"Amos Jeffries" wrote in message
news:4a76cd57.4080...@treenet.co.nz...
Markus Moeller wrote:
The attached patch is against the latest cvs and brings squid 2 in line
with squid 3.
Regards
Markus
Have the two comments I stuck in there for Squid-3 about syncing the
buffer mag
The attached patch is against the latest cvs and brings squid 2 in line with
squid 3.
Regards
Markus
squid-2-kerb_auth.patch
Description: Binary data
The following line 191 in pconn.cc will crash if domain or client_address
are 0. The lines before check for these cases.
debugs(48,6,"PconnPool::key(" << host << "," << port << "," << domain <<
"," << inet_ntoa(*client_address) << "is {" << buf << "}" );
Regards
Markus
I think I have to revisit Kernighan and Ritchie ;-)
Thank you
Markus
"Henrik Nordstrom" wrote in message
news:1247481804.11584.13.ca...@localhost.localdomain...
Hi Markus
i just saw this change which copies the user string a temporary buffer
only to \0 terminate it before printf
http://www
That sounds more like WAN optimisation than proxying.
Markus
"Jorge Novo" wrote in message
news:7e6ed6510906011434v489c29c5m1d81af8869da2...@mail.gmail.com...
2009/5/30 Amos Jeffries :
Jorge Novo wrote:
Hi,
My name is Jorge I am not subscribed to the list cos actually I am
not a develope
- Original Message -
From: "Amos Jeffries" <[EMAIL PROTECTED]>
To: "Markus Moeller" <[EMAIL PROTECTED]>
Cc:
Sent: Monday, November 10, 2008 1:42 PM
Subject: Re: squid_kerb_auth build issues with 3.1.0.1 on FreeBSD
Markus Moeller wrote:
I will u
tiate_kerb_auth at the end of the make.
Markus
- Original Message -
From: "Amos Jeffries" <[EMAIL PROTECTED]>
Newsgroups: gmane.comp.web.squid.devel
To: "Thomas-Martin Seck" <[EMAIL PROTECTED]>
Cc: ; "Markus Moeller"
<[EMAIL PROTECTED]>
Sent: Sunda
ut it seems the header files got
lost.
Markus
- Original Message -
From: "Thomas-Martin Seck" <[EMAIL PROTECTED]>
To: "Markus Moeller" <[EMAIL PROTECTED]>
Cc: "Amos Jeffries" <[EMAIL PROTECTED]>;
Sent: Sunday, November 09, 2008 10:14 PM
Subj
rb_auth.c:537: warning: implicit declaration of function
`ska_base64_encode'
*** Error code 1
On FreeBSD 6, helpers/negotiate_auth/squid_kerb_auth/config.h looks
like the following, on FreeBSD 7 the only difference is that
HAVE_GSSAPI_GSSAPI_KRB5_H is (correctly) defined:
/* config.h
OTECTED]>
To: "Thomas-Martin Seck" <[EMAIL PROTECTED]>
Cc: ; "Markus Moeller" <[EMAIL PROTECTED]>
Sent: Sunday, November 09, 2008 1:55 AM
Subject: Re: squid_kerb_auth build issues with 3.1.0.1 on FreeBSD
Thomas-Martin Seck wrote:
Squid devs,
I had a look at 3.1.0.
Sorry, then I am looking at the wrong trunk.
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
How can I convince you to add the newer source plus the helper configure
?
Markus
The new tarball has already been integ
How can I convince you to add the newer source plus the helper configure ?
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Amos Jeffries wrote:
Markus Moeller wrote:
The existing code in the squid_kerb_auth directory is minimal and has n
I am fine with the name, but I really think you should use the updated
source (including configure) from sourceforge as it contains some platform
and Kerberos distribution dependant checks.
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
While I have you in
sr/include/gssapi/gssapi.h || -f /usr/include/gssapi.h ]]; then
exit 1
fi
exit 0
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
Can you use my tar file from sourceforge
http://downloads.sourceforge.net/squidkerb
os Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
Is there something I can do ?
Markus
You can write the config.test script if you know portable shell script.
You are also likely the one who knows best what tests are critical for the
helpe
Ok . I'll have a look into some examples.
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
Is there something I can do ?
Markus
You can write the config.test script if you know portable shell script.
You are al
Is there something I can do ?
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
As far as I remember, with these options squid_kerb_auth shouldn't be
included in the build.
Default is for all helpers to build unle
As far as I remember, with these options squid_kerb_auth shouldn't be
included in the build.
Markus
"Alex Rousskov" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
On Thu, 2008-10-30 at 20:01 +0100, Henrik Nordstrom wrote:
On tor, 2008-10-30 at 10:49 -0600, Alex Rousskov wrote:
I think on ubuntu it is the libkrb5-dev package.
Markus
"Markus Moeller" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Do you have the Kerberos development package with gssapi.h installed ?
Markus
"Alex Rousskov" <[EMAIL PROTECTED]> wrote i
Do you have the Kerberos development package with gssapi.h installed ?
Markus
"Alex Rousskov" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Hello,
Make -k distclean; ./bootstrap.sh && ./configure && make results in
these (and many more) errors:
squid_kerb_auth.c:133: error:
Can you send me the whole configure output. It looks like you don't have any
gssapi headers. Maybe I need to add a #error for that case.
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
Here are the diffs
Here are the diffs of where I placed the AC_CONFIG_SUBDIR in configure.in.
Markus
"Amos Jeffries" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
Markus Moeller wrote:
Hi Henrik,
I added AC_CONFIG_SUBDIR to configure.in and added some checks to my
configure to
Hi Henrik,
I added AC_CONFIG_SUBDIR to configure.in and added some checks to my
configure to allow the use of libmiscutil. If you copy the content of
http://switch.dl.sourceforge.net/sourceforge/squidkerbauth/squid_kerb_auth-1.0.3.tar.gz
into helpers/negotiate_auth/squid_kerb_auth into should w
Do I understand right that in squid-2 you don't support it ?
Markus
"Henrik Nordstrom" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
On sön, 2008-09-14 at 12:00 +0100, Markus Moeller wrote:
My squid_kerb_auth helper would benefit from a better Makefile. T
Would it be possible to increase the buffer in authenticateNegotiateStart as
in some cases base64 encode Kerberos Tokens can be bigger than 8kB.
Thank you
Markus
--- squid-2.7.STABLE3/src/auth/negotiate/auth_negotiate.c 2007-08-29
00:39:10.0 +0200
+++ squid-2.7.STABLE3.kerb/src/auth/n
Thanks. I have now a patch for STABLE13 which you can get from
http://squidkerbauth.cvs.sourceforge.net/*checkout*/squidkerbauth/squid_kerb_proxy_auth/squid-2.6.STABLE13-kerb.patch?revision=1.2
and
http://squidkerbauth.cvs.sourceforge.net/*checkout*/squidkerbauth/squid_kerb_proxy_auth/squid_ker
I had also a config error why Basic auth didn't work. I can now use Basic
auth through the isa server for CONNECT.
Markus
"Markus Moeller" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>I did some further investigation and it seems the ISA server reacts
I think I know why my patch doesn't work for CONNECT sites. The reason is
that request->host does NOT contain the next proxy as it is the case for the
GET method. Is there any other structure/varibale which contains the next
proxy for all methods ?
Thanks
Markus
"Markus Moe
I updated my helper at
http://squidkerbauth.cvs.sourceforge.net/squidkerbauth/ and I provide now
autoconf files. I tested it on
Linux with MIT and Heimdal, on Solaris 8, 10 and OpenSolaris with SEAM, AIX
5.3 with NAS.
Markus
fails
for HTTP CONNECT. Has anybody experienced similar ?
Is anybody working on squid to handle the processing of a 407 from an
upstream proxy ?
Markus
"Markus Moeller" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> Find attached a patch which adds a call to my
Find attached a patch which adds a call to my functions to http.c and a tar
file with my routines. To make it work do the following:
1) Patch 2.6.STABLE13 with my patch file and extract my source to squid's
src directory.
2) Run configure with CFLAGS="-I/usr/kerberos/include"
LDFLAGS="-L/usr/ke
I have now a test version working (with hardcoded cache_peer hostname). So
basically seems to work as Basic auth without looking at the 407 return
code.
Markus
"Markus Moeller" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>I am now looking at http.c ( squid
I am now looking at http.c ( squid 2.6STABLE13) and I think I can add some
code around here:
} else {
httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s",
base64_encode(orig_request->peer_login));
}
The only value I need at that point is the
How do you to it then with Basic authentication ? I thought that is
implemented or don't you wait either on a 407 ?
Thank you
Markus
"Henrik Nordstrom" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
I'd like to implement a way that squid authenticates to an upstream ISA
proxy server. The ISA server will request a Proxy-Authenticate: Negotiate
and I have a routine which can create the Kerberos token for the
Proxy-Authorize: Negotiate response, but I am not sure where I need to add
the code
I installed 2.6-STABLE13 and now it works.
Thank you
Markus
"Henrik Nordstrom" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
I use the below on Opensuse 10.2
/usr/sbin/squid -v
Squid Cache: Version 2.6.STABLE6
configure options: '--prefix=/usr' '--sysconfdir=/etc/squid'
'--bindir=/usr/sbin' '--sbindir=/usr/sbin' '--localstatedir=/var'
'--libexecdir=/usr/sbin' '--datadir=/usr/share/squid'
'--mandir=/usr/share/man' '
I think I am very close to get my helper program to work. At least I have on
setup where it works fine and one where I get the below
messages about "User not fully authenticated". Can someone explain the order
of the authenticate calls and what means "now at '1'" '2'.. , etc. ?
Thank you
Markus
Yes the setbuf was missing.
Thanks
Markus
"Duane Wessels" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>
>
>
> On Wed, 9 May 2007, Markus Moeller wrote:
>
>> I have written a helper program for the negotiate protocol (only the
>> Kerb
I have written a helper program for the negotiate protocol (only the
Kerberos part of it). I can get it to determine the correct userid but
somehow the reply doesn't get back to squid. I don't get any debug from
authenticateNegotiateHandleReply. What triggers
authenticateNegotiateHandleReply to
27;
'--enable-multicast-miss' '--enable-ssl' '--enable-cache-digests'
'--enable-auth-on-acceleration' '--enable-storeio=aufs,coss,diskd,null,ufs'
'--enable-linux-netfilter' '--enable-removal-policies=heap,lru'
'--enable-i
I have written a helper program for the negotiate protocol (only the
Kerberos part of it). I can get it to determine the correct userid but
somehow the reply doesn't get back to squid. I don't get any debug from
authenticateNegotiateHandleReply. What triggers
authenticateNegotiateHandleReply to
101 - 142 of 142 matches
Mail list logo
