RE: [squid-users] Re: bypass authenticate_ip_ttl_is_stric / DoS

From: Robert Collins <robert.collins@dont-contact.us>
Date: Fri, 26 Apr 2002 22:55:11 +1000

> -----Original Message-----
> From: christian.schoeniger@fes-aes.de
> [mailto:christian.schoeniger@fes-aes.de]

> i solved my problem, but maybe this is also interesting for
> others. function aclMatchProxyAuth() in acl.c handles the
> case when someone tries to authenticate from a second ip
> address with an already validated username and
> authenticate_ip_ttl_is_strict is set to on as a simple
> password mismatch and removes the user from the list of
> already known and valid users.

This has been rewritten in squid 2.5/2.6. You might like to see if they
behave correctly for you.

Rob
Received on Fri Apr 26 2002 - 06:55:13 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:42 MST