Henrik,I updated the patch. I also said that I removed the configure from squid_kerb_auth by replacing the whole squid_kerb_auth directory with the attached tar file (to the previous post) which hopefully fixes the fedora build.
Thank you Markus"Henrik Nordstrom" <hen...@henriknordstrom.net> wrote in message news:1251770416.16800.65.ca...@henriknordstrom.net...
Needs quoting: + KRB5INCS=`$krb5confpath --cflags krb5 2>/dev/null` + KRB5LIBS=`$krb5confpath --libs krb5 2>/dev/null` (seen twice, Solaris & generic) Would also be nice if you could update squid_kerb_auth/configure with this simplified kerberos configure dance. The squid_kerb_auth/configure in Squid-3.0 adds a bit too many linker flags adding -Lno/lib -Rno/lib for me and currently prevents it from being packaged for Fedora (build QA check failure, incorrect run-path) Regards Henrik mån 2009-08-31 klockan 14:03 +0100 skrev Markus Moeller:Hi Amos, find attached a patch against the head release. since I now need Kerberos and GSSAPI for the main source I removed the squid_kerb_auth configure and replaced the squid_kerb_auth directory with the attached.I tested on OpenSuse 11 with MIT Kerberos 1.6.3(the default) and Freebsd 7.0 with Heimdal 1.2.1(added as the older freebsd base Heimdal package createsproblems as squids asn1.h and krb5_asn1.h have conflicts with oid definitions) Regards Markus----- Original Message ----- From: "Amos Jeffries" <squ...@treenet.co.nz>To: "Markus Moeller" <hua...@moeller.plus.com> Cc: <squid-dev@squid-cache.org> Sent: Tuesday, August 25, 2009 12:38 PM Subject: Re: Patch to authenticate securely to upstream ISA server(or others) > Markus Moeller wrote:>> In some setups the upstream proxy requires a secue authentication >> method>> (Negotiate, NTLM). The attached patches (2.7 and 3.0) allow this with >> Negotiate. >> >> Regards >> Markus > > Hi Markus, > Good to see this feature appearing. > > Just a few things to fix up before this can go in: >> * Makefile.am lines for linking peer_proxy_negotiate_auth.cc seem to > be> indented with spaces instead of the automake required tabs. > > * Unfortunately 3.0 is closed for new features. Can we get a diff > against 3.HEAD code please? >> * there is zero documentation for the new option settings. Please add > to> the cache_peer entry of src/cf.data.pre with the new details for > login=NEGOTIATE. >> * there is also no documentation for any of the code. Please prefix > each> new function and global in your new code with at least an overview > description of what it does. > > > Amos> -- > Please be using> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE18 > Current Beta Squid 3.1.0.13 >
squid-3-head-2.diff
Description: Binary data