RE: [squid-users] NTLM effect on access.log

From: Robert Collins <robert.collins@dont-contact.us>
Date: 30 Oct 2001 10:51:33 +1100

On Tue, 2001-10-30 at 10:38, Tony Melia wrote:
> Well, the problems I found was that I knew the fakeauth/nocheck were
> relatively new,

How do you know that? fakeauth and no_check were written long before
NTLMSSP. Fakeauth originated in Andrew Doran's orginal ntlm hack to
squid, before the authentication function was made into an external
helper.

> but the date on the http://devel.squid-cache.org/ntlm/
> website is almost a year ago, and while it mentioned the helpers it did not

Thats about the time that development froze and the subsequent changes
have been (relatively) minor. As I said, it will be updated and rolled
into the squid FAQ before 2.5 goes STABLE, probably about the time that
2.5PRE gets released, which is when the 'open beta' (to copy a coined
phrase) period starts.

> actually tell you enough info. i.e I only knew by looking at the fakeauth
> sourcecode where I have to specify the domain, and I still don't understand
> the 'deadbeef' reference!

The fakeauth domain is irrelevant - it really doesn't care. It's simply
there because the protocol demands a domain. The deadbeef is a nonsense
hex string the length of a challenge. Again, it's there because it's
needed, and changing it has no functional impact on fakeauth. In fact
fakeauth really doesn't need any alteration to work correctly.

> Can people please advise why the found the documentation hard to follow, or
> why they think they had problems, so when I rewrite documentation, I can
> focus on topics the other docs lack?
>
> I plan to rewrite docs and focus on examples, exact lines in the squid.conf,
> examples of what to include in the ./configure based on needs (auditing
> verses enforcing security).

Cool. I look forward to drafts :}.

Rob
Received on Mon Oct 29 2001 - 16:47:53 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:03:11 MST