[squid-users] Proxy to proxy authentication

Markus Moeller huaraz at moeller.plus.com
Wed Dec 31 00:51:27 UTC 2014


I thought it wasn't trivial, otherwise it would have been already done.  ;-)

Thank you
Markus

"Amos Jeffries"  wrote in message news:54A3416F.9060501 at treenet.co.nz... 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 31/12/2014 7:59 a.m., Markus Moeller wrote:
> Hi Amos,
> 
>> On 30/12/2014 3:31 p.m., Markus Moeller wrote:
>>> Hi,
>>> 
>>> Can squid authenticate to an upstream proxy using digest ?  If
>>> I saw it right cache_peer allows basic and negotiate only (or
>>> passthrough)
>>> 
>>> Thank you Markus
>>> 
>> 
>> Not yet.
>> 
>> Amos
> 
> Is it planned to add or no real interest in it ?

Mostly lack of interest. As usual if you are interested please feel
free to code. :-)

The biggest issue is that Digest like NTLM does not permit the initial
challenge step to be avoided. So Squid has to be made to handle
request retry when fetching the first nonce. The peer is supposed to
supply a next-nonce before the old one expires so further retries
*should* not be necessary, but may also happen on persistent connections.

Amos

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJUo0FvAAoJELJo5wb/XPRjyjIIAMLwnM/JkZAvRjClivoJUIXC
vZ9a3Z/r69pBMNM1snZ1ep4C+hg7jNYsBjennl03u8Fr+kQ4BhhoaAsqjuOAVeWb
boR1MtOpmkt2dhf+U2js9Y3tSd/tY6QSNoCboVDNEUoZDyowHBovdqL9Ei3gFr1t
lqRNoW39K/vvbWRwB6/WflH4xHiX595Wywshh9Hec7a6nhjwdGvZzeeBvDhG1eVj
ECHcIkBICfTydazIFulyCiDTvUgspC1YpcIV2+P//PKGQEDJ/ds6KwxjKqYix9JU
8pnAnm423O11RzUh7qq8NixACPkOjkP7IDXbvJPG2YrKGVFQj8Fi2gEeEcJ/sgU=
=rq6Y
-----END PGP SIGNATURE-----
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users



More information about the squid-users mailing list