With some experimentation, I found a way to make authentication
work. Is it the right way? I don't know, but it works...
I had configured my src/Makefile as:
> HOST_OPT = # -DCACHEMGR_HOSTNAME="getfullhostname()"
> AUTH_OPT = -DUSE_PROXY_AUTH=1
> LOG_HDRS_OPT = -DLOG_FULL_HEADERS=1
> ICMP_OPT = # -DUSE_ICMP=1
> DELAY_HACK = # -DDELAY_HACK=1
> USERAGENT_OPT = -DUSE_USERAGENT_LOG=1
> KILL_PARENT_OPT = # -DKILL_PARENT_OPT
> USE_POLL_OPT = # -DUSE_POLL
> # do NOT define both USE_SPLAY_TREE and USE_BIN_TREE at the same time!
> USE_SPLAY_TREE = # -DUSE_SPLAY_TREE
> USE_BIN_TREE = -DUSE_BIN_TREE
> RELOAD_INTO_IMS = -DRELOAD_INTO_IMS
> UNDERSCORES_OPT = -DALLOW_HOSTNAME_UNDERSCORES
What I found is if I changed USE_BIN_TREE from being defined to
not defined, it worked. WHY? I don't know. WHAT does USE_BIN_TREE
do?
Changed:
> USE_BIN_TREE = -DUSE_BIN_TREE
to:
USE_BIN_TREE = # -DUSE_BIN_TREE
Authentication now works.
A little documentation on what the above definitions do would
be VERY useful.
ANYBODY???
Regards,
Bill
> Subject: HELP!
>
> HELP!
>
>
> I am running solaris 2.5.1 and need squid with authentication.
> Because I could not find a version precompiled that had authentication
> turned on - I like the version 1.1.12 pkgadd version for solaris,
> just wish authenticaion was compiled in - I had to download and
> compile my own. So I have just downloaded and installed squid 1.1.18.
>
> The first time I go to authenticate, BOOM! It craters. I can almost
> bet I am doing something wrong, but I have found very little information
> which tells me which compile options I NEED other than USE_PROXY_AUTH=1.
> (I could have missed something)
>
> I also don't know what an 'apache-style' password file looks like.
> >From what I read, I am assuming:
>
> proxy_name:password
>
> where the password is a crypt encrypted password - which one could
> pull from a unix-style password file or shadow file.
>
> It seems to load the password file ok - all 2700 entries, and then
> during the authentication / config file processing of acls - DIES.
>
> With debug set to all,9 here is what I see....
>
> 97/11/07 01:36:53| proxyAuthenticate: user = brpeters
> 97/11/07 01:36:53| proxyAuthenticate: user brpeters validated
> 97/11/07 01:36:53| aclCheck: checking 'http_access deny manager all'
> 97/11/07 01:36:53| aclMatchAclList: checking manager
> 97/11/07 01:36:53| aclMatchAcl: checking 'acl manager proto cache_object'
> 97/11/07 01:36:53| aclMatchAclList: returning 0
> 97/11/07 01:36:53| aclCheck: checking 'http_access deny Dangerous_ports'
> 97/11/07 01:36:53| aclMatchAclList: checking Dangerous_ports
> 97/11/07 01:36:53| aclMatchAcl: checking 'acl Dangerous_ports port 7 9 19'
> 97/11/07 01:36:53| aclMatchAclList: returning 0
> 97/11/07 01:36:53| aclCheck: checking 'http_access allow allowed_hosts'
> 97/11/07 01:36:53| aclMatchAclList: checking allowed_hosts
> 97/11/07 01:36:53| aclMatchAcl: checking 'acl allowed_hosts src 192.168.101.0/255.255.255.0'
> FATAL: Received Bus Error...dying.
> 97/11/07 01:36:53| storeWriteCleanLog: Starting...
> 97/11/07 01:36:53| comm_set_fd_lifetime: FD 26 lft -1
> 97/11/07 01:36:53| Finished. Wrote 108 lines.
> 97/11/07 01:36:53| Took 0 seconds ( 108.0 lines/sec).
> 97/11/07 01:36:53| WARNING: fdstat_update: re-opening Biggest_FD?
> 97/11/07 01:36:53| comm_set_fd_lifetime: FD 27 lft -1
> 97/11/07 01:36:53| enter_suid: PID 4105 taking root priveleges
> 97/11/07 01:36:53| leave_suid: PID 4105 called
>
>
> Here are src/Makefile options I chose (feel free to comment - I don't know
> what most of them mean!)
>
> HOST_OPT = # -DCACHEMGR_HOSTNAME="getfullhostname()"
> AUTH_OPT = -DUSE_PROXY_AUTH=1
> LOG_HDRS_OPT = -DLOG_FULL_HEADERS=1
> ICMP_OPT = # -DUSE_ICMP=1
> DELAY_HACK = # -DDELAY_HACK=1
> USERAGENT_OPT = -DUSE_USERAGENT_LOG=1
> KILL_PARENT_OPT = # -DKILL_PARENT_OPT
> USE_POLL_OPT = # -DUSE_POLL
> # do NOT define both USE_SPLAY_TREE and USE_BIN_TREE at the same time!
> USE_SPLAY_TREE = # -DUSE_SPLAY_TREE
> USE_BIN_TREE = -DUSE_BIN_TREE
> RELOAD_INTO_IMS = -DRELOAD_INTO_IMS
> UNDERSCORES_OPT = -DALLOW_HOSTNAME_UNDERSCORES
>
>
>
> Regards,
> Bill
>
>
> ------------------------------------------------------------------------
> Bill Petersen email: brp@dsccc.com
> UNIX System Admin, Technical Services voice: 972-519-4249
> DSC Communications Corp, Plano, Texas fax: 972-519-4830
> ------------------------------------------------------------------------
> Communication, its one of those things we take for granted...
> ------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
Bill Petersen email: brp@dsccc.com
UNIX System Admin, Technical Services voice: 972-519-4249
DSC Communications Corp, Plano, Texas fax: 972-519-4830
------------------------------------------------------------------------
Communication, its one of those things we take for granted...
------------------------------------------------------------------------
Received on Sat Nov 08 1997 - 16:19:28 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:37:28 MST