Squid3 ncsa basic auth always fails

13.04 configuration proxy squid
11,480

Found the problem:
htpasswd uses -m (encrypting password with Apache's modified version of MD5)
but Squid's (Squid 3.1.20 on Ubuntu 13.04 repository) ncsa_auth uses system's crypt function (unistd.h or crypt.h) to check password (if there be any crypt() - I didn't check other scenarios)
So if we run /usr/lib/squid3/ncsa_auth /etc/squid3/users and check user/password manually we will get: 

~$ /usr/lib/squid3/ncsa_auth /etc/squid3/users
user pass
Segmentation fault (core dumped)

Solution:
for creating password file -d switch should be used: 

htpasswd -d /etc/squid3/users myusername

(using -d tells htpasswd to use system's crypt function)

Good Luck

Share:
11,480

Related videos on Youtube

Ariyan
Author by

Ariyan

[Linux] [PHP , Python , Java , C ]

Updated on September 18, 2022

Comments

  • Ariyan
    Ariyan over 1 year

    I'm trying to make Squid3 to use basic authentication.
    But while i'm providing correct username/password authentication fails!
    my ACL and http_access in squid.conf is: 

    acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

acl SSL_ports port 443
acl SSL_ports port 80
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/users
auth_param basic realm Private
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off

acl ncsa_users proxy_auth REQUIRED

http_access allow ncsa_users
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all

    I'm creating /etc/squid3/users with: 

    htpasswd /etc/squid3/users myusername

    When I configure the proxy in firefox and it requests password I provide correct username/password but it fails and it prompts again.
    What is the problem?

  • Fabian Winkler
    Fabian Winkler almost 9 years
    This solution also applies to the latest squid3 version on Debian Wheezy (3.4.8-5~bpo70+1).

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I force Squid Proxy to use a specific gateway for internet access?
Squid 403's every request as an HTTP proxy
How to configure Squid connection|read|write timeout per Request instead of Globally
Nexus won't download artifacts from Central
Reverse proxy from nginx to squid
Is it possible to install proxy server to DD-WRT?
Unable to determine IP address from host name
How to configure to auto detect proxy?
Upstart can't start MySQL
Squid proxy with ncsa_auth