tor 2006-04-06 klockan 19:29 -0400 skrev Scott Ehrlich: > On Thu, 6 Apr 2006, Henrik Nordstrom wrote: > > > You will need to change the source somewhat. Both Squid and ncsa_auth > > denies blank passwords without even looking into the password file. The > > attached patch should "fix" this for ncsa_auth. Make sure to read > > squid.conf.default after applying the patch as it adds a new auth_param > > basic option for enabling blank passwords. > Would the answer change if I didn't care about using htpasswd? My goal > is to create usernames with blank/no passwords for squid to use. > > Do I need to patch squid to make this happen, regardless of method > (htpasswd, etc)? The patch I sent includes the needed changes to Squid and ncsa_auth. The changes to Squid is generic and independent of which basic authentication backend you are using and required to make Squid consider blank passwords possible. Without these changes Squid always rejects blank passwords even if supported by you authentication backend. The ncsa_auth changes is specific to ncsa_auth allowing it to process blank password queries sent by Squid, but other basic auth helpers may need similar changes as the ncsa_auth as most are based on the same basic request processing/parsing loop as ncsa_auth.. I have not looked in detail at how other basic auth helpers handles this. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
