2 * Copyright (C) 1996-2019 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
11 2010-07-12 Amos Jeffries <amosjeffries@squid-cache.org>
13 Rename to ext_ldap_group_acl (Squid-3 helper naming schema)
14 Convert to build under C++
15 Remove several goto statements.
16 Update to use helper macro API
19 * ext_ldap_group_acl: lookup group membership in LDAP
23 * (C)2002,2003 MARA Systems AB
25 * License: squid_ldap_group is free software; you can redistribute it
26 * and/or modify it under the terms of the GNU General Public License
27 * as published by the Free Software Foundation; either version 2,
28 * or (at your option) any later version.
31 * Flavio Pescuma <flavio@marasystems.com>
32 * Henrik Nordstrom <hno@marasystems.com>
33 * MARA Systems AB, Sweden <http://www.marasystems.com>
35 * With contributions from others mentioned in the ChangeLog file
37 * In part based on squid_ldap_auth by Glen Newton and Henrik Nordstrom.
39 * Latest version of this program can always be found from MARA Systems
40 * at http://marasystems.com/download/LDAP_Group/
42 * Dependencies: You need to get the OpenLDAP libraries
43 * from http://www.openldap.org or use another compatible
46 * If you want to make a TLS enabled connection you will also need the
47 * OpenSSL libraries linked into openldap. See http://www.openssl.org/
52 2005-03-19 Henrik Nordstrom <hno@squid-cache.org>
54 Bug #1258: LDAP helpers fails to compile with SUN LDAP SDK
56 2005-02-05 Henrik Nordstrom <hno@squid-cache.org>
58 Define LDAP_NO_ATTRS if not defined in LDAP API headers
60 2005-02-04 Henrik Nordstrom <hno@squid-cache.org>
62 Fix LDAP helpers to send a proper NO_ATTR search when looking
65 2005-01-30 Oliver Hookins
67 LDAP helper documentation updates
71 2004-10-21 Henrik Nordstrom <hno@squid-cache.org>
77 2004-08-15 Henrik Nordstrom <hno@squid-cache.org>
78 Helper format changed in Squid-3.0 to use URL escaped
79 strings. Simplifies things a bit and well known encoding.
83 2004-03-02 Henrik Nordstrom <hno@squid-cache.org>
86 2004-02-09 Henrik Nordstrom <hno@squid-cache.org>
87 -E and -S options mismatch
89 2004-01-08 Henrik Nordstrom <hno@squid-cache.org>
90 Increase buffer size when reading group lookups from Squid
94 2004-01-05 Henrik Nordstrom <hno@squid-cache.org>
95 Corrected TLS mode (-Z)
99 2003-03-01 Christoph Lechleitner <lech@ibcl.at>
100 Added -W option to read bindpasswd from file,
101 e.g. from /etc/ldap.secret
103 2003-03-01 Juerg Michel
105 Added support for ldap URI via the -H option
109 2003-01-31 Henrik Nordstrom <hno@marasystems.com>
111 Packaged as a distribution, with Makefile, README
114 Corrected the squid.conf examples in the manpage and
115 some spelling in the same
117 Separated the changelog/history to a separate
118 ChangeLog file (this file)
120 2003-01-27 Henrik Nordstrom <hno@marasystems.com>
122 Cleaned up error messages shown when a nonexisting
127 2003-01-07 Jon Kinred
129 Fixed user search mode (-F/-u) when -g is not used
133 2003-01-03 Henrik Nordstrom <hno@marasystems.com>
135 Fixed missing string termination on ldap_escape_vale,
136 and corrected build problem with LDAPv2 libraries
140 2002-11-27 Henrik Nordstrom <hno@marasystems.com>
142 Replacement for ldap_build_filter. Also changed
143 the % codes to %u (user) and %g (group) which
144 is a bit more intuitive.
146 2002-11-21 Gerard Eviston
148 Fix ldap_search_s error management. This fixes
149 a core dump if there is a LDAP search filter
150 syntax error (possibly caused by malformed input).
154 2002-10-22: Henrik Nordstrom <hno@marasystems.com>
160 2002-09-21: Gerard Eviston
162 -S option to strip NT domain names from
167 2002-09-09: Henrik Nordstrom <hno@marasystems.com>
169 Added support for user DN lookups
174 2002-09-06: Henrik Nordstrom <hno@marasystems.com>
176 Many bugfixes in connection management
178 -g option added, and added support
179 for multiple groups. Prior versions
180 only supported one group and an optional
185 2002-09-04: Henrik Nordstrom <hno@marasystems.com>
191 2002-09-04: Henrik Nordstrom <hno@marasystems.com>
193 Merged changes from squid_ldap_auth.c
194 - TLS support (Michael Cunningham)
195 - -p option to specify port
197 Documented the % codes to use in -f
201 2002-08-21: Henrik Nordstrom <hno@marasystems.com>
203 Support groups or usernames having spaces
207 2002-01-22: Henrik Nordstrom <hno@marasystems.com>
209 Added optional third query argument for search RDN
211 2002-01-22: Henrik Nordstrom <hno@marasystems.com>
213 Removed unused options, and fully changed name
218 2001-07-17: Flavio Pescuma <flavio@marasystems.com>
220 Using the main function from squid_ldap_auth
221 wrote squid_ldap_match. This program replaces
222 the %a and %v (ldapfilter.conf) from the filter
223 template supplied with -f with the two arguments
224 sent by squid. Returns OK if the ldap_search
225 using the composed filter succeeds.
227 Changes from squid_ldap_auth.c:
229 2001-12-12: Michael Cunningham <m.cunningham@xpedite.com>
231 - Added TLS support and partial ldap version 3 support.
233 2001-09-05: Henrik Nordstrom <hno@squid-cache.org>
235 - Added ability to specify another default LDAP port to
236 connect to. Persistent connections moved to -P
238 2001-05-02: Henrik Nordstrom <hno@squid-cache.org>
240 - Support newer OpenLDAP 2.x libraries using the
241 revised Internet Draft API which unfortunately
242 is not backwards compatible with RFC1823..
244 2001-04-15: Henrik Nordstrom <hno@squid-cache.org>
246 - Added command line option for basedn
248 - Added the ability to search for the user DN
250 2001-04-16: Henrik Nordstrom <hno@squid-cache.org>
252 - Added -D binddn -w bindpasswd.
254 2001-04-17: Henrik Nordstrom <hno@squid-cache.org>
256 - Added -R to disable referrals
258 - Added -a to control alias dereferencing
260 2001-04-17: Henrik Nordstrom <hno@squid-cache.org>
262 - Added -u, DN username attribute name
264 2001-04-18: Henrik Nordstrom <hno@squid-cache.org>
266 - Allow full filter specifications in -f