* that though */
#define IGNORANCE_IS_BLISS
-#include "config.h"
-#include "libntlmauth/ntlmauth.h"
-#include "libntlmauth/support_bits.cci"
-#include "util.h"
+#include "squid.h"
+#include "base64.h"
+#include "helpers/defines.h"
+#include "ntlmauth/ntlmauth.h"
+#include "ntlmauth/support_bits.cci"
+//#include "util.h"
-#if HAVE_CTYPE_H
-#include <ctype.h>
-#endif
#if HAVE_STRING_H
#include <string.h>
#endif
+#if HAVE_CTYPE_H
+#include <ctype.h>
+#endif
#if HAVE_CRYPT_H
#include <crypt.h>
#endif
#if HAVE_GETOPT_H
#include <getopt.h>
#endif
+#if HAVE_STDIO_H
+#include <stdio.h>
+#endif
+#if HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#if HAVE_INTTYPES_H
+#include <inttypes.h>
+#endif
/* A couple of harmless helper macros */
#define SEND(X) debug("sending '%s' to squid\n",X); printf(X "\n");
#ifdef __GNUC__
#define SEND2(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#define SEND3(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
+#define SEND4(X,Y...) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
#else
/* no gcc, no debugging. varargs macros are a gcc extension */
#define SEND2(X,Y) debug("sending '" X "' to squid\n",Y); printf(X "\n",Y);
-#define SEND3(X,Y,Z) debug("sending '" X "' to squid\n",Y,Z); printf(X "\n",Y,Z);
+#define SEND4(X,Y,Z,W) debug("sending '" X "' to squid\n",Y,Z,W); printf(X "\n",Y,Z,W);
#endif
-#define ERR "ERR\n"
-#define OK "OK\n"
-
-#define BUFFER_SIZE 10240
-
const char *authenticate_ntlm_domain = "WORKGROUP";
int strip_domain_enabled = 0;
int NTLM_packet_debug_enabled = 0;
int
main(int argc, char *argv[])
{
- char buf[BUFFER_SIZE];
+ char buf[HELPER_INPUT_BUFFER];
int buflen = 0;
+ char decodedBuf[HELPER_INPUT_BUFFER];
+ int decodedLen;
char user[NTLM_MAX_FIELD_LENGTH], domain[NTLM_MAX_FIELD_LENGTH];
char *p;
ntlmhdr *packet = NULL;
debug("%s build " __DATE__ ", " __TIME__ " starting up...\n", my_program_name);
- while (fgets(buf, BUFFER_SIZE, stdin) != NULL) {
+ while (fgets(buf, HELPER_INPUT_BUFFER, stdin) != NULL) {
user[0] = '\0'; /*no user code */
domain[0] = '\0'; /*no domain code */
if ((p = strchr(buf, '\n')) != NULL)
*p = '\0'; /* strip \n */
buflen = strlen(buf); /* keep this so we only scan the buffer for \0 once per loop */
- if (buflen > 3)
- packet = (ntlmhdr*)base64_decode(buf + 3);
+ if (buflen > 3) {
+ decodedLen = base64_decode(decodedBuf, sizeof(decodedBuf), buf+3);
+ packet = (ntlmhdr*)decodedBuf;
+ } else {
+ packet = NULL;
+ decodedLen = 0;
+ }
if (buflen > 3 && NTLM_packet_debug_enabled) {
strncpy(helper_command, buf, 2);
helper_command[2] = '\0';
debug("Got '%s' from Squid with data:\n", helper_command);
- hex_dump((unsigned char*)packet, ((buflen - 3) * 3) / 4);
+ hex_dump((unsigned char *)decodedBuf, decodedLen);
} else
debug("Got '%s' from Squid\n", buf);
- if (strncasecmp(buf, "YR", 2) == 0) {
+ if (strncmp(buf, "YR", 2) == 0) {
char nonce[NTLM_NONCE_LEN];
ntlm_challenge chal;
ntlm_make_nonce(nonce);
hex_dump((unsigned char *)&chal, len);
} else
SEND2("TT %s", data);
- } else if (strncasecmp(buf, "KK ", 3) == 0) {
+ } else if (strncmp(buf, "KK ", 3) == 0) {
if (!packet) {
SEND("BH received KK with no data! user=");
} else if (ntlm_validate_packet(packet, NTLM_AUTHENTICATE) == NTLM_ERR_NONE) {
- if (ntlm_unpack_auth((ntlm_authenticate *)packet, user, domain, (buflen-3)) == NTLM_ERR_NONE) {
+ if (ntlm_unpack_auth((ntlm_authenticate *)packet, user, domain, decodedLen) == NTLM_ERR_NONE) {
lc(user);
lc(domain);
if (strip_domain_enabled) {
SEND2("AF %s", user);
} else {
- SEND3("AF %s%s%s", domain, (*domain?"\\":""), user);
+ SEND4("AF %s%s%s", domain, (*domain?"\\":""), user);
}
} else {
lc(user);
lc(domain);
- SEND3("NA invalid credentials, user=%s%s%s", domain, (*domain?"\\":""), user);
+ SEND4("NA invalid credentials, user=%s%s%s", domain, (*domain?"\\":""), user);
}
} else {
SEND("BH wrong packet type! user=");