[squid-dev] Possible mistake in src/peer_digest.cc
Aymeric Vincent
aymericvincent at free.fr
Sun Oct 25 16:59:10 UTC 2015
Hi,
Amos Jeffries <squid3 at treenet.co.nz> writes:
> Please do check if that is actually happening when a principal is
> configured. And then if your patch prevents it. I will accept if it
> tests as actually needed and working.
So I added the following line to a squid.conf
cache_peer localhost parent 3129 0 default login=NEGOTIATE:abcd
and started squid without the patch. After faking a connection to the
squid and waiting for a timeout, the following shows up on port 3129.
$ nc -k6l 3129
...
GET /squid-internal-periodic/store_digest HTTP/1.1
Accept: application/cache-digest
Accept: text/html
Via: 1.1 x (squid/4.0.1-BZR)
X-Forwarded-For: ::
Host: localhost:3129
Authorization: Basic TkVHT1RJQVRFOmFiY2Q=
Cache-Control: max-age=259200
Connection: keep-alive
And, base64-decoding the basic auth token yields as expected:
$ base64 -d <<EOF
> TkVHT1RJQVRFOmFiY2Q=
> EOF
NEGOTIATE:abcd$
After applying the patch, recompiling and restarting squid, the same
sequence of actions gives:
$ nc -k6l 3129
...
GET /squid-internal-periodic/store_digest HTTP/1.1
Accept: application/cache-digest
Accept: text/html
Via: 1.1 x (squid/4.0.1-BZR)
X-Forwarded-For: ::
Host: localhost:3129
Cache-Control: max-age=259200
Connection: keep-alive
Notice the absence of Authorization: line.
Best regards,
Aymeric
More information about the squid-dev
mailing list