]>
git.ipfire.org Git - thirdparty/squid.git/blob - helpers/basic_auth/SSPI/basic_sspi_auth.cc
4 Returns OK for a successful authentication, or ERR upon error.
6 Guido Serassio, Torino - Italy
14 * Distributed freely under the terms of the GNU General Public License,
15 * version 2. See the file COPYING for licensing details
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
28 #include "helpers/defines.h"
37 /* Check if we try to compile on a Windows Platform */
39 /* NON Windows Platform !!! */
40 #error NON WINDOWS PLATFORM
43 static char NTGroup
[256];
44 char * NTAllowedGroup
;
45 char * NTDisAllowedGroup
;
46 int UseDisallowedGroup
= 0;
47 int UseAllowedGroup
= 0;
48 int debug_enabled
= 0;
52 * -A can specify a Windows Local Group name allowed to authenticate.
53 * -D can specify a Windows Local Group name not allowed to authenticate.
54 * -O can specify the default Domain against to authenticate.
57 usage(const char *name
)
59 fprintf(stderr
, "Usage:\n%s [-A|D UserGroup][-O DefaultDomain][-d]\n"
60 "-A can specify a Windows Local Group name allowed to authenticate\n"
61 "-D can specify a Windows Local Group name not allowed to authenticate\n"
62 "-O can specify the default Domain against to authenticate\n"
63 "-d enable debugging.\n"
64 "-h this message\n\n",
69 process_options(int argc
, char *argv
[])
72 while (-1 != (opt
= getopt(argc
, argv
, "dhA:D:O:"))) {
75 safe_free(NTAllowedGroup
);
76 NTAllowedGroup
=xstrdup(optarg
);
80 safe_free(NTDisAllowedGroup
);
81 NTDisAllowedGroup
=xstrdup(optarg
);
82 UseDisallowedGroup
= 1;
85 strncpy(Default_NTDomain
, optarg
, DNLEN
);
95 /* fall thru to default */
97 fprintf(stderr
, "FATAL: Unknown option: -%c\n", opt
);
104 /* Main program for simple authentication.
105 Scans and checks for Squid input, and attempts to validate the user.
108 main(int argc
, char **argv
)
110 char wstr
[HELPER_INPUT_BUFFER
];
116 process_options(argc
, argv
);
118 if (LoadSecurityDll(SSP_BASIC
, NTLM_PACKAGE_NAME
) == NULL
) {
119 fprintf(stderr
, "FATAL: can't initialize SSPI, exiting.\n");
122 debug("SSPI initialized OK\n");
124 atexit(UnloadSecurityDll
);
126 /* initialize FDescs */
127 setbuf(stdout
, NULL
);
128 setbuf(stderr
, NULL
);
130 while (fgets(wstr
, HELPER_INPUT_BUFFER
, stdin
) != NULL
) {
132 if (NULL
== strchr(wstr
, '\n')) {
137 SEND_ERR("Oversized message");
143 if ((p
= strchr(wstr
, '\n')) != NULL
)
144 *p
= '\0'; /* strip \n */
145 if ((p
= strchr(wstr
, '\r')) != NULL
)
146 *p
= '\0'; /* strip \r */
147 /* Clear any current settings */
150 sscanf(wstr
, "%s %s", username
, password
); /* Extract parameters */
152 debug("Got %s from Squid\n", wstr
);
154 /* Check for invalid or blank entries */
155 if ((username
[0] == '\0') || (password
[0] == '\0')) {
156 SEND_ERR("Invalid Request");
160 rfc1738_unescape(username
);
161 rfc1738_unescape(password
);
163 debug("Trying to validate; %s %s\n", username
, password
);
165 if (Valid_User(username
, password
, NTGroup
) == NTV_NO_ERROR
)