/*
- * $Id: acl.cc,v 1.225 2000/10/31 23:48:13 wessels Exp $
+ * $Id: acl.cc,v 1.226 2000/12/08 23:58:08 wessels Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
checklist->state[ACL_PROXY_AUTH] = ACL_LOOKUP_DONE;
debug(28, 4) ("aclLookupProxyAuthDone: result = %s\n",
result ? result : "NULL");
- if (result && (strncasecmp(result, "OK", 2) == 0))
+ if (NULL == result)
+ checklist->auth_user->passwd_ok = 0;
+ else if (0 == strncasecmp(result, "OK", 2))
checklist->auth_user->passwd_ok = 1;
- else
+ else {
+ if (strlen(result) > sizeof("ERR "))
+ checklist->auth_user->message = xstrdup(result+4);
checklist->auth_user->passwd_ok = 0;
+ }
aclCheck(checklist);
}
/*
- * $Id: client_side.cc,v 1.514 2000/12/05 09:15:58 wessels Exp $
+ * $Id: client_side.cc,v 1.515 2000/12/08 23:58:08 wessels Exp $
*
* DEBUG: section 33 Client-side Routines
* AUTHOR: Duane Wessels
int page_id = -1;
http_status status;
ErrorState *err = NULL;
+ char *proxy_auth_msg = NULL;
debug(33, 2) ("The request %s %s is %s, because it matched '%s'\n",
RequestMethodStr[http->request->method], http->uri,
answer == ACCESS_ALLOWED ? "ALLOWED" : "DENIED",
AclMatchedName ? AclMatchedName : "NO ACL's");
+ if (http->acl_checklist->auth_user)
+ proxy_auth_msg = http->acl_checklist->auth_user->message;
http->acl_checklist = NULL;
if (answer == ACCESS_ALLOWED) {
safe_free(http->uri);
debug(33, 5) ("Access Denied: %s\n", http->uri);
debug(33, 5) ("AclMatchedName = %s\n",
AclMatchedName ? AclMatchedName : "<null>");
+ debug(33, 5) ("Proxy Auth Message = %s\n",
+ proxy_auth_msg ? proxy_auth_msg : "<null>");
/*
* NOTE: get page_id here, based on AclMatchedName because
* if USE_DELAY_POOLS is enabled, then AclMatchedName gets
err = errorCon(page_id, status);
err->request = requestLink(http->request);
err->src_addr = http->conn->peer.sin_addr;
+ err->proxy_auth_msg = proxy_auth_msg;
+ err->callback_data = NULL;
errorAppendEntry(http->entry, err);
}
}
/*
- * $Id: errorpage.cc,v 1.157 2000/12/05 09:15:59 wessels Exp $
+ * $Id: errorpage.cc,v 1.158 2000/12/08 23:58:08 wessels Exp $
*
* DEBUG: section 4 Error Generation
* AUTHOR: Duane Wessels
safe_free(err->url);
safe_free(err->host);
safe_free(err->dnsserver_msg);
+ safe_free(err->proxy_auth_msg);
safe_free(err->request_hdrs);
wordlistDestroy(&err->ftp.server_msg);
safe_free(err->ftp.request);
* I - server IP address x
* L - HREF link for more info/contact x
* M - Request Method x
+ * m - Error message returned by external Auth. x
* p - URL port # x
* P - Protocol x
* R - Full HTTP Request x
} else
p = "[not available]";
break;
+ case 'm':
+ p = err->proxy_auth_msg ? err->proxy_auth_msg : "[not available]";
+ break;
case 'M':
p = r ? RequestMethodStr[r->method] : "[unkown method]";
break;
/*
- * $Id: structs.h,v 1.364 2000/12/05 10:10:59 wessels Exp $
+ * $Id: structs.h,v 1.365 2000/12/08 23:58:09 wessels Exp $
*
*
* SQUID Internet Object Cache http://squid.nlanr.net/Squid/
long expiretime;
struct in_addr ipaddr; /* IP addr this user authenticated from */
time_t ip_expiretime;
+ char *message;
};
struct _acl_deny_info_list {
char *host;
u_short port;
char *dnsserver_msg;
+ char *proxy_auth_msg;
time_t ttl;
struct in_addr src_addr;
char *redirect_url;