]> git.ipfire.org Git - thirdparty/squid.git/blob - helpers/basic_auth/SASL/basic_sasl_auth.cc
projects / thirdparty / squid.git / blob
? search:


ef0001ea428915d636aade87a733b49fa06ea60a
[thirdparty/squid.git] / helpers / basic_auth / SASL / basic_sasl_auth.cc
1 /*
2 * $Id$
3 *
4 * SASL authenticator module for Squid.
5 * Copyright (C) 2002 Ian Castle <ian.castle@coldcomfortfarm.net>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
20 *
21 * Install instructions:
22 *
23 * This program authenticates users against using cyrus-sasl
24 *
25 * Compile this program with: gcc -Wall -o sasl_auth sasl_auth.c -lsasl
26 * or with SASL2: gcc -Wall -o sasl_auth sasl_auth.c -lsasl2
27 *
28 */
29 #include "config.h"
30 #include "helpers/defines.h"
31 #include "rfc1738.h"
32 #include "util.h"
33
34 #if HAVE_STDIO_H
35 #include <stdio.h>
36 #endif
37 #if HAVE_ERRNO_H
38 #include <errno.h>
39 #endif
40 #if HAVE_STDLIB_H
41 #include <stdlib.h>
42 #endif
43 #if HAVE_STRING_H
44 #include <string.h>
45 #endif
46 #if HAVE_SASL_SASL_H
47 #include <sasl/sasl.h>
48 #else
49 #include <sasl.h>
50 #endif
51
52 #define APP_NAME_SASL "basic_sasl_auth"
53
54 int
55 main(int argc, char *argv[])
56 {
57 char line[HELPER_INPUT_BUFFER];
58 char *username, *password;
59 #if SASL_VERSION_MAJOR < 2
60 const char *errstr;
61 #endif
62
63 int rc;
64 sasl_conn_t *conn = NULL;
65
66 /* make standard output line buffered */
67 setvbuf(stdout, NULL, _IOLBF, 0);
68
69 rc = sasl_server_init( NULL, APP_NAME_SASL );
70
71 if ( rc != SASL_OK ) {
72 fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
73 return 1;
74 }
75
76 #if SASL_VERSION_MAJOR < 2
77 rc = sasl_server_new( APP_NAME_SASL, NULL, NULL, NULL, 0, &conn );
78 #else
79 rc = sasl_server_new( APP_NAME_SASL, NULL, NULL, NULL, NULL, NULL, 0, &conn );
80 #endif
81
82 if ( rc != SASL_OK ) {
83 fprintf(stderr, "FATAL: %d %s\n", rc, sasl_errstring(rc, NULL, NULL ));
84 return 1;
85 }
86
87 while ( fgets( line, HELPER_INPUT_BUFFER, stdin )) {
88 username = &line[0];
89 password = strchr( line, '\n' );
90 if (!password) {
91 debug("ERROR: %s: Unexpected input '%s'\n", argv[0], line);
92 SEND_ERR("Unexpected Empty Input");
93 continue;
94 }
95 *password = '\0';
96 password = strchr ( line, ' ' );
97 if (!password) {
98 debug("ERROR: %s: Unexpected input '%s' (no password)\n", argv[0], line );
99 SEND_ERR("No Password");
100 continue;
101 }
102 *password++ = '\0';
103
104 rfc1738_unescape(username);
105 rfc1738_unescape(password);
106
107 #if SASL_VERSION_MAJOR < 2
108 rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password), &errstr);
109 #else
110 rc = sasl_checkpass(conn, username, strlen(username), password, strlen(password));
111 #endif
112
113 if ( rc != SASL_OK ) {
114 #if SASL_VERSION_MAJOR < 2
115 if ( errstr ) {
116 debug("errstr %s\n", errstr);
117 }
118 if ( rc != SASL_BADAUTH ) {
119 debug("ERROR: %d %s\n", rc, sasl_errstring(rc, NULL, NULL));
120 SEND_ERR(sasl_errstring(rc, NULL, NULL));
121 } else
122 #endif
123 SEND_ERR("");
124 } else {
125 SEND_OK("");
126 }
127 }
128
129 sasl_dispose(&conn);
130 sasl_done();
131 return 0;
132 }
Mirror of https://github.com/squid-cache/squid.git