wbinfo group external_acl helper by Jerry Murdock

diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index 30ec39e5061a7efa21a888b5ac1ec1d216b5ecd0..7d822464964170e48ff8404cf0309b45b06a39dd 100644 (file)
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -87,5 +87,6 @@ and ideas to make this software available.
        Brian <hiryuu@envisiongames.net>
        Ian Castle <ian.castle@coldcomfortfarm.net>
        Brad Smitch <brad@comstyle.com>
+       Jerry Murdock <jmurdock@itraktech.com>
 
        Duane Wessels <wessels@squid-cache.org>

diff --git a/CREDITS b/CREDITS
index ea0eb11e756816383220bf8d4943240a64df25fa..3a6b4a935feebccd12769c5ec8f49b3877df6af0 100644 (file)
--- a/CREDITS
+++ b/CREDITS
@@ -1,4 +1,4 @@
-$Id: CREDITS,v 1.6 2002/06/23 13:32:23 hno Exp $
+$Id: CREDITS,v 1.7 2002/07/05 09:20:56 hno Exp $
 
 ==============================================================================
 
@@ -302,3 +302,13 @@ This program is free software; you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation; either version 2, or (at your option)
 any later version.
+
+==============================================================================
+
+helpers/external_acl/wbinfo_group/wbinfo_group.pl
+
+ This program is put in the public domain by Jerry Murdock 
+ <jmurdock@itraktech.com>. It is distributed in the hope that it will
+ be useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+ of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+

diff --git a/helpers/external_acl/wbinfo_group/wbinfo_group.pl b/helpers/external_acl/wbinfo_group/wbinfo_group.pl
new file mode 100644 (file)
index 0000000..5089433
--- /dev/null
+++ b/helpers/external_acl/wbinfo_group/wbinfo_group.pl
@@ -0,0 +1,55 @@
+#!/usr/bin/perl -w
+#
+# external_acl helper to Squid to verify NT Domain group
+# membership using wbinfo
+#
+# This program is put in the public domain by Jerry Murdock 
+# <jmurdock@itraktech.com>. It is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty
+# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+#
+# Author:
+#   Jerry Murdock <jmurdock@itraktech.com>
+#
+# Version history:
+#   2002-07-05 Jerry Murdock <jmurdock@itraktech.com>
+#              Initial release
+#
+
+# external_acl uses shell style lines in it's protocol
+require 'shellwords.pl';
+
+# Disable output buffering
+$|=1;           
+
+sub debug {
+       # Uncomment this to enable debugging
+       #print STDERR "@_\n";
+}
+
+#
+# Check if a user belongs to a group
+#
+sub check {
+        local($user, $group) = @_;
+        $groupSID = `wbinfo -n "$group"`;
+        chop  $groupSID;
+        $groupGID = `wbinfo -Y $groupSID`;
+        chop $groupGID;
+        &debug( "User:  -$user-\nGroup: -$group-\nSID:   -$groupSID-\nGID:   -$groupGID-");
+        return 'OK' if(`wbinfo -r \Q$user\E` =~ /^$groupGID$/m);
+        return 'ERR';
+}
+
+#
+# Main loop
+#
+while (<STDIN>) {
+        chop;
+       &debug ("Got $_ from squid");
+        ($user, $group) = &shellwords;
+       $ans = &check($user, $group);
+       &debug ("Sending $ans to squid");
+       print "$ans\n";
+}
+