<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">On 25.01.2023 16:58, Eduard Bagdasaryan
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:f30b80d9-815a-8909-cd5c-770a5703ccec@measurement-factory.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div class="moz-cite-prefix">On 25.01.2023 15:29, Amos Jeffries
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:642b9a31-821c-ab67-c77b-41d880ca96f1@treenet.co.nz">On
25/01/2023 5:34 pm, Alex Rousskov wrote: <br>
<blockquote type="cite" style="color: #007cff;">On 1/24/23
20:57, Amos Jeffries wrote: <br>
<br>
<blockquote type="cite" style="color: #007cff;">Blocker #1:
The cachemgr_passwd directly still needs to be cleanly
removed, eg replaced by a manager_access ACL based
mechanism. <br>
</blockquote>
<br>
I do not see a relationship: I have not tested it, but the
existing CacheManager::ParseHeaders() code already extracts
authentication information from cache manager requests that
use "http" scheme AFAICT. Can you detail why the
cachemgr_passwd directive/code cannot continue to work
essentially as it works today after cache_object scheme
support is removed from Squid? <br>
</blockquote>
<br>
We should check that then. It may not be as impactful as I am
recalling. </blockquote>
<p><br>
</p>
<p>My test showed that CacheManager::ParseHeaders() extracts
password from the Authorization header incorrectly:
params.password gets an extra '\n' symbol and
CacheManager::CheckPassword() fails. This, however, seems easy
to fix.</p>
</blockquote>
<p><br>
</p>
<p>My previous test was incorrect - please ignore this comment. I
retested it with a properly encoded base64 password now.</p>
<p><br>
</p>
<p>Eduard.<br>
</p>
</body>
</html>