]>
git.ipfire.org Git - thirdparty/squid.git/blob - helpers/basic_auth/MSNT/msntauth.cc
2 * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
10 * MSNT - Microsoft Windows NT domain squid authenticator module
11 * Version 2.0 by Stellar-X Pty Ltd, Antonino Iannella
12 * Sun Sep 2 14:39:53 CST 2001
14 * Modified to act as a Squid authenticator module.
15 * Removed all Pike stuff.
16 * Returns OK for a successful authentication, or ERR upon error.
19 * Andrew Tridgell 1997
22 * Duane Wessels 2000 (wessels@squid-cache.org)
24 * Released under GNU Public License
26 * This program is free software; you can redistribute it and/or modify
27 * it under the terms of the GNU General Public License as published by
28 * the Free Software Foundation; either version 2 of the License, or
29 * (at your option) any later version.
31 * This program is distributed in the hope that it will be useful,
32 * but WITHOUT ANY WARRANTY; without even the implied warranty of
33 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
34 * GNU General Public License for more details.
36 * You should have received a copy of the GNU General Public License
37 * along with this program; if not, write to the Free Software
38 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
50 extern char version
[];
51 char msntauth_version
[] = "Msntauth v2.0.3 (C) 2 Sep 2001 Stellar-X Antonino Iannella.\nModified by the Squid HTTP Proxy team 26 Jun 2002";
53 /* Main program for simple authentication.
54 * Reads the denied user file. Sets alarm timer.
55 * Scans and checks for Squid input, and attempts to validate the user.
59 main(int argc
, char **argv
)
66 openlog("msnt_auth", LOG_PID
, LOG_USER
);
69 /* Read configuration file. Abort wildly if error. */
70 if (OpenConfigFile() == 1)
74 * Read denied and allowed user files.
75 * If they fails, there is a serious problem.
76 * Check syslog messages. Deny all users while in this state.
77 * The msntauth process should then be killed.
79 if ((Read_denyusers() == 1) || (Read_allowusers() == 1)) {
81 memset(wstr
, '\0', sizeof(wstr
));
82 if (fgets(wstr
, 255, stdin
) == NULL
)
90 * Make Check_forchange() the handle for HUP signals.
91 * Don't use alarms any more. I don't think it was very
92 * portable between systems.
93 * XXX this should be sigaction()
95 signal(SIGHUP
, Check_forchange
);
99 /* Read whole line from standard input. Terminate on break. */
100 memset(wstr
, '\0', sizeof(wstr
));
101 if (fgets(wstr
, 255, stdin
) == NULL
)
103 /* ignore this line if we didn't get the end-of-line marker */
104 if (NULL
== strchr(wstr
, '\n')) {
109 syslog(LOG_WARNING
, "oversized message");
116 * extract username and password.
117 * XXX is sscanf() safe?
121 n
= sscanf(wstr
, "%s %[^\n]", username
, password
);
126 /* Check for invalid or blank entries */
127 if ((username
[0] == '\0') || (password
[0] == '\0')) {
131 Checktimer(); /* Check if the user lists have changed */
133 rfc1738_unescape(username
);
134 rfc1738_unescape(password
);
137 * Check if user is explicitly denied or allowed.
138 * If user passes both checks, they can be authenticated.
140 if (Check_user(username
) == 1) {
141 syslog(LOG_INFO
, "'%s' denied", username
);
143 } else if (QueryServers(username
, password
) == 0)
146 syslog(LOG_INFO
, "'%s' login failed", username
);