Re: 2.5 authentication fixes from Henrik Nordstrom on 2001-05-20 (squid-dev)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Mon, 21 May 2001 06:51:21 +0200

Committed.

--
Henrik
Robert Collins wrote:
> 
> Here's the last few months bugfixes from Francesco and I. Included are
> some general code quality fixes and the like, and
> * A fix for "cannot access sites that use authentication when NTLM is
> enabled"
> * A fix for a nasty race when IE sends two requests immediately on a
> connection, and the first one contains an NTLM negotiate header. (AFAWCT
> IE is broken). A longer term fix is in discussion now.
> 
> There are more things in the pipeline, but they aren't as clean yet, and
> one in particular breaks the auth abstraction.
> 
> Changelog:
>     * src/authenticate.c (authenticateValidateUser): Check for user
> scheme data.
>     Increase the debug level for "validated".
>     (authenticateFixHeader): Add a hint for internal responses versus
> proxied responses. Use it to prevent erroneous challenges when external
> sites request authentication.
>     * src/client_side.c (clientRedirectDone): Reference lock any auth
> use when creating a new request.
>     (clientBuildReplyHeader): Hint to authenticateFixHeader that this is
> a proxied response.
>     * src/errorpage.c (errorAppendEntry): Hint to authenticateFixHeader
> that this is an internal response.
>     * src/helper.c (helperStatefulSubmit): Handle broken allocators that
> don't clear memory.
>     Better descriptive comments.
>     Remove an redundant cbdata check.
>     * src/protos.h (authenticateFixHeader): New prototype.
>     * src/auth/basic/helpers/multi-domain-NTLM/README.txt: Updated email
> address.
>     * src/auth/basic/helpers/multi-domain-NTLM/smb_auth.pl: Disable
> debug mode for default.
>     Replace actual machine names with samples.
>     * src/auth/ntlm/auth_ntlm.c (authNTLMParse): Disable pipelining if
> NTLM is configured to avoid race condition with IE misbehaving.
> 
> Rob
> 
>     ---------------------------------------------------------------
> 
>                    Name: authfixes.patch
>     Part 1.2       Type: unspecified type (application/octet-stream)
>                Encoding: quoted-printable

Received on Sun May 20 2001 - 22:54:40 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:01 MST