Search squid archive

Re: squid + digest ldap + password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 27/05/11 04:00, Maximiliano de Mattos wrote:
thanks Amos!

Now, i try with squid v3, if i remember ok i think i saw a post on
that this version can manage hashed pwds... but now i can't find them
:(

I recall we added it for the Basic auth DB helper. But there is almost no change to the Digest since 2.7. Just some logic bugs.

In other way i thinking to implement a helper thats make these
autentication (taking user + password in clear text as parameters) and
if this is correct, return to digest the result of MD5(user:realm:pwd
in clear text mode)... or ERR in other case...

Think carefully. If the helper is for Squid the data it gets given is straight off the wire. Doing plain-text over the wire (Basic auth) then converting to Digest for the final step once it is already inside secure areas is a bit late.

A Digest helper or update which uses some secure but reversible encrypt for storage in LDAP would be very welcome.

Or even a digest helper which decrypts MD5 hash using the realm and username Squid knows about. To recover the attempted password, do SSHA on it and compare it against the SSHA stored real one.


Amos
--
Please be using
  Current Stable Squid 2.7.STABLE9 or 3.1.12
  Beta testers wanted for 3.2.0.7 and 3.1.12.1


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux