]>
git.ipfire.org Git - thirdparty/squid.git/blob - helpers/basic_auth/SSPI/basic_sspi_auth.cc
4 Returns OK for a successful authentication, or ERR upon error.
6 Guido Serassio, Torino - Italy
14 * Distributed freely under the terms of the GNU General Public License,
15 * version 2. See the file COPYING for licensing details
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, write to the Free Software
24 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
28 #include "helpers/defines.h"
38 /* Check if we try to compile on a Windows Platform */
40 /* NON Windows Platform !!! */
41 #error NON WINDOWS PLATFORM
46 static char NTGroup
[256];
47 char * NTAllowedGroup
;
48 char * NTDisAllowedGroup
;
49 int UseDisallowedGroup
= 0;
50 int UseAllowedGroup
= 0;
51 int debug_enabled
= 0;
55 * -A can specify a Windows Local Group name allowed to authenticate.
56 * -D can specify a Windows Local Group name not allowed to authenticate.
57 * -O can specify the default Domain against to authenticate.
59 char *my_program_name
= NULL
;
64 fprintf(stderr
, "Usage:\n%s [-A|D UserGroup][-O DefaultDomain][-d]\n"
65 "-A can specify a Windows Local Group name allowed to authenticate\n"
66 "-D can specify a Windows Local Group name not allowed to authenticate\n"
67 "-O can specify the default Domain against to authenticate\n"
68 "-d enable debugging.\n"
69 "-h this message\n\n",
74 process_options(int argc
, char *argv
[])
77 while (-1 != (opt
= getopt(argc
, argv
, "dhA:D:O:"))) {
80 safe_free(NTAllowedGroup
);
81 NTAllowedGroup
=xstrdup(optarg
);
85 safe_free(NTDisAllowedGroup
);
86 NTDisAllowedGroup
=xstrdup(optarg
);
87 UseDisallowedGroup
= 1;
90 strncpy(Default_NTDomain
, optarg
, DNLEN
);
100 /* fall thru to default */
102 fprintf(stderr
, "FATAL: Unknown option: -%c\n", opt
);
109 /* Main program for simple authentication.
110 Scans and checks for Squid input, and attempts to validate the user.
113 main(int argc
, char **argv
)
115 char wstr
[HELPER_INPUT_BUFFER
];
121 my_program_name
= argv
[0];
122 process_options(argc
, argv
);
124 if (LoadSecurityDll(SSP_BASIC
, NTLM_PACKAGE_NAME
) == NULL
) {
125 fprintf(stderr
, "FATAL: can't initialize SSPI, exiting.\n");
128 debug("SSPI initialized OK\n");
130 atexit(UnloadSecurityDll
);
132 /* initialize FDescs */
133 setbuf(stdout
, NULL
);
134 setbuf(stderr
, NULL
);
136 while (fgets(wstr
, HELPER_INPUT_BUFFER
, stdin
) != NULL
) {
138 if (NULL
== strchr(wstr
, '\n')) {
143 SEND_ERR("Oversized message");
149 if ((p
= strchr(wstr
, '\n')) != NULL
)
150 *p
= '\0'; /* strip \n */
151 if ((p
= strchr(wstr
, '\r')) != NULL
)
152 *p
= '\0'; /* strip \r */
153 /* Clear any current settings */
156 sscanf(wstr
, "%s %s", username
, password
); /* Extract parameters */
158 debug("Got %s from Squid\n", wstr
);
160 /* Check for invalid or blank entries */
161 if ((username
[0] == '\0') || (password
[0] == '\0')) {
162 SEND_ERR("Invalid Request");
166 rfc1738_unescape(username
);
167 rfc1738_unescape(password
);
169 debug("Trying to validate; %s %s\n", username
, password
);
171 if (Valid_User(username
, password
, NTGroup
) == NTV_NO_ERROR
)