On mån, 2008-06-02 at 10:10 -0400, Chris Riggins wrote:
> I found that the method below did not work, actually. I still
> have not figured out just how Apache's "htdigest" is joining the
> several inputs to create the md5 hash, but it isn't
> "user:realm:password" | md5sum.
It is the same. Try again..
$ echo -n "henrik:Squid HTTP Proxy:testing" | md5sum
e07afc91b0cfe99ff7a3630d6f34db62 -
$ htdigest -c test.pwd "Squid HTTP Proxy" henrik
Adding password for henrik in realm Squid HTTP Proxy.
New password: [testing]
Re-type new password: [testing]
$ cat test.pwd
henrik:Squid HTTP Proxy:e07afc91b0cfe99ff7a3630d6f34db62
The following perl snippet also does the same thing:
#!/usr/bin/perl
use Digest::MD5 qw(md5_hex);
if (@ARGV != 3) {
die("usage: user realm password\n");
}
print md5_hex(join(":", @ARGV))."\n";
> I finally got digest auth to work by doing the following (the
> "-c" creates the passwd file):
>
> # htdigest -c <passwd_file> <realm> <username>
>
> which requested a password. I provided it twice, and it generated the
> following line in the file:
>
> <username>:<realm>:md5-hash
>
> Now that format isn't usable by squid
It is. Squid digest_pw_auth accepts both username:hash and
username:realm:hash, with the Apache format preferred.
In the LDAP directory the format is slightly different however as the
data is there stored within the user object, and Squid expecting
realm:hash in the LDAP attribute.
Regards
Henrik
Attachment:
signature.asc
Description: This is a digitally signed message part
