[squid-users] Squid, Kerberos and FireFox (Was: Re: leaking memory in squid 3.4.8 and 3.4.7.)
Victor Sudakov
sudakov at sibptus.tomsk.ru
Sat Oct 11 13:17:47 UTC 2014
Markus Moeller wrote:
> Hi Viktor,
>
> These sections of code do the selection in squid:
>
>
> char *service_name = (char *) "HTTP", *host_name = NULL;
Thanks for posting this. BTW does it mean that the service name "HTTP"
is hardcoded, and if I wanted to use a principal with a different
service name ort without "/" at all, I have no way of doing it other
than patching the source?
I have come across a strange issue with the w2k AD. When requested for
a ticket to "HTTP/proxy.sibptus.transneft.ru", it instead gives the
ticket to "PROXY01-SIBPTUS$" (this is the name of the AD account to
which the SPN "HTTP/proxy.sibptus.transneft.ru" is bound). I seem to
have no way of using this "HTTP"-less name in a keytab.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru
More information about the squid-users
mailing list