Hi, Amos
> Very probably yes. The root cause of your problem is still not clear, it
> may be a duplicate or side effect of one of the other keep-alive problems
> which were tracked down and fixed. 3.1.8 as far as we can tell is
> completely keep-alive compliant with non-chunked requests. The remaining
> chunked keep-alive fixes are in 3.2 series (but NTLM in there is reported
> to have unrelated issues and needs more testing).
I tried 3.1.8. When I connected to windows server with NTLM auth via squid,
GET http://XXX.XXX.XXX.XXX/ HTTP/1.1
Proxy-Connection: keep-alive
Authorization: ....
squid replied the following.
HTTP/1.0 401 Unauthorized
WWW-Authenticate: NTLM
Proxy-support: Session-Based-Authentication
Connection: Proxy-support
Connection: keep-alive
^^^^^^^^^^^^^^^^^^^^^^^^^^^
After that, web browser tried to create new connection......
I think that "Connection: keep-alive" must become "Proxy-Connection:
keep-alive"
What do you think ?
--mkishi
On Thu, Oct 14, 2010 at 9:11 AM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On Wed, 13 Oct 2010 21:26:56 +0900, Mikio Kishi <mkishi_at_104.net> wrote:
>> Hi, Henrik
>>
>> Has the following already been fixed on squid-3.1.8 ?
>> I'd like to know the current status about it.
>
> Very probably yes. The root cause of your problem is still not clear, it
> may be a duplicate or side effect of one of the other keep-alive problems
> which were tracked down and fixed. 3.1.8 as far as we can tell is
> completely keep-alive compliant with non-chunked requests. The remaining
> chunked keep-alive fixes are in 3.2 series (but NTLM in there is reported
> to have unrelated issues and needs more testing).
>
> A couple of CVE'd DoS issues and many HTTP/1.1 fixes make it well worth
> the upgrade even if your particular problem is not fixed yet.
>
> Amos
>
Received on Sat Oct 16 2010 - 20:54:49 MDT
This archive was generated by hypermail 2.2.0 : Sun Oct 17 2010 - 12:00:03 MDT