Re: [squid-users] Windows Messenger through Squid

From: <gsandorx_at_aol.com>
Date: Fri, 5 Nov 2010 16:27:19 -0400 (EDT)

I've been even trying using Squid 3.2.0.2, which I manually compiled.
As you know, Squid 3.2.0.2 has better support for HTTP/1.1 (I thought
it was something related with that, as Squid 2.6STABLE21 uses
HTTP/1.0). Now, with the sniffer I see HTTP/1.1 responses from Live
servers through Squid (when with Squid < 3.2 I was getting HTTP/1.0
responses). Furthermore, balance_on_multiple_ip is off by default in
3.2. Nothing changed.

I have to use this old software as I have _many_ users with this
software already installed, and upgrading would be a pain right now.

I don't think the problem is that Live servers are refusing to login
old releases. I was able to login in from the same clients using direct
connection and through an ISA server 2006 .... :(

Thanks!

-----Original Message-----
From: Amos Jeffries <squid3_at_treenet.co.nz>
To: squid-users <squid-users_at_squid-cache.org>
Sent: Thu, Nov 4, 2010 11:33 pm
Subject: Re: [squid-users] Windows Messenger through Squid

On 05/11/10 02:19, gsandorx_at_aol.com wrote:
> Hi,
>
> I'm trying to setup a Squid server (Centos 5.5, Squid 2.6-STABLE21,
> x64) to help my users to connect to Windows Live (as well as to
provide
> navigation). They _must_ use Windows Messenger (4.x, 5.x - the ones
> shipped by default with Windows XP).
> The Windows Messenger app login successfully (if you enter a wrong
> username/passw combination it refuses to connect) but cannot complete
> the sign in process, displaying (almost indefinitely "Singing in...").
> Looking in access.log, I only see:
>
> 1288735315.171 6858 172.22.8.202 TCP_MISS/200 8272 CONNECT
> login.live.com:443 - DIRECT/65.54.186.17 -
>
> And then (many times, actually!):
>
> 1288735321.511 2048 172.22.8.202 TCP_MISS/200 1539 POST
> http://64.4.44.76/gateway/gateway.dll? - DIRECT/64.4.44.76
> application/x-msn-messenger
>
> I tried using Windows Live Messenger (2009) and it worked perfectly. I
> even tried using an ISA Server 2006 with Windows Messenger (5.x) and
it
> worked as well. I don't have yet any special/tricky ACL, only
> "http_access allow all" to avoid confusions.
>
> Does anybody has a similar setup (squid + windows messenger) ? Any
help
> is appreciated.
>

>> Do you have "balance_on_multiple_ip" set to off? It needs to be

>> The problems may be this:
  security keys validation sent via CONNECT ... DIRECT/65.54.186.17
  login actually performed via POST to ... DIRECT/64.4.44.76

>> An edcated guess is that the Live software uses HTTP/1.1 and
persistent
connections.

>> Why do you have this strict MUST requirement on using very old
versions?
>> Part of the problem may also be that the Live servers refuse login
from old releases with known remote-access security vulnerabilities.

>> Amos
>> --
>> Please be using
>> Current Stable Squid 2.7.STABLE9 or 3.1.9
>> Beta testers wanted for 3.2.0.2
Received on Fri Nov 05 2010 - 20:27:24 MDT

This archive was generated by hypermail 2.2.0 : Sat Nov 06 2010 - 12:00:04 MDT