Re: Pam_auth eats my cpu!

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Fri, 15 Feb 2002 01:23:17 +0100

Ah! Right. Squid won't cope with 0 length auth ttls. Authentication
cannot succeed then as the response is stale when Squid looks at it,
so it immediately queries the helper again.. This is an artefact of
how Squid access controls work. It has no way of telling if the
response is fresh from the helper of cached from a prior lookup.

Robert: Weren't you messing around and cleaning up the odd state
machine for this somewhere?

Regards
Henrik

On Friday 15 February 2002 00.56, Ian McDonald wrote:
> Henrik,
>
> > I have tried everything I can think of, but I cannot reproduce
> > your problem.
>
> [...]
>
> Thank you very much for your efforts. It turns out that I had
> everything set as you described. I had even collected some strace
> output but forgot to send you a sample. However, you will be able
> to collect it yourself as I have now got to the bottom of the
> problem.
>
> I decided to set everything up from scratch last night on an old
> notebook at home. Because I was having to remember some of the
> steps they tended to happen one at a time between testing.
>
> The crucial step was in setting a value for authenticate_ttl in
> squid.conf. At work, I was using 0, as I thought, to indicate that
> I didn't want username/passwords to be cached while I was
> evaluating the output that was appearing in squid's access.log.
> When I gave this a non-zero value everything came good.
>
> Regards,
>
> Ian McDonald
Received on Thu Feb 14 2002 - 17:22:36 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:47 MST