[squid-dev] [PATCH] Digest Auth support for LDAP HA1 attribute without realm
FUSTE Emmanuel
emmanuel.fuste at thalesgroup.com
Fri Jan 20 16:41:54 UTC 2017
Le 20/01/2017 à 16:36, Alex Rousskov a écrit :
> On 01/20/2017 06:05 AM, FUSTE Emmanuel wrote:
>
>> We have to support many historic digest auth implementation for which
>> the realm is not included in the digest password attribute:
>> The password is effectively stored as "HA1" instead of "REALM:HA1".
>> I would like to kill our own homegrown helpers and use the Squid
>> provided one.
>>
>> Is something like the attached patch is acceptable/could be included
>> in a future Squid release ?
> I would prefer that others answer your question because this is not my
> area of expertise, but if this patch is accepted, then please:
>
> 1. Rename notnulldelim to a positive name like haveDelimiter or, better,
> remove that variable completely in favor of a direct *delimiter test.
>
> 2. Use a *delimiter test instead of strcmp("") to detect empty delimiter
> strings.
>
> 3. Rephrase the -l help string to use "empty string" instead of "null"
> and "password alone" instead of "no realm" (or similar).
>
>
> Thank you,
>
> Alex.
>
Thank you for your review.
Is the attached v2 address all your points ?
Emmanuel.
--
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: digest_ldap_auth-v2.diff
URL: <http://lists.squid-cache.org/pipermail/squid-dev/attachments/20170120/c01b3b8d/attachment.ksh>
More information about the squid-dev
mailing list