]>
git.ipfire.org Git - thirdparty/squid.git/blob - helpers/basic_auth/NCSA/basic_ncsa_auth.cc
2 * AUTHOR: Arjan de Vet <Arjan.deVet@adv.iae.nl>
4 * Example authentication program for Squid, based on the original
5 * proxy_auth code from client_side.c, written by
6 * Jon Thackray <jrmt@uk.gdscorp.com>.
8 * Uses a NCSA httpd style password file for authentication with the
9 * following improvements suggested by various people:
11 * - comment lines are possible and should start with a '#';
12 * - empty or blank lines are possible;
13 * - extra fields in the password file are ignored; this makes it
14 * possible to use a Unix password file but I do not recommend that.
19 #include "crypt_md5.h"
21 #include "helpers/defines.h"
44 static hash_table
* hash
= NULL
;
45 static HASHFREE my_free
;
47 typedef struct _user_data
{
48 /* first two items must be same as hash_link */
50 struct _user_data
* next
;
57 user_data
* u
= static_cast < user_data
*>( p
);
64 read_passwd_file ( const char * passwdfile
)
72 hashFreeItems ( hash
, my_free
);
76 hash
= hash_create (( HASHCMP
*) strcmp
, 7921 , hash_string
);
78 fprintf ( stderr
, "FATAL: Cannot create hash table \n " );
81 f
= fopen ( passwdfile
, "r" );
83 fprintf ( stderr
, "FATAL: %s: %s \n " , passwdfile
, xstrerror ());
86 while ( fgets ( buf
, 8192 , f
) != NULL
) {
87 if (( buf
[ 0 ] == '#' ) || ( buf
[ 0 ] == ' ' ) || ( buf
[ 0 ] == ' \t ' ) ||
90 user
= strtok ( buf
, ": \n\r " );
91 passwd
= strtok ( NULL
, ": \n\r " );
92 if (( strlen ( user
) > 0 ) && passwd
) {
93 u
= static_cast < user_data
*>( xmalloc ( sizeof (* u
)));
94 u
-> user
= xstrdup ( user
);
95 u
-> passwd
= xstrdup ( passwd
);
96 hash_join ( hash
, ( hash_link
*) u
);
103 main ( int argc
, char ** argv
)
106 time_t change_time
= - 1 ;
107 char buf
[ HELPER_INPUT_BUFFER
];
108 char * user
, * passwd
, * p
;
110 setbuf ( stdout
, NULL
);
112 fprintf ( stderr
, "Usage: ncsa_auth <passwordfile> \n " );
115 if ( stat ( argv
[ 1 ], & sb
) != 0 ) {
116 fprintf ( stderr
, "FATAL: cannot stat %s \n " , argv
[ 1 ]);
119 while ( fgets ( buf
, HELPER_INPUT_BUFFER
, stdin
) != NULL
) {
120 if (( p
= strchr ( buf
, ' \n ' )) != NULL
)
121 * p
= '\0' ; /* strip \n */
122 if ( stat ( argv
[ 1 ], & sb
) == 0 ) {
123 if ( sb
. st_mtime
!= change_time
) {
124 read_passwd_file ( argv
[ 1 ]);
125 change_time
= sb
. st_mtime
;
128 if (( user
= strtok ( buf
, " " )) == NULL
) {
132 if (( passwd
= strtok ( NULL
, "" )) == NULL
) {
136 rfc1738_unescape ( user
);
137 rfc1738_unescape ( passwd
);
138 u
= ( user_data
*) hash_lookup ( hash
, user
);
140 SEND_ERR ( "No such user" );
142 } else if ( strcmp ( u
-> passwd
, ( char *) crypt ( passwd
, u
-> passwd
)) == 0 ) {
145 } else if ( strcmp ( u
-> passwd
, ( char *) crypt_md5 ( passwd
, u
-> passwd
)) == 0 ) {
147 } else if ( strcmp ( u
-> passwd
, ( char *) md5sum ( passwd
)) == 0 ) { /* md5 without salt and magic strings - Added by Ramon de Carvalho and Rodrigo Rubira Branco */
150 SEND_ERR ( "Wrong password" );
154 hashFreeItems ( hash
, my_free
);
155 hashFreeMemory ( hash
);