On 26.11 17:03, Ilya wrote:By "ident-like" phrase I mean that the work of my authentication program will be similar to the work of "classic" ident (rfc 1413). So its work will base on the knowledge of src and dst ports. But the protocol of the communication between C and S will differ.
ok, may I know what is the protocol, its purpose and fuinctionality?
We want to develop ident-like program to authenticate our Squid users in secure manner. Something like this:
Client (Squid`s external module) asks:
- who is : local port, remote port : challenge
Server (Users` PC) replies:
- user : name : HMAC(password, challenge)
Client (Squid`s external module) checks the answer and decides whether to grant access or not.
I don`t what to describe all technical aspect of the developing of such communication protocol. But it is possible.
And the question again:
In what cases Squid patched with external_acl_fuzzy gives "0" as %SRCPORT to the external module?
wbr, Ilya
