From: Amos Jeffries Date: Thu, 2 Aug 2012 12:03:50 +0000 (-0600) Subject: Release Notes: NCSA helper algorithm limits X-Git-Tag: sourceformat-review-1~139 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8f308a98816eaf896add0f8c85384190c47c8c51;p=thirdparty%2Fsquid.git Release Notes: NCSA helper algorithm limits --- diff --git a/doc/release-notes/release-3.2.sgml b/doc/release-notes/release-3.2.sgml index 4fd4bd804c..16ce93bfa4 100644 --- a/doc/release-notes/release-3.2.sgml +++ b/doc/release-notes/release-3.2.sgml @@ -52,6 +52,7 @@ The 3.2 change history can be + +

The DES algorithm used by the NCSA Basic authentication helper has an + limit of 8 bytes but some implementations do not error when truncating + longer passwords down to this unsafe level. + +

This both significantly lowers the threshold of difficulty decrypting + captured password files and hides from users the fact that the extra bits + of their chosen long password is not being utilized. + +

The NCSA helper bundled with Squid will prevent passwords longer than 8 + characters being sent to the DES algorithm. The MD5 hash algorithm which + supports longer than 8 character passwords is also supported by this helper + and should be used instead. + + SMP scalability

The new "workers" squid.conf option can be used to launch multiple worker processes and utilize multiple CPU cores. The overall intent is to make