Hi Henrik,
While working on native Win32 NTLM helper, I have found something of
strange in current NTLM support:
When loading a ftp:// URL, Internet Explorer pop-ups to me for
authentication for every internal Squid Icons. This seems to happen always
after a browser cache clear.
Attached they are access.log and cache.log with log_mime_hdrs on and full
helper debug. As you can see, the helper is not called for this auth requests.
Currently I'm using the latest STABLE 3 snapshot merged in nt-2_5 branch
with the following patch to avoid challenge reuses because sometimes seems
that auth_param ntlm max_challenge_reuses directive is not honored:
Index: ntlm/auth_ntlm.c
===================================================================
RCS file: /cvsroot/squid/squid/src/auth/ntlm/auth_ntlm.c,v
retrieving revision 1.18.2.4
diff -u -p -r1.18.2.4 auth_ntlm.c
--- ntlm/auth_ntlm.c 5 Feb 2003 03:20:35 -0000 1.18.2.4
+++ ntlm/auth_ntlm.c 14 Sep 2003 17:22:10 -0000
@@ -647,7 +647,11 @@ authenticateNTLMChangeChallenge_p(ntlm_h
debug(29, 5) ("authenticateNTLMChangeChallenge_p: first use\n");
return 0;
}
+#if defined(_SQUID_MSWIN_) || defined(_SQUID_CYGWIN_)
+ {
+#else
if (helperstate->challengeuses > ntlmConfig->challengeuses) {
+#endif
debug(29, 4) ("authenticateNTLMChangeChallenge_p: Challenge uses
(%d) exceeded max uses (%d)\n", helperstate->challengeuses,
ntlmConfig->challengeuses);
return 1;
}
Can be this patch the origin of this or there is some problem on Squid ?
Regards
Guido
-
========================================================
Guido Serassio
Acme Consulting S.r.l.
Via Gorizia, 69 10136 - Torino - ITALY
Tel. : +39.011.3249426 Fax. : +39.011.3293665
Email: guido.serassio@acmeconsulting.it
WWW: http://www.acmeconsulting.it/
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:20:41 MST