I've tried to play by the rules and check the mailing list archives for an issue I am experiencing, but I believe my situation to be slightly different than the Proxy-Connection issues previously addressed.
I can understand how squid is unable to provide Keep-Alive persistent connections in circumstances where the Content=Length of the origin server's replies is no provided. However, I am seeing squid close connections (with or without "Proxy-Connection: Keep-Alive" specified) during Digest authentication header exchanges.
I've sniffed my browser dealing with squid, and the negotiation is indeed transpiring over two consecutive sockets. First, the client asks for the document, squid replies with a 407 providing the digest auth parameters (nonce, realm, etc), closes my connection, then the browser opens ANOTHER socket, providing the authentication response which squid then approves, replying with an HTTP 200.
Is there a way to perform this exchange over a single socket? The digest auth documentation I've found (including RFC 2617) seems to imply that these requests can be performed over the same TCP connection.
Any help/pointers would be greatly appreciated, Joe Boyle
Attachment:
smime.p7s
Description: S/MIME cryptographic signature