Re: [squid-users] patch external_acl_fuzzy

From: Ilya <quiz@dont-contact.us>
Date: Sat, 27 Nov 2004 09:57:39 +0600

> On 26.11 17:03, Ilya wrote:
>> By "ident-like" phrase I mean that the work of my
>> authentication program will be similar to the work of
>> "classic" ident (rfc 1413). So its work will base on the
>> knowledge of src and dst ports. But the protocol of the
>> communication between C and S will differ.
>
> ok, may I know what is the protocol, its purpose and
>fuinctionality?

We want to develop ident-like program to authenticate our
Squid users in secure manner. Something like this:
Client (Squid`s external module) asks:
- who is : local port, remote port : challenge
Server (Users` PC) replies:
- user : name : HMAC(password, challenge)
Client (Squid`s external module) checks the answer and decides
whether to grant access or not.

I don`t what to describe all technical aspect of the
developing of such communication protocol. But it is possible.

And the question again:
In what cases Squid patched with external_acl_fuzzy gives "0"
as %SRCPORT to the external module?

wbr,
Ilya
Received on Fri Nov 26 2004 - 20:56:44 MST

This archive was generated by hypermail pre-2.1.9 : Wed Dec 01 2004 - 12:00:02 MST