Hi,
On Wed, 2003-02-05 at 18:30, Robert Collins wrote:
> > I have also attached a patch I made to implement HHA1 password storage
> > for digest authentication.
>
> I'd rather have the digest authenticator run exclusively
> plaintext, or exclusively HHA1 - not autodetection. I won't be applying
> the helper patch therefore, but a variation that takes a command line
> parameter to change the behaviour will be accepted.
The attached patch modifies the digest helper to only operate in HHA1 or
plaintext mode, with no autodetection. It does check the passwords as
they are read from the password file, to prevent plaintext passwords
being passed back to squid when in HHA1 mode (squid may then output them
into the cache.log). The -c command line switch enables HHA1 mode.
I also noticed that the digest auth module
(src/auth/digest/auth_digest.c) seems to hang when given an unrecognised
username (eg. when the helper returns ERR).
-- Sean Burford
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:19:13 MST