[squid-users] Fwd: Digest authentication under 3.0STABLE5

All:

     I have been having trouble with digest authentication under
version 3.0 (both STABLE4 & 5). I'm running squid on Solaris 9,
UltraSPARC.

     Here's the digest portion of the squid.conf:

> # Digest authentication
> #
> #auth_param digest program /opt/webproxy/squid3.0.5/libexec/digest_pw_auth -c /o
> pt/webproxy/squid3.0.5/etc/digest_passwd
> auth_param digest program /opt/webproxy/squid3.0.5/libexec/digest_ldap_auth -b "
> ou=nsPeople,o=nscorp.com,c=us" -u "uid" -A "iplanetReversiblePassword" -e -v 3 -
> h localhost
> auth_param digest children 1
> auth_param digest realm NS Squid Proxy Digest
> #auth_param digest nonce_garbage_interval 5 minutes
> #auth_param digest nonce_max_duration 30 minutes
> #auth_param digest nonce_max_count 50
> #auth_param digest nonce_strictness off
> #auth_param digest check_nonce_count on
> #auth_param digest post_workaround off

and it was configured with the following

> export CFLAGS='-g -Wall'
> export LIBRARY_PATH=/usr/local/lib:/usr/local/ssl/lib
> export LD_LIBRARY_PATH=$LIBRARY_PATH
>
> /var/tmp/squid-3.0.STABLE5/configure --disable-optimizations \
> --prefix=/opt/webproxy/squid3.0.5 --with-large-files \
> --enable-auth="basic digest ntlm negotiate" \
> --enable-basic-auth-helpers="LDAP SASL PAM DB SMB getpwnam multi-domain-NTLM" \
> --enable-digest-auth-helpers="ldap password eDirectory" \
> --enable-ntlm-auth-helpers="SMB " \
> --enable-external-acl-helpers="ip_user unix_group ldap_group"

      Squid starts without problem, but when I attempt to use it, it
crashes with the following in the cache.log:

> 2008/05/09 13:37:38| storeDirWriteCleanLogs: Starting...
> 2008/05/09 13:37:38| Finished. Wrote 0 entries.
> 2008/05/09 13:37:38| Took 0.03 seconds ( 0.00 entries/sec).
> 2008/05/09 13:37:38| logfileRotate: /opt/webproxy/squid3.0.5/var/logs/store.log
> 2008/05/09 13:37:39| logfileRotate: /opt/webproxy/squid3.0.5/var/logs/access.log
> 2008/05/09 13:37:39| helperOpenServers: Starting 30 'WsRedtor' processes
> 2008/05/09 13:37:45| helperOpenServers: Starting 1 'digest_ldap_auth' processes
> 2008/05/09 13:37:45| helperOpenServers: Starting 5 'squid_ldap_auth' processes
> 2008/05/09 13:37:45| helperOpenServers: Starting 5 'squid_ldap_group' processes
> FATAL: Received Segment Violation...dying.
> 2008/05/09 13:38:04| storeDirWriteCleanLogs: Starting...
> 2008/05/09 13:38:04| WARNING: Closing open FD 54
> 2008/05/09 13:38:04| Finished. Wrote 0 entries.
> 2008/05/09 13:38:04| Took 0.03 seconds ( 0.00 entries/sec).
> CPU Usage: 0.610 seconds = 0.220 user + 0.390 sys
> Maximum Resident Size: 0 KB
> Page faults with physical i/o: 0
> 2008/05/09 13:38:08| Starting Squid Cache version 3.0.STABLE5 for sparc-sun-solaris2.9...

Squid works fine authenticating against LDAP as long as I use basic
authentication, but fails using digest whether I use LDAP or a
password file

     Any thoughts are most welcome!

Regards,

Chris Riggins
Received on Fri May 09 2008 - 17:55:47 MDT