[squid-users] Odd message in cache.log

From: <Ian.Large@dont-contact.us>
Date: Wed, 20 Apr 2005 16:05:37 +0100

Hi folks

Finally we've got round to enabling authentication on our squid boxes. I
had it all tested okay several months ago but it was seen as necessary to
give all our users due warning that they'd need to use a password to get
to the 'net. I've noticed some small glitches on one of our servers.
Nominally both main squids are identically configured, the squid.conf file
on each being a mirror of the other apart from the cache_peer directive.
One of the boxes keeps generating the following in cache.log:

2005/04/20 15:39:58| WARNING: suspicious CR characters in HTTP header near
{Proxy-Authenticate: Basic realm="Internet access proxy^M"^M
}

I can't see any extra characters or whitespaces in the lines referring to
the realm in squid.conf and don't know anywhere else to find them. It
seems to be working okay despite this although the first time you
authenticate with it the page you are on doesn't load and will eventually
time out. Hit return at any point and it loads up straightaway....

I'm kinda puzzled by all this...anyone got any bright ideas?

Ian Large

Versions:
RHEL ES 3.0
squid-2.5.STABLE3-6.3E.8 (latest Red Hat build)

Section of squid.conf with authentication:
auth_param basic program /usr/lib/squid/squid_ldap_auth -b
"dc=cs-plc,dc=salvesen,dc=com" -D "cn=Ldap,dc=cs-plc,dc=salvesen,dc=com"
-w password -f
"(&(CN=%s)(memberOf=CN=InternetUsers,DC=cs-plc,DC=salvesen,DC=com))" -h
10.1.2.1
auth_param basic children 20
auth_param basic realm Internet access proxy
auth_param basic credentialsttl 5 minute


--------------------------------------------------------------------------------

For information on Christian Salvesen visit our website at www.salvesen.com.

The information contained in this e-mail is strictly confidential and for the use of the addressee only; it may also be legally privileged and / or price sensitive. Notice is hereby given that any disclosure, use or copying of the information by anyone other than the intended recipient is prohibited and may be illegal. If you have received this message in error, please notify the sender immediately by return e-mail.

Christian Salvesen has taken every reasonable precaution to ensure that any attachment to this e-mail has been swept for viruses. However, we cannot accept liability for any damage sustained as a result of software viruses and would advise that you carry out your own virus checks before opening any attachment.

Christian Salvesen is a trading name of the Christian Salvesen Group. Christian Salvesen PLC (Company number SC7173) is the ultimate holding company within the Christian Salvesen Group whose registered office is at 16 Charlotte Square, Edinburgh EH2 4DF.
Received on Wed Apr 20 2005 - 09:05:43 MDT

This archive was generated by hypermail pre-2.1.9 : Sun May 01 2005 - 12:00:04 MDT