Luis Daniel Lucio Quiroz wrote:
> Le jeudi 22 avril 2010 20:09:57, Amos Jeffries a écrit :
>> Luis Daniel Lucio Quiroz wrote:
>>> Le jeudi 22 avril 2010 15:49:55, Luis Daniel Lucio Quiroz a écrit :
>>>> HI all
>>>>
>>>> As a requirement of one client, he wants to use joomla user database to
>>>> let squid authenticate.
>>>>
>>>> I did patch squid_db_auth that Henrik has written in order to support
>>>> joomla hash conditions.
>>>>
>>>> I did add one usefull option to script
>>>>
>>>> --joomla
>>>>
>>>> in order to activate joomla hashing. Other options are identical.
>>>> Please test :)
>>>>
>>>> Ammos, I'd like if you can include this in 3.1.2
>> Mumble.
>>
>> How do other users feel about it? Useful enough to cross the security
>> bugs and regressions only freeze?
>>
>>>> LD
>>> I have a typo in
>>> my salt
>>>
>>> should be
>>> my $salt
>>>
>>> sorry
>> Can you make the option --md5 instead please?
>> Possibilities are not limited to Joomla and they may change someday.
>>
>> The option needs to be added to the documentation sections of the helper
>> as well.
>>
>> Amos
>
>
> I dont get you about "cross the security",
3.1 is under feature freeze. Anything not a security fix or regression
needs to have some good reasons to be committed.
I'm trying to stick to the freeze a little more with 3.1 than with 3.0,
to get back into the habit of it. Particularly since we look like having
a good foothold on the track for 12-month releases now.
> what i did is that --joomla flag do diferent sql request and because joomla
> hass is like this:
> hash:salt
> i did split and compare. by default joomla uses md5 (i'm not a joomla master,
> i dont know when joomla uses other hashings)
I intend to use this auth helper myself for other systems, and there are
others who ask about a DB helper occasionally.
Taking a better look at your changes ...
The first one: db_conf = "block = 0" seems to be useless. All it does
is hard-code a different default value for the --cond option.
For Joomla the squid.conf should instead contain:
--cond " block=0 "
Which leaves the salted/non-salted hash change.
Adding this:
--salt-delimiter D
To configure character(s) between the hash and salt values. Will not to
lock people into the specific Joomla syntax of colon. There are
examples and tutorials out there for app design that use other delimiters.
Doing both of those changes Joomla would be configured with:
... --cond " block=0 " --salt-delimiter ":"
>
> if you want, latter i may add also --md5 to store md5 password, and --digest-
> auth to support diggest authentication :) but later jejeje
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.1Received on Fri Apr 23 2010 - 05:20:23 MDT
This archive was generated by hypermail 2.2.0 : Sun Apr 25 2010 - 12:00:05 MDT