Re: [Squid-cvs] nt-2_5 squid/src cf.data.pre,1.49.2.5.4.40,1.49.2.5.4.41 from Henrik Nordstrom on 2003-11-20 (squid-dev)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 21 Nov 2003 01:28:16 +0100 (CET)

This is not that specific to the Windows port. The Samba helper also would
benefit greatly from this change.

Regards
Henrik

On Thu, 20 Nov 2003, Guido Serassio wrote:

> Update of /cvsroot/squid/squid/src
> In directory sc8-pr-cvs1:/tmp/cvs-serv11592
>
> Modified Files:
> Tag: nt-2_5
> cf.data.pre
> Log Message:
> Added configurable support for ntlm NEGOTIATE packet
>
> Index: cf.data.pre
> ===================================================================
> RCS file: /cvsroot/squid/squid/src/cf.data.pre,v
> retrieving revision 1.49.2.5.4.40
> retrieving revision 1.49.2.5.4.41
> diff -w -u -r1.49.2.5.4.40 -r1.49.2.5.4.41
> --- cf.data.pre 8 Nov 2003 13:38:35 -0000 1.49.2.5.4.40
> +++ cf.data.pre 20 Nov 2003 22:16:18 -0000 1.49.2.5.4.41
> @@ -1421,6 +1421,21 @@
> AND the number of reused challenges.
> auth_param ntlm max_challenge_lifetime 2 minutes
>
> + "use_ntlm_negotiate" on|off
> + * Windows port specific *
> + Enables support for NTLM NEGOTIATE packet.
> + Needed by ntlm_auth.exe Windows native ntlm authenticator.
> + This allow too the use of NTLMv2 protocol.
> + Enabling this parameter will also solve problems encountered when
> + NT domain policies restrict users to access only certain
> + workstations. When this is off, all users must be allowed to log
> + on the proxy servers too, or they'll get "invalid workstation"
> + errors - and access denied - when trying to use Squid's services.
> + Use of ntlm NEGOTIATE is incompatible with challenge reuse, so
> + enabling this parameter will OVERRIDE the max_challenge_reuses and
> + max_challenge_lifetime parameters and set them to 0.
> + auth_param ntlm use_ntlm_negotiate on
> +
> NOCOMMENT_START
> #Recommended minimum configuration:
> #auth_param digest program <uncomment and complete this line>
> @@ -1433,6 +1448,7 @@
> #auth_param ntlm children 5
> #auth_param ntlm max_challenge_reuses 0
> #auth_param ntlm max_challenge_lifetime 2 minutes
> +#auth_param ntlm use_ntlm_negotiate on
> #auth_param basic program <uncomment and complete this line>
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SF.net Giveback Program.
> Does SourceForge.net help you be more productive? Does it
> help you create better code? SHARE THE LOVE, and help us help
> YOU! Click Here: http://sourceforge.net/donate/
> _______________________________________________
> Squid-cvs mailing list
> http://squid.sourceforge.net/projects.html
>
Received on Thu Nov 20 2003 - 17:28:24 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:20:47 MST