]>
git.ipfire.org Git - thirdparty/squid.git/blob - helpers/basic_auth/getpwnam/basic_getpwnam_auth.cc
2 * basic_getpwnam_auth.c
4 * AUTHOR: Erik Hofman <erik.hofman@a1.nl>
5 * Robin Elfrink <robin@a1.nl>
7 * Example authentication program for Squid, based on the
8 * original proxy_auth code from client_side.c, written by
9 * Jon Thackray <jrmt@uk.gdscorp.com>.
11 * Uses getpwnam() routines for authentication.
12 * This has the following advantages over the NCSA module:
14 * - Allow authentication of all know local users
15 * - Allows authentication through nsswitch.conf
16 * + can handle NIS(+) requests
17 * + can handle LDAP request
18 * + can handle PAM request
20 * 2006-07: Giancarlo Razzolini <linux-fan@onda.com.br>
22 * Added functionality for doing shadow authentication too,
23 * using the getspnam() function on systems that support it.
28 #include "helpers/defines.h"
55 passwd_auth(char *user
, char *passwd
)
60 return 0; /* User does not exist */
62 if (strcmp(pwd
->pw_passwd
, (char *) crypt(passwd
, pwd
->pw_passwd
))) {
63 return 2; /* Wrong password */
65 return 1; /* Authentication Sucessful */
72 shadow_auth(char *user
, char *passwd
)
77 return passwd_auth(user
, passwd
); /* Fall back to passwd_auth */
79 if (strcmp(pwd
->sp_pwdp
, crypt(passwd
, pwd
->sp_pwdp
))) {
80 return 2; /* Wrong password */
82 return 1; /* Authentication Sucessful */
89 main(int argc
, char **argv
)
92 char buf
[HELPER_INPUT_BUFFER
];
93 char *user
, *passwd
, *p
;
96 while (fgets(buf
, HELPER_INPUT_BUFFER
, stdin
) != NULL
) {
98 if ((p
= strchr(buf
, '\n')) != NULL
)
99 *p
= '\0'; /* strip \n */
101 if ((user
= strtok(buf
, " ")) == NULL
) {
102 SEND_ERR("No Username");
105 if ((passwd
= strtok(NULL
, "")) == NULL
) {
106 SEND_ERR("No Password");
109 rfc1738_unescape(user
);
110 rfc1738_unescape(passwd
);
112 auth
= shadow_auth(user
, passwd
);
114 auth
= passwd_auth(user
, passwd
);
117 SEND_ERR("No such user");
120 SEND_ERR("Wrong password");