Build failed in Hudson: 3.HEAD-i386-opensolaris-SunStudioCc #183
See http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/183/changes Changes: [Amos Jeffries squ...@treenet.co.nz] HTTP1.1: Advertise 1.1 on replies [Amos Jeffries squ...@treenet.co.nz] Cleanup: wrap more helpers with safety code [Amos Jeffries squ...@treenet.co.nz] Compat: permit LDAP helepr to use std memory allocators -- [...truncated 5169 lines...] Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Time.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Time.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/TimeData.h ... OK. -n Testing ../../../src/acl/Url.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Url.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Url.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPath.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPa.h.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPa.h.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPort.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPort.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPort.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UserData.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' Making check in fs make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[5]: Nothing to be done for `all'. make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make check-TESTS make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/ufs || exit 1 -n Testing ../../../src/fs/ufs/StoreFSufs.h ... OK. -n Testing ../../../src/fs/ufs/ufscommon.h ... OK. /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/coss || exit 1 -n Testing ../../../src/fs/coss/CossSwapDir.h ... OK. -n Testing ../../../src/fs/coss/StoreFScoss.h ... OK. -n Testing ../../../src/fs/coss/store_coss.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' Making check in repl make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make[5]: Nothing to be done for `all'. make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make check-TESTS make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi
Build failed in Hudson: 3.HEAD-i386-opensolaris-SunStudioCc #184
See http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/184/changes Changes: [Amos Jeffries squ...@treenet.co.nz] Author: Matthew Morgan atcs.matt...@gmail.com Add acl support to range_offset_limit. It is being parsed using the same data types as reply_body_max_size, which means the limit value gets run through parseBytesLine64, and the acl is optional. If people are using the old global style of range_offset_limit, they shouldn't have to do anything to their configs. getRangeOffsetLimit is now a member of HttpRequest, and it caches it's value the same way reply_body_max_size does for faster repeat checking. [Amos Jeffries squ...@treenet.co.nz] HTTP1.1: Advertise 1.1 on replies -- [...truncated 5166 lines...] Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Time.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Time.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/TimeData.h ... OK. -n Testing ../../../src/acl/Url.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Url.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Url.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPath.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPa.h.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPa.h.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPort.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPort.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPort.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UserData.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' Making check in fs make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[5]: Nothing to be done for `all'. make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make check-TESTS make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/ufs || exit 1 -n Testing ../../../src/fs/ufs/StoreFSufs.h ... OK. -n Testing ../../../src/fs/ufs/ufscommon.h ... OK. /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/coss || exit 1 -n Testing ../../../src/fs/coss/CossSwapDir.h ... OK. -n Testing ../../../src/fs/coss/StoreFScoss.h ... OK. -n Testing ../../../src/fs/coss/store_coss.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' Making check in repl make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make[5]: Nothing to be done for `all'. make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make check-TESTS make[5]:
Build failed in Hudson: 3.HEAD-i386-opensolaris-SunStudioCc #185
See http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/185/changes Changes: [Amos Jeffries squ...@treenet.co.nz] squidclient: Use -k option to control connection keep-alive or close This is needed to prevent HTTP 1.1 servers (or Squid) holding the connection open after squidclient has finished. Retain the old behavior for HTTP/1.0 requests. [Amos Jeffries squ...@treenet.co.nz] Author: Matthew Morgan atcs.matt...@gmail.com Add acl support to range_offset_limit. It is being parsed using the same data types as reply_body_max_size, which means the limit value gets run through parseBytesLine64, and the acl is optional. If people are using the old global style of range_offset_limit, they shouldn't have to do anything to their configs. getRangeOffsetLimit is now a member of HttpRequest, and it caches it's value the same way reply_body_max_size does for faster repeat checking. -- [...truncated 5158 lines...] Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Time.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Time.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/TimeData.h ... OK. -n Testing ../../../src/acl/Url.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Url.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Url.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPath.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPa.h.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPa.h.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPort.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPort.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPort.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UserData.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' Making check in fs make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[5]: Nothing to be done for `all'. make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make check-TESTS make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/ufs || exit 1 -n Testing ../../../src/fs/ufs/StoreFSufs.h ... OK. -n Testing ../../../src/fs/ufs/ufscommon.h ... OK. /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/coss || exit 1 -n Testing ../../../src/fs/coss/CossSwapDir.h ... OK. -n Testing ../../../src/fs/coss/StoreFScoss.h ... OK. -n Testing ../../../src/fs/coss/store_coss.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' Making check in repl make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make[5]: Nothing to be done
New Auth configuration options
Hi, Would it make sense to define in squid two new configuration options to control Negotiate authentication ? I am thinking of adding Negotiate-NTLM and Negotiate-Kerberos with the same options as Negotiate. Once squid receives a Negotiate response quid has to base64 decode the token and check for the NTLM string before invoking the Negotiate-NTLM or Negotiate-Kerberos helper. Does that break a concept in squid to analyse a token before selecting the helper ? Thank you Markus
Build failed in Hudson: 3.HEAD-i386-opensolaris-SunStudioCc #186
See http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/186/changes Changes: [Automatic source maintenance squid...@squid-cache.org] SourceFormat Enforcement [Amos Jeffries squ...@treenet.co.nz] squidclient: Use -k option to control connection keep-alive or close This is needed to prevent HTTP 1.1 servers (or Squid) holding the connection open after squidclient has finished. Retain the old behavior for HTTP/1.0 requests. -- [...truncated 5158 lines...] Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Time.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Time.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/TimeData.h ... OK. -n Testing ../../../src/acl/Url.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_Url.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_Url.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPath.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPa.h.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPa.h.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UrlPort.h ... OK. Undefined first referenced symbol in file __RTTI__1nMACLChecklist_./testHeaderDeps_UrlPort.o __RTTI__1nSACLFilledChecklist_ ./testHeaderDeps_UrlPort.o ld: fatal: symbol referencing errors. No output written to ./testHeaders -n Testing ../../../src/acl/UserData.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/acl' Making check in fs make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[5]: Nothing to be done for `all'. make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make check-TESTS make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/ufs || exit 1 -n Testing ../../../src/fs/ufs/StoreFSufs.h ... OK. -n Testing ../../../src/fs/ufs/ufscommon.h ... OK. /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../.. -I../../../include -I../../../src -I../../include -I/usr/local/include -I/usr/include/gssapi -I/usr/include/kerberosv5 -I../../../src/fs-g ../../../src/fs/coss || exit 1 -n Testing ../../../src/fs/coss/CossSwapDir.h ... OK. -n Testing ../../../src/fs/coss/StoreFScoss.h ... OK. -n Testing ../../../src/fs/coss/store_coss.h ... OK. PASS: testHeaders = 1 test passed = make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' make[4]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/fs' Making check in repl make[4]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make[5]: Nothing to be done for `all'. make[5]: Leaving directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' make check-TESTS make[5]: Entering directory `http://build.squid-cache.org/job/3.HEAD-i386-opensolaris-SunStudioCc/ws/btlayer-00-default/squid-3.HEAD-BZR/_build/src/repl' /bin/sh ../../../test-suite/testheaders.sh ccache /opt/SunStudioExpress/prod/bin/CC -DHAVE_CONFIG_H -I../../..
Re: New Auth configuration options
On Wed, 7 Apr 2010 20:27:38 +0100, Markus Moeller hua...@moeller.plus.com wrote: Hi, Would it make sense to define in squid two new configuration options to control Negotiate authentication ? I am thinking of adding Negotiate-NTLM and Negotiate-Kerberos with the same options as Negotiate. Once squid receives a Negotiate response quid has to base64 decode the token and check for the NTLM string before invoking the Negotiate-NTLM or Negotiate-Kerberos helper. Does that break a concept in squid to analyse a token before selecting the helper ? Thank you Markus I agree with the principle. Are you thinking having them as separate schemes? There would be a fair bit of coding needed to split the one scheme into two helper backends and to have simultaneous modules with the same scheme name. I can see three ways the auth config may be extended: As new base schemes auth_param negotiate-kerberos auth_param negotiate-ntlm (minor copy-paste of files and documentation) or as helper flags auth_param negotiate kerberos ntlm (maybe a maor re-write needed) or a new kerberos scheme (replacing negotiate scheme) and new negotiate flags to both kerberos and ntlm schemes (somewhat largish code changes to existing negotiate code to simplify it down to a decode wrapper) This last is only possible if Negotiate-NTLM has the same keys and sequence of round-trip keys as NTLM. Then the negotiate flags to kerberos and ntlm schemes can be used which permits the Negotiate pseudo-scheme to be advertised and unwrap-checked before passing the wrapped key to whichever the real backend scheme is. There are a few other things affected by this proposal: * proposals for ACL control of which schemes are presented to clients in the challenge. * the helper renaming, since the scheme name is now sync'd with the helper filename and location. NP: also I'm putting a blocker on any major auth changes internal to Squid until the leakage bugs are resolved. Amos