]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/auth/basic/SASL/basic_sasl_auth.cc
2 * Copyright (C) 1996-2023 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
10 * SASL authenticator module for Squid.
11 * Copyright (C) 2002 Ian Castle <ian.castle@coldcomfortfarm.net>
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
27 * Install instructions:
29 * This program authenticates users against using cyrus-sasl
31 * Compile this program with: gcc -Wall -o sasl_auth sasl_auth.c -lsasl
32 * or with SASL2: gcc -Wall -o sasl_auth sasl_auth.c -lsasl2
36 #include "helper/protocol_defines.h"
44 #include <sasl/sasl.h>
49 #define APP_NAME_SASL "basic_sasl_auth"
52 main(int, char *argv
[])
54 char line
[HELPER_INPUT_BUFFER
];
55 char *username
, *password
;
56 #if SASL_VERSION_MAJOR < 2
61 sasl_conn_t
*conn
= nullptr;
63 /* make standard output line buffered */
64 setvbuf(stdout
, nullptr, _IOLBF
, 0);
66 rc
= sasl_server_init( nullptr, APP_NAME_SASL
);
68 if ( rc
!= SASL_OK
) {
69 fprintf(stderr
, "FATAL: %d %s\n", rc
, sasl_errstring(rc
, nullptr, nullptr ));
73 #if SASL_VERSION_MAJOR < 2
74 rc
= sasl_server_new( APP_NAME_SASL
, nullptr, nullptr, nullptr, 0, &conn
);
76 rc
= sasl_server_new( APP_NAME_SASL
, nullptr, nullptr, nullptr, nullptr, nullptr, 0, &conn
);
79 if ( rc
!= SASL_OK
) {
80 fprintf(stderr
, "FATAL: %d %s\n", rc
, sasl_errstring(rc
, nullptr, nullptr ));
84 while ( fgets( line
, HELPER_INPUT_BUFFER
, stdin
)) {
86 password
= strchr( line
, '\n' );
88 debug("ERROR: %s: Unexpected input '%s'\n", argv
[0], line
);
89 SEND_ERR("Unexpected Empty Input");
93 password
= strchr ( line
, ' ' );
95 debug("ERROR: %s: Unexpected input '%s' (no password)\n", argv
[0], line
);
96 SEND_ERR("No Password");
102 rfc1738_unescape(username
);
103 rfc1738_unescape(password
);
105 #if SASL_VERSION_MAJOR < 2
106 rc
= sasl_checkpass(conn
, username
, strlen(username
), password
, strlen(password
), &errstr
);
108 rc
= sasl_checkpass(conn
, username
, strlen(username
), password
, strlen(password
));
111 if ( rc
!= SASL_OK
) {
112 #if SASL_VERSION_MAJOR < 2
114 debug("errstr %s\n", errstr
);
116 if ( rc
!= SASL_BADAUTH
) {
117 debug("ERROR: %d %s\n", rc
, sasl_errstring(rc
, nullptr, nullptr));
118 SEND_ERR(sasl_errstring(rc
, nullptr, nullptr));