[Date Prev][Date Next] [Chronological] [Thread] [Top]

Squid+Openldap



Hi, (Squid version: squid-2.4.STABLE4 and Openldap version: Openldap-2.0.19)
 
    I configure squid to use ldap_auth as external program authenticator, with this squid.conf file
 
http_port 8080
icp_port 0
hierarchy_stoplist cgi-bin \?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
cache_swap_low  90
cache_swap_high 95
maximum_object_size 4096 KB
cache_mem 32 MB
cache_dir ufs /var/spool/squid 1000 16 256
reference_age 1 month
quick_abort_min 16 KB
quick_abort_min 16 KB
quick_abort_pct 95
negative_ttl 5 minutes
positive_dns_ttl 6 hours
negative_dns_ttl 5 minutes
redirect_rewrites_host_header off
request_header_max_size 10 KB
request_body_max_size 512 KB
reply_body_max_size 512 KB
authenticate_program /opt/squid/libexec/squid/ldap_auth
authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid
authenticate_children 5
acl localnet src 10.10.21.240/255.255.255.255
acl localhost src 127.0.0.1/255.255.255.255
acl ldap proxy_auth REQUIRED
acl Safe_ports port 80 443 210 119 70 21 1025-65535
acl CONNECT method CONNECT
acl all src 0.0.0.0/0.0.0.0
http_access allow localnet
http_access allow localhost
http_access allow ldap
http_access deny !Safe_ports
http_access deny CONNECT
http_access deny all
cache_mgr pepe@ola.es
cache_effective_user nobody
cache_effective_group nobody
log_icp_queries off
cachemgr_passwd secret all
buffered_logs on
    I just have created the cache directories ( squid -z ), but when I up the squid this is the output message:
 
[root@wapchat kk]# /opt/squid/bin/squid
2002/08/02 19:50:09| parseConfigFile: line 23 unrecognized: 'authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid'
[root@wapchat kk]#
Message from syslogd@wapchat at Fri Aug  2 19:50:09 2002 ...
wapchat kernel:  <1>Unable to handle kernel NULL pointer dereference at virtual address 00000000
 
Message from syslogd@wapchat at Fri Aug  2 19:50:09 2002 ...
wapchat kernel:  printing eip:
 
Message from syslogd@wapchat at Fri Aug  2 19:50:09 2002 ...
wapchat kernel: d08eeb4f
 
Message from syslogd@wapchat at Fri Aug  2 19:50:09 2002 ...
wapchat kernel: *pde = 00000000
 
Message from syslogd@wapchat at Fri Aug  2 19:50:09 2002 ...
wapchat kernel: Oops: 0000
 
Message from syslogd@wapchat at Fri Aug  2 19:50:09 2002 ...
wapchat kernel: CPU:    0
 
Message from syslogd@wapchat at Fri Aug  2 19:50:09 2002 ...
wapchat kernel: EIP:    0010:[sym53c8xx:__insmod_sym53c8xx_S.bss_L4+768827/234812305]
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: EIP:    0010:[<d08eeb4f>]
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: EFLAGS: 00010246
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: eax: bffff880   ebx: 00000005   ecx: 00000000   edx: 00000000
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: esi: 00000000   edi: c51bbf6c   ebp: c51bbfbc   esp: c51bbf34
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: ds: 0018   es: 0018   ss: 0018
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: Process squid (pid: 24368, stackpage=c51bb000)
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: Stack: 00660004 00005eb3 0000000f 00000000 00000000 c51ba23c c51bbf9c d08ef07d
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel:        00000006 00005f30 69757173 00000064 00000000 00000000 3d4ac64d 00091e0d
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel:        00000000 00000000 00000000 c0907aa0 00000000 bffff8ac bffff8f8 c01350f3
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: Call Trace: [sym53c8xx:__insmod_sym53c8xx_S.bss_L4+770153/234810979] [filp_close+83/96] [system_call+51/56]
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: Call Trace: [<d08ef07d>] [<c01350f3>] [<c0106f0b>]
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel:
 
Message from syslogd@wapchat at Fri Aug  2 19:50:10 2002 ...
wapchat kernel: Code: 66 83 3e 02 c7 45 b0 05 00 00 00 75 60 8d 56 04 83 ec 08 0f
 
    ¿ Why is not valid the value 'authenticate_options localhost 389 ou=correo,dc=pruebas,dc=com uid', please ?, thus the mesage in the cache.log is this one:
 
2002/08/02 19:50:06| Squid Cache (Version 2.4.STABLE4): Exiting normally.
2002/08/02 19:50:09| Starting Squid Cache version 2.4.STABLE4 for i686-pc-linux-gnu...
2002/08/02 19:50:09| Process ID 24367
2002/08/02 19:50:09| With 1024 file descriptors available
2002/08/02 19:50:09| Performing DNS Tests...
2002/08/02 19:50:09| Successful DNS name lookup tests...
2002/08/02 19:50:09| DNS Socket created on FD 4
2002/08/02 19:50:09| Adding nameserver 212.73.32.3 from /etc/resolv.conf
2002/08/02 19:50:09| Adding nameserver 193.127.1.11 from /etc/resolv.conf
2002/08/02 19:50:09| helperOpenServers: Starting 5 'ldap_auth' processes
2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process.
2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process.
2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process.
2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process.
2002/08/02 19:50:09| WARNING: Cannot run '/opt/squid/libexec/squid/ldap_auth' process.
 
    However the file ldap_auth have this permisions:
 
[root@wapchat kk]# ls -laF /opt/squid/libexec/squid/ldap_auth
-rwsr-sr-x    1 root     root        30456 ago  2 16:40 /opt/squid/libexec/squid/ldap_auth*
 
    And this module works succesfully, like this:
 
[root@wapchat kk]# /opt/squid/libexec/squid/ldap_auth localhost 389 ou=correo,dc=pruebas,dc=com uid
dummy pruebas
OK
    ¿ How could I configure the authenticate_options in the squid.conf, please ?, ¿ and why the squid Cannot run  '/opt/squid/libexec/squid/ldap_auth' process, adding this messages in the cache.log, please?
 
Best regards.