Hi,
Well I have tried 2.5 stable 14 with the last pinning patch:
WWW works well.
Authenticating to an upstream ISA proxy failed, since the
HDR_PROXY_SUPPORT was missing in the replay header thus causing the
"peer_support_connection_pinning()" to return 0.
I did a changed to "peer_support_connection_pinning()"
I removed this condition:
if (!httpHeaderHas(hdr, HDR_PROXY_SUPPORT)
return 0;
Instead I am returning 1, and not proceeding with the rest of the function.
return 1;
header = httpHeaderGetStrOrList(hdr, HDR_PROXY_SUPPORT);
/* XXX This ought to be done in a case-insensitive manner */
rc = (strStr(header, "Session-Based-Authentication") != NULL);
stringClean(&header);
return rc;
Now it seems that NTLM proxy authenticates with the ISA server works fine.
Should there be any problems doing that?
Thanks in advanced,
Tsachi
On 6/16/06, Henrik Nordstrom <[EMAIL PROTECTED]> wrote:
fre 2006-06-16 klockan 00:45 +0200 skrev Tsachi:
> Hi All,
> I am working with squid version 2.5 stable 7.
> I would like to try and get squid talking to an upstream ISA server
> that requires NTLM authentication.
> Squid works as a transparent proxy with a ISA parent (login=PASS).
I would recommend you to try the upcoming 2.6 release instead, or if
for some strange reason going to 2.6 is not acceptable for trying out
new features at a minimum current 2.5 + current version of the patch.
That old pinning patch is very experimental and even known to be
somewhat broken (if I am not mistaken the exact symptoms you are
having..).
Regards
Henrik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQBEkxSHB5pTNio2V7IRAoHqAJ4pfgMP0jZkMuywsekaLO8PvershQCfaDCm
5BiMGjnLtGrZfF+AlzsLLJU=
=Ekg4
-----END PGP SIGNATURE-----
