac mailing list