Re: [squid-users] Re: Joomla DB authentication support hits Squid! :)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sun, 02 May 2010 13:57:22 +1200

Luis Daniel Lucio Quiroz wrote:
> Le vendredi 23 avril 2010 00:20:13, Amos Jeffries a écrit :
>> Luis Daniel Lucio Quiroz wrote:
>>> Le jeudi 22 avril 2010 20:09:57, Amos Jeffries a écrit :
>>>> Luis Daniel Lucio Quiroz wrote:
>>>>> Le jeudi 22 avril 2010 15:49:55, Luis Daniel Lucio Quiroz a écrit :
>>>>>> HI all
>>>>>>
>>>>>> As a requirement of one client, he wants to use joomla user database
>>>>>> to let squid authenticate.
>>>>>>
>>>>>> I did patch squid_db_auth that Henrik has written in order to support
>>>>>> joomla hash conditions.
>>>>>>
>>>>>> I did add one usefull option to script
>>>>>>
>>>>>> --joomla
>>>>>>
>>>>>> in order to activate joomla hashing. Other options are identical.
>>>>>> Please test :)
>>>>>>
>>>>>> Ammos, I'd like if you can include this in 3.1.2
>>>> Mumble.
>>>>
>>>> How do other users feel about it? Useful enough to cross the security
>>>> bugs and regressions only freeze?
>>>>
>>>>>> LD
>>>>> I have a typo in
>>>>> my salt
>>>>>
>>>>> should be
>>>>> my $salt
>>>>>
>>>>> sorry
>>>> Can you make the option --md5 instead please?
>>>>
>>>> Possibilities are not limited to Joomla and they may change someday.
>>>>
>>>> The option needs to be added to the documentation sections of the helper
>>>> as well.
>>>>
>>>> Amos
>>> I dont get you about "cross the security",
>> 3.1 is under feature freeze. Anything not a security fix or regression
>> needs to have some good reasons to be committed.
>>
>> I'm trying to stick to the freeze a little more with 3.1 than with 3.0,
>> to get back into the habit of it. Particularly since we look like having
>> a good foothold on the track for 12-month releases now.
>>
>>> what i did is that --joomla flag do diferent sql request and because
>>> joomla hass is like this:
>>> hash:salt
>>> i did split and compare. by default joomla uses md5 (i'm not a joomla
>>> master, i dont know when joomla uses other hashings)
>> I intend to use this auth helper myself for other systems, and there are
>> others who ask about a DB helper occasionally.
>>
>>
>> Taking a better look at your changes ...
>>
>> The first one: db_conf = "block = 0" seems to be useless. All it does
>> is hard-code a different default value for the --cond option.
>>
>> For Joomla the squid.conf should instead contain:
>> --cond " block=0 "
>>
>>
>> Which leaves the salted/non-salted hash change.
>> Adding this:
>>
>> --salt-delimiter D
>>
>> To configure character(s) between the hash and salt values. Will not to
>> lock people into the specific Joomla syntax of colon. There are
>> examples and tutorials out there for app design that use other delimiters.
>>
>> Doing both of those changes Joomla would be configured with:
>>
>> ... --cond " block=0 " --salt-delimiter ":"
>>
>>> if you want, latter i may add also --md5 to store md5 password, and
>>> --digest- auth to support diggest authentication :) but later jejeje
>> Amos
>
> HI
> i've just update my patch to fit 3.1.2
>
>
> I hope this could be included since it is based on todays snapshot.
>
> Regards,
>
> LD
>

Thank you.

You still have the --joomla flag. I thought you agreed to call it
something like the --salt and take the delim character ?

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE9 or 3.1.1
Received on Sun May 02 2010 - 01:57:32 MDT

This archive was generated by hypermail 2.2.0 : Sat May 08 2010 - 12:00:04 MDT