[squid-users] Re : [squid-users] Re : [squid-users] Re : [squid-users] Anonymous FTP and login pass url based

From: Al Batard <albatard78_at_yahoo.fr>
Date: Tue, 27 Dec 2011 12:02:00 +0000 (GMT)

Hi and thanks for your answers, If I understand this is a bug in the order of ftp authentication ? Guillaume ----- Mail original ----- De : Amos Jeffries <squid3_at_treenet.co.nz> À : squid-users_at_squid-cache.org Cc : Envoyé le : Mardi 20 Décembre 2011 12h00 Objet : Re: [squid-users] Re : [squid-users] Re : [squid-users] Anonymous FTP and login pass url based On 20/12/2011 9:35 p.m., Henrik Nordström wrote: > mån 2011-12-19 klockan 23:53 +1300 skrev Amos Jeffries: > >> Do you have a trace from this server when requesting something from the >> login-required area of the site? > If the requested URL contains login credentials then anonymous FTP login > SHOULD NOT be attempted. > > Regards > Henrik > Sorry. My brain seems to have died :(  see the src/ftp.cc checkAuth() function for reality. Default is username "anonymous" with password from config file (default "Squid@"). Which gets overridden by HTTP Basic auth headers (if any). Which then gets overridden by URL details (if any). The final result of all that merging is what gets sent to the server in a single USER command. (I was thinking of it incorrectly as the order of several USER commands) Amos
Received on Tue Dec 27 2011 - 12:02:07 MST

This archive was generated by hypermail 2.2.0 : Wed Dec 28 2011 - 12:00:03 MST