Re: [squid-users] Re: secure authentication on squid from Robert Collins on 2002-12-01 (squid-users)

From: Robert Collins <robertc@dont-contact.us>
Date: 02 Dec 2002 01:24:40 +1100

On Mon, 2002-12-02 at 01:00, Henrik Nordstrom wrote:
> On Sunday 01 December 2002 14.48, Ilya wrote:
>
> > What do you mean? Yes, it is possible to organize the SSL
> > connection between squid & LDAP. But how can I make squid to
> > take passwords from LDAP, not .../etc/digpass, not from the
> > file on local host? What should I rewrite?
>
> For a start a new Squid digest helper would need to be written which
> queries LDAP over TLS instead of a local password file.
>
> In the long run Squid should be extended to support MD5-sess Digest
> authentication, and a helper daemon added to your LDAP server to
> allow Squid and other trusted applications to query for a MD5-sess
> hash from your LDAP directory. In such mode the plaintext LDAP
> password never needs to leave the LDAP directory server and only
> secure one-way hashed blobs is exchanged over the network.

The only difference between MD5 and MD5-sess for Digest user databases
is whether the key handed to squid is plain-text equivalent or not. In
no situation is the users password MD5 or plain password handed out.

In MD5 mode, squid gets told the value of the MD5(user:realm:password).

In MD5-sess mode squid gets told the value of the
MD5(MD5(user:realm:password):cnonce:nonce) <- from memory, I have the
nonces reversed.

So, for either situation, the LDAP server needs to know the
MD5(user:realm:password) value. Now, that can be precalculated when a
user changes their password, or calculated in realtime if you have a
plaintext password copy.

The advantage of the MD5-sess for security is that the HA1 (which is
what squid needs) is a one-time value, only useful for that particular
combination of client and squid nonces'.

Now, Mozilla has serious trouble reusing nonces at the moment (bug
114451 at mozilla.org). This will cause heavy load on a MD5-sess server,
and may even cause authentication loops (where the authentication never
succeeds because we are always issuing new nonces). So, IMO, a plain
LDAP MD5 helper should be built and tested before worrying about a
MD5-sess helper.

Finally, the largest advantage to a MD5-sess helper is that it won't
need TLS to ldap and will not pose a security risk, so you could simply
use non encrypted comms, or even anonymous LDAP access.

Cheers,
Rob

application/pgp-signature attachment: This is a digitally signed message part

Received on Sun Dec 01 2002 - 07:24:43 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:11:47 MST