Bug #5940
closedSquid Local Authentication fails with passwords >8 characters
100%
Description
Hi,
I just upgraded some machines from 2.1.5 amd64 with Squid 3.1.20 pkg 2.1.4 to 2.2.6 amd64 with Squid3 0.4.7.
Existing Squid users with locally stored passwords +6 charcters cannot authenticate any longer.
Removing the user and/or re-adding the password does not help.
Using passwords with 6 characters does work.
Updated by Markus Brungs almost 9 years ago
Additional note: The affected version is 2.2.6. I couldn´t select that from the dropdown.
Updated by Chris Buechler over 8 years ago
- Subject changed from Squid3 0.4.7 Local Authentication fails with passwords +6 characters to Squid Local Authentication fails with passwords >8 characters
- Status changed from New to Confirmed
- Affected Version changed from 2.2.5 to All
- Affected Architecture added
- Affected Architecture deleted (
amd64)
fails because of the crypt using a base64_encode of the password as a salt in that case, plus also fails >8 characters because it uses DES for the ncsa_auth.
Updated by Kill Bill about 8 years ago
Appears to be fixed: https://github.com/pfsense/FreeBSD-ports/blob/devel/www/pfSense-pkg-squid/files/usr/local/pkg/squid.inc#L1925
@Markus - please test with current version and report back.
Updated by Jim Pingle about 8 years ago
- Status changed from Confirmed to Feedback
- Assignee set to Markus Brungs
- % Done changed from 0 to 100
Updated by Markus Brungs about 8 years ago
Hi Jim,
I´ve tested with a recent version of the Squid package on amd64 and i386 (I know i386 is nearly dead).
Both confirmed to be working with longer passwords.
Updated by Jim Pingle about 8 years ago
- Status changed from Feedback to Resolved