[PATCH] Bug 2870: --disable-auth does not work

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 27 Jan 2011 22:44:20 +1300

This patch attempts to make it work by removing libauth.la and all
component functionality which depends on it. So far this reduces the
minimal squid binary by a further 1.5MB on disk.

It means anything which requires an authentication process wont work.
They get wrapped in USE_AUTH or if its a specific type with the relevant
USE_AUTH_MODULE_x wrappers.

So far this does:
  * FTP and CacheMgr dependency on --disable-auth-basic has already been
committed.
  * cache_peer login= functionality is greatly reduced under various
combinations of --disable-auth, --disable-auth-basic and
--disable-auth-negotiate
  * peering userhash algorithm is removed
  * delay pools class 4 is removed
  * ACLs testing username are dropped.

Additionally since external ACL user= field is used interchangeably in
several places with a full login and with the right helper can be
considered a full side-band authentication I have disabled the
ExtUser/ext_user components as well.

NP: pinning is not strictly dependent on NTLM, we may use it for other
things without involving auth so left most of it in. Just the logics
which use auth to set the pinning flag are now removable.

IDENT not being an authentication mechanism is also left in.

Can anyone think of something I've overlooked?

Amos

Received on Thu Jan 27 2011 - 09:44:28 MST

This archive was generated by hypermail 2.2.0 : Thu Jan 27 2011 - 12:00:05 MST