Re: delay_access and authentication based ACLs

From: Robert Collins <robert.collins@dont-contact.us>
Date: Tue, 9 Jul 2002 15:36:09 +1000

Thanks for digging...

I can definately fix the basic and probably digest auth code with an updated
patch. The change in authenticateAuthenticate was part of the tweaking to
allow the delay pools code to -eventually- work with NTLM.

So this weekend expect some improvement.

Rob

----- Original Message -----
From: "Henrik Nordstrom" <hno@marasystems.com>
To: "Robert Collins" <robert.collins@syncretize.net>
Cc: "Squid Developers Mailinglist" <squid-dev@squid-cache.org>
Sent: Tuesday, July 09, 2002 2:59 PM
Subject: Re: delay_access and authentication based ACLs

> I have had some conflicting reports on this, and by reading the code I
> am not at all surpriced if if affects Basic as well...
>
> auth_acl_t
> authenticateAuthenticate(auth_user_request_t ** auth_user_request,
> http_hdr_type headertype, request_t * request, ConnStateData * conn,
> struct in_addr src_addr)
> {
> const char *proxy_auth;
> assert(headertype != 0);
> proxy_auth = httpHeaderGetStr(&request->header, headertype);
>
> if (conn == NULL) {
> debug(28, 1) ("authenticateAuthenticate: no connection data,
> cannot process authentication\n");
> /*
> * deny access: clientreadrequest requires conn data, and it
> is always
> * compiled in so we should have it too.
> */
> return AUTH_ACL_CANNOT_AUTHENTICATE;
> }
>
>
> The connection is not known to delayClient(request_t)
>
> Regards
> Henrik
>
> On Tuesday 09 July 2002 00.28, Robert Collins wrote:
> > It should only affect NTLM users.
> >
> > Hmm, I'll see what I can do this coming weekend. Till then I'm tied
> > up too.
> >
> > Rob
> > ----- Original Message -----
> > From: "Henrik Nordstrom" <hno@marasystems.com>
> > To: "Robert Collins" <robert.collins@syncretize.net>
> > Cc: "Squid Developers Mailinglist" <squid-dev@squid-cache.org>
> > Sent: Tuesday, July 09, 2002 8:14 AM
> > Subject: delay_access and authentication based ACLs
> >
> > > http://www.squid-cache.org/bugs/show_bug.cgi?id=164
> > >
> > > I feel this is a issue that we probably need to deal with before
> > > STABLE1.. seems to affect the use of all authentication these
> > > days, not only connction oriented??
> > >
> > > I am a bit tied up at the moment, or else I would look into it.
> > >
> > > Regards
> > > Henrik
>
>
Received on Mon Jul 08 2002 - 23:36:32 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:48 MST