tor 2006-04-06 klockan 19:29 -0400 skrev Scott Ehrlich:
> On Thu, 6 Apr 2006, Henrik Nordstrom wrote:
>
> > You will need to change the source somewhat. Both Squid and ncsa_auth
> > denies blank passwords without even looking into the password file. The
> > attached patch should "fix" this for ncsa_auth. Make sure to read
> > squid.conf.default after applying the patch as it adds a new auth_param
> > basic option for enabling blank passwords.
> Would the answer change if I didn't care about using htpasswd? My goal
> is to create usernames with blank/no passwords for squid to use.
>
> Do I need to patch squid to make this happen, regardless of method
> (htpasswd, etc)?
The patch I sent includes the needed changes to Squid and ncsa_auth. The
changes to Squid is generic and independent of which basic
authentication backend you are using and required to make Squid consider
blank passwords possible. Without these changes Squid always rejects
blank passwords even if supported by you authentication backend.
The ncsa_auth changes is specific to ncsa_auth allowing it to process
blank password queries sent by Squid, but other basic auth helpers may
need similar changes as the ncsa_auth as most are based on the same
basic request processing/parsing loop as ncsa_auth.. I have not looked
in detail at how other basic auth helpers handles this.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Mon May 01 2006 - 12:00:02 MDT