Re: delay_access and authentication based ACLs

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 9 Jul 2002 07:58:19 +0200

I just uploaded a trivial enhancement of the patch in bugzilla to make
it build.. think it should do but not yet tested.. lets see if I can
find the user who have problems with it.. (good test candidate).

Regards
Henrik

On Tuesday 09 July 2002 07.36, Robert Collins wrote:
> Thanks for digging...
>
> I can definately fix the basic and probably digest auth code with
> an updated patch. The change in authenticateAuthenticate was part
> of the tweaking to allow the delay pools code to -eventually- work
> with NTLM.
>
> So this weekend expect some improvement.
>
> Rob
>
> ----- Original Message -----
> From: "Henrik Nordstrom" <hno@marasystems.com>
> To: "Robert Collins" <robert.collins@syncretize.net>
> Cc: "Squid Developers Mailinglist" <squid-dev@squid-cache.org>
> Sent: Tuesday, July 09, 2002 2:59 PM
> Subject: Re: delay_access and authentication based ACLs
>
> > I have had some conflicting reports on this, and by reading the
> > code I am not at all surpriced if if affects Basic as well...
> >
> > auth_acl_t
> > authenticateAuthenticate(auth_user_request_t **
> > auth_user_request, http_hdr_type headertype, request_t * request,
> > ConnStateData * conn, struct in_addr src_addr)
> > {
> > const char *proxy_auth;
> > assert(headertype != 0);
> > proxy_auth = httpHeaderGetStr(&request->header, headertype);
> >
> > if (conn == NULL) {
> > debug(28, 1) ("authenticateAuthenticate: no connection
> > data, cannot process authentication\n");
> > /*
> > * deny access: clientreadrequest requires conn data, and
> > it is always
> > * compiled in so we should have it too.
> > */
> > return AUTH_ACL_CANNOT_AUTHENTICATE;
> > }
> >
> >
> > The connection is not known to delayClient(request_t)
> >
> > Regards
> > Henrik
> >
> > On Tuesday 09 July 2002 00.28, Robert Collins wrote:
> > > It should only affect NTLM users.
> > >
> > > Hmm, I'll see what I can do this coming weekend. Till then I'm
> > > tied up too.
> > >
> > > Rob
> > > ----- Original Message -----
> > > From: "Henrik Nordstrom" <hno@marasystems.com>
> > > To: "Robert Collins" <robert.collins@syncretize.net>
> > > Cc: "Squid Developers Mailinglist" <squid-dev@squid-cache.org>
> > > Sent: Tuesday, July 09, 2002 8:14 AM
> > > Subject: delay_access and authentication based ACLs
> > >
> > > > http://www.squid-cache.org/bugs/show_bug.cgi?id=164
> > > >
> > > > I feel this is a issue that we probably need to deal with
> > > > before STABLE1.. seems to affect the use of all
> > > > authentication these days, not only connction oriented??
> > > >
> > > > I am a bit tied up at the moment, or else I would look into
> > > > it.
> > > >
> > > > Regards
> > > > Henrik
Received on Tue Jul 09 2002 - 00:01:09 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:15:48 MST