Re: [squid-users] LDAPv3 problems

On Fri, 2006-07-21 at 22:50 +0200, Henrik Nordstrom wrote:

> Please try with a more current version of squid_ldap_auth. 2.5.STABLE5
> is very old, and there was a lot of fixes to squid_ldap_auth over the
> years..
>

Interesting... I didn't realize it was that old. That hardware is
running SuSE 9.3 and is 1 of 2 that have not been rolled up to SuSE 10.

squid-2.5.STABLE10-5.2 is what is in the SuSE 10 release. After looking
at the previous/current release info for squid, it seems that even it is
out dated by a long shot. I'll have to look at compiling from source
when we upgrade that hardware.

> Current versions of squid_ldap_auth has been verified in LDAPv3
> operations both with and without TLS, and LDAPv2 operations both plain
> and SSL wrapped (aka ldaps), and with quite many differnt OpenLDAP
> versions and also a few other LDAP libraries.
>
> squid_ldapauth is a completely different program, distributed separately
> by it's authors, separate from the Squid project.
>
> > squid_ldap_auth never connects. It just sits at a new line and never
> > returns to the prompt without a ctrl-c.
>
> It only connects when you give it a query as input. Syntax on the basic
> auth queries can be found in the squid.conf comments, but to keep it
> simple it's just
>
> username<space>password<enter>
>
> Regards
> Henrik

Thank you very much!! that was the part I was missing. I found the
syntax in squid.conf now. I was just looking for it in the man page
and /usr/share/doc/ which was obviously the wrong place. I thought is
was strange that strace was stopping at a READ and everything I was
sending was getting the ERR response and no query to LDAP took place. I
was just feeding in username<enter>.

In any case, I was able to specify -v 3 and get it to work via ldap,
ldaps and with TLS using the proper syntax. Now to implement it in the
conf file....

Thanks again!

Mike
Received on Fri Jul 21 2006 - 15:50:40 MDT