Hi,
Some time ago, I sent a patch to make it possible for squid to display on
the error page any message being returned by an external authenticator in
case of authentication failure and it was, at the time, patched, with some
changes, to squid-2.3, as explained below by Duane Wessels. In spite of
being said that the patch had been commited to squid HEAD branch, I did not
see it in squid-2.4...
Has it really been added to squid-2.4.* ?
If not, are there plans to have it added to squid-2.4*? When? Will it be
available in every new release from now on?
Thanks.
Marcos Barreto de Castro
--- Duane Wessels <wessels@squid-cache.org> wrote:
>
>
>On Fri, 8 Dec 2000, Marcos Barreto de Castro wrote:
>
> > Hi,
> > > Since this is the first time I send a patch to
a
> > software, I would like to appologize in case
>something
> > is missing.
>
>I committed a modified version of your patch to the
>Squid HEAD branch
>
>
>Index: acl.c
>
===================================================================
>RCS file: /server/cvs-server/squid/squid/src/acl.c,v
>retrieving revision 1.225
>diff -u -r1.225 acl.c
>--- acl.c 2000/10/31 23:48:13 1.225
>+++ acl.c 2000/12/08 23:42:15
>@@ -1770,10 +1770,15 @@
> checklist->state[ACL_PROXY_AUTH] =
>ACL_LOOKUP_DONE;
> debug(28, 4) ("aclLookupProxyAuthDone: result =
>%s\n",
> result ? result : "NULL");
>- if (result && (strncasecmp(result, "OK", 2) ==
>0))
>+ if (NULL == result)
>+ checklist->auth_user->passwd_ok = 0;
>+ else if (0 == strncasecmp(result, "OK", 2))
> checklist->auth_user->passwd_ok = 1;
>- else
>+ else {
>+ if (strlen(result) > sizeof("ERR "))
>+ checklist->auth_user->message =
>xstrdup(result+4);
> checklist->auth_user->passwd_ok = 0;
>+ }
> aclCheck(checklist);
> }
> Index: client_side.c
>
===================================================================
>RCS file:
>/server/cvs-server/squid/squid/src/client_side.c,v
>retrieving revision 1.514
>diff -u -r1.514 client_side.c
>--- client_side.c 2000/12/05 09:15:58 1.514
>+++ client_side.c 2000/12/08 23:55:18
>@@ -215,10 +215,13 @@
> int page_id = -1;
> http_status status;
> ErrorState *err = NULL;
>+ char *proxy_auth_msg = NULL;
> debug(33, 2) ("The request %s %s is %s, because
>it matched '%s'\n",
> RequestMethodStr[http->request->method],
>http->uri,
> answer == ACCESS_ALLOWED ? "ALLOWED" :
"DENIED",
> AclMatchedName ? AclMatchedName : "NO ACL's");
>+ if (http->acl_checklist->auth_user)
>+ proxy_auth_msg =
>http->acl_checklist->auth_user->message;
> http->acl_checklist = NULL;
> if (answer == ACCESS_ALLOWED) {
> safe_free(http->uri);
>@@ -230,6 +233,8 @@
> debug(33, 5) ("Access Denied: %s\n",
http->uri);
> debug(33, 5) ("AclMatchedName = %s\n",
> AclMatchedName ? AclMatchedName :
"<null>");
>+ debug(33, 5) ("Proxy Auth Message = %s\n",
>+ proxy_auth_msg ? proxy_auth_msg :
"<null>");
> /*
> * NOTE: get page_id here, based on
AclMatchedName
>because
> * if USE_DELAY_POOLS is enabled, then
>AclMatchedName gets
>@@ -258,6 +263,8 @@
> err = errorCon(page_id, status);
> err->request = requestLink(http->request);
> err->src_addr = http->conn->peer.sin_addr;
>+ err->proxy_auth_msg = proxy_auth_msg;
>+ err->callback_data = NULL;
> errorAppendEntry(http->entry, err);
> }
> }
>Index: errorpage.c
>
===================================================================
>RCS file:
>/server/cvs-server/squid/squid/src/errorpage.c,v
>retrieving revision 1.157
>diff -u -r1.157 errorpage.c
>--- errorpage.c 2000/12/05 09:15:59 1.157
>+++ errorpage.c 2000/12/08 23:56:18
>@@ -377,6 +377,7 @@
> safe_free(err->url);
> safe_free(err->host);
> safe_free(err->dnsserver_msg);
>+ safe_free(err->proxy_auth_msg);
> safe_free(err->request_hdrs);
> wordlistDestroy(&err->ftp.server_msg);
> safe_free(err->ftp.request);
>@@ -404,6 +405,7 @@
> * I - server IP address x
> * L - HREF link for more info/contact x
> * M - Request Method x
>+ * m - Error message returned by external Auth. x * p - URL port #
> x
> * P - Protocol x
> * R - Full HTTP Request x
>@@ -482,6 +484,9 @@
> memBufPrintf(&mb, "%s",
Config.errHtmlText);
> } else
> p = "[not available]";
>+ break;
>+ case 'm':
>+ p = err->proxy_auth_msg ? err->proxy_auth_msg
:
>"[not available]";
> break;
> case 'M':
> p = r ? RequestMethodStr[r->method] : "[unkown
>method]";
>Index: structs.h
>
===================================================================
>RCS file:
>/server/cvs-server/squid/squid/src/structs.h,v
>retrieving revision 1.364
>diff -u -r1.364 structs.h
>--- structs.h 2000/12/05 10:10:59 1.364
>+++ structs.h 2000/12/08 23:55:32
>@@ -69,6 +69,7 @@
> long expiretime;
> struct in_addr ipaddr; /* IP addr this user
>authenticated from */
> time_t ip_expiretime;
>+ char *message;
> };
> struct _acl_deny_info_list {
>@@ -1507,6 +1508,7 @@
> char *host;
> u_short port;
> char *dnsserver_msg;
>+ char *proxy_auth_msg;
> time_t ttl;
> struct in_addr src_addr;
> char *redirect_url;
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
Received on Tue Sep 04 2001 - 05:48:46 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:02 MST