Sibling GET with Authentication

From: David Richards <dj.richards@dont-contact.us>
Date: Wed, 02 Sep 1998 09:51:36 +1000 (EST)

Hi,

        There is a problem that I have brought up a few releases ago with
authentication and neighbours. The problem is, that when a cache asks
it's sibling for an object in it's cache, it also expects authentication.
Now, the RFC says that a username/password pair may only be used by one
server, and it may not pass these details along.

        The result is that you can not have authenticating siblings.
However, we have put in a 'fix' until someone decides they want to have a
go at fixing the real problem.

        This is what we do:

        if Request is from a recognised neigbour
        then
                return Authentication is OK
        else
                Do authentication stuff and return result.

        The way we decide if it is a recognised sibling is if it is
registered as one of our peers. How do we do this?? Well, this is the
code, placed in neighbors.c :

peer *
neighborFindByAddr(const char *address)
{
    in_addr_t comparee;
    peer *e = NULL;
    comparee = inet_addr( address );
    for (e = Peers.peers_head; e; e = e->next) {
        if (comparee == e->in_addr.sin_addr.s_addr )
            break;
    }

    return e;
}

        I suppose in the end I am begging someone to look at this problem
seriously and come up with a decent solution.

Thanks,

-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
David Richards
Network Programmer
Internetworking Software Services, Computing Services
Queensland University of Technology
Level 12, 126 Margaret Street
Brisbane QLD 4001, Australia
E-mail: dj.richards@qut.edu.au
Ph: +61 7 3864 4347 Fax: +61 7 3864 5272
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
Received on Tue Sep 01 1998 - 16:49:53 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:41:50 MST