Squid3 ncsa basic auth always fails
Found the problem:
htpasswd
uses -m
(encrypting password with Apache's modified version of MD5)
but Squid's (Squid 3.1.20 on Ubuntu 13.04 repository) ncsa_auth
uses system's crypt
function (unistd.h
or crypt.h
) to check password (if there be any crypt()
- I didn't check other scenarios)
So if we run /usr/lib/squid3/ncsa_auth /etc/squid3/users
and check user/password manually we will get:
~$ /usr/lib/squid3/ncsa_auth /etc/squid3/users
user pass
Segmentation fault (core dumped)
Solution:
for creating password file -d
switch should be used:
htpasswd -d /etc/squid3/users myusername
(using -d tells htpasswd
to use system's crypt
function)
Good Luck
Related videos on Youtube
Comments
-
Ariyan over 1 year
I'm trying to make Squid3 to use basic authentication.
But while i'm providing correct username/password authentication fails!
my ACL and http_access insquid.conf
is:acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl SSL_ports port 443 acl SSL_ports port 80 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/users auth_param basic realm Private auth_param basic credentialsttl 2 hours auth_param basic casesensitive off acl ncsa_users proxy_auth REQUIRED http_access allow ncsa_users http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all
I'm creating
/etc/squid3/users
with:htpasswd /etc/squid3/users myusername
When I configure the proxy in firefox and it requests password I provide correct username/password but it fails and it prompts again.
What is the problem? -
Fabian Winkler almost 9 yearsThis solution also applies to the latest squid3 version on Debian Wheezy (3.4.8-5~bpo70+1).