Helpers: Upgrade squid_ldap_auth / basic_ldap_auth

- Rename to basic_ldap_auth
- C++ build with link to libcompat
- Add OPTIONS section to man(8) page
- Tweak libldap and liblber configure naming convention.

TODO: check that removal of miscellaneous libraries (XTRA_LIBS) has
      not removed anything important to this helper. If so add back
      the individual library needed, not the whole lot.

diff --git a/configure.in b/configure.in
index a0b3b64f441f10399cc6b5db2a209d998d7f7c04..9eaa5deba1113ab196aa35ab3f6eb75c82953053 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -3034,17 +3034,17 @@ dnl On MinGW OpenLDAP is not available, so LDAP helpers can be linked
 dnl only with Windows LDAP libraries using -lwldap32
 case "$host_os" in
 mingw|mingw32)
-       LIB_LDAP="-lwldap32"
-       LIB_LBER=""
-       ;;
+       LDAPLIB="-lwldap32"
+       LBERLIB=""
+       ;;
 *)
-       LIB_LDAP="-lldap"
-       dnl LDAP helpers need to know if -llber is needed or not
-       AC_CHECK_LIB(lber, main, [LIB_LBER="-llber"])
-       ;;
+       LDAPLIB="-lldap"
+       dnl LDAP helpers need to know if -llber is needed or not
+       AC_CHECK_LIB(lber, main, [LBERLIB="-llber"])
+       ;;
 esac
-AC_SUBST(LIB_LDAP)
-AC_SUBST(LIB_LBER)
+AC_SUBST(LDAPLIB)
+AC_SUBST(LBERLIB)
 
 dnl Check for libdb
 DBLIB=

diff --git a/doc/release-notes/release-3.2.sgml b/doc/release-notes/release-3.2.sgml
index 920ef83ef82fd32c03e0a442cbd4a8fe5860ccbb..f5f13606ae9a1b143559369ec9a0f03471dfec2f 100644 (file)
--- a/doc/release-notes/release-3.2.sgml
+++ b/doc/release-notes/release-3.2.sgml
@@ -54,6 +54,7 @@ Most user-facing changes are reflected in squid.conf (see below).
 <itemize>
        <item>squid_db_auth - basic_db_auth - Retrieve authentication details from a simple SQL database table.
        <item>getpwnam_auth - basic_getpwname_auth - Authenticate with local system user accounts.
+       <item>squid_ldap_auth - basic_ldap_auth - Authenticate with LDAP user accounts.
 </itemize>
 
 <sect2>Digest Authentication protocol helpers

diff --git a/helpers/basic_auth/LDAP/Makefile.am b/helpers/basic_auth/LDAP/Makefile.am
index 11af8a29afa58d52ba3223c650ad9fa2fee4ef94..9c3eda7de0c153eaecef354ca89d1e9257b8f79f 100644 (file)
--- a/helpers/basic_auth/LDAP/Makefile.am
+++ b/helpers/basic_auth/LDAP/Makefile.am
@@ -1,24 +1,11 @@
-#
-#  Makefile for the Squid LDAP authentication helper
-#
-#  $Id$
-#
-#  Uncomment and customize the following to suit your needs:
-#
-
 include $(top_srcdir)/src/Common.am
 
-libexec_PROGRAMS       = squid_ldap_auth
-man_MANS               = squid_ldap_auth.8
-EXTRA_DIST             = squid_ldap_auth.8
-squid_ldap_auth_SOURCES        = squid_ldap_auth.c
+libexec_PROGRAMS       = basic_ldap_auth
+man_MANS               = basic_ldap_auth.8
+EXTRA_DIST             = basic_ldap_auth.8
+basic_ldap_auth_SOURCES        = basic_ldap_auth.cc
 
 LDADD = \
-       $(top_builddir)/compat/libcompat.la \
-       -L$(top_builddir)/lib -lmiscutil \
-       $(LIB_LDAP) \
-       $(LIB_LBER) \
-       $(XTRA_LIBS)
-
-## we need our local files too (but avoid -I. at all costs)
-INCLUDES += -I$(srcdir)
+       $(COMPAT_LIB) \
+       @LDAPLIB@ \
+       @LBERLIB@

diff --git a/helpers/basic_auth/LDAP/squid_ldap_auth.8 b/helpers/basic_auth/LDAP/basic_ldap_auth.8
similarity index 92%
rename from helpers/basic_auth/LDAP/squid_ldap_auth.8
rename to helpers/basic_auth/LDAP/basic_ldap_auth.8
index 561e4be680561f96ce8e3f84b2526d1c71f392c3..e86f084f9592785f84558a0a0b083f593d1f43c7 100644 (file)
--- a/helpers/basic_auth/LDAP/squid_ldap_auth.8
+++ b/helpers/basic_auth/LDAP/basic_ldap_auth.8
@@ -1,13 +1,13 @@
-.TH squid_ldap_auth 8 "14 January 2005" "Squid LDAP Auth"
+.TH basic_ldap_auth 8 "14 January 2005" "Squid LDAP Auth"
 .
 .SH NAME
-squid_ldap_auth - Squid LDAP authentication helper
+basic_ldap_auth - LDAP authentication helper for Squid
 .
 .SH SYNOPSIS
-.B squid_ldap_auth
+.B basic_ldap_auth
 -b "base DN" [-u attribute] [options] [ldap_server_name[:port]|URI]...
 .br
-.B squid_ldap_auth
+.B basic_ldap_auth
 -b "base DN" -f "LDAP search filter" [options] [ldap_server_name[:port]|URI]...
 .
 .SH DESCRIPTION
@@ -29,6 +29,8 @@ of operation the users DN is constructed using the base DN and
 user attribute. In the other mode of operation a search
 filter is used to locate valid user DN's below the base DN.
 .
+.SH OPTIONS
+.
 .TP
 .BI "-b " "basedn " (REQUIRED)
 Specifies the base DN under which the users are located.
@@ -175,43 +177,43 @@ For directories using the RFC2307 layout with a single domain, all
 you need to specify is usually the base DN under where your users
 are located and the server name:
 .IP
-squid_ldap_auth -b "ou=people,dc=your,dc=domain" ldapserver
+basic_ldap_auth -b "ou=people,dc=your,dc=domain" ldapserver
 .P
 If you have sub-domains then you need to use a search filter approach
 to locate your user DNs as these can no longer be constructed direcly
 from the base DN and login name alone:
 .IP
-squid_ldap_auth -b "dc=your,dc=domain" -f "uid=%s" ldapserver
+basic_ldap_auth -b "dc=your,dc=domain" -f "uid=%s" ldapserver
 .P
 And similarily if you only want to allow access to users having a
 specific attribute
 .IP
-squid_ldap_auth -b "dc=your,dc=domain" -f "(&(uid=%s)(specialattribute=value))" ldapserver
+basic_ldap_auth -b "dc=your,dc=domain" -f "(&(uid=%s)(specialattribute=value))" ldapserver
 .P
 Or if the user attribute of the user DN is "cn" instead of "uid" and
 you do not want to have to search for the users then you could use something
 like the following example for Active Directory:
 .IP
-squid_ldap_auth -u cn -b "cn=Users,dc=your,dc=domain" ldapserver
+basic_ldap_auth -u cn -b "cn=Users,dc=your,dc=domain" ldapserver
 .P
 If you want to search for the user DN and your directory does not allow
 anonymous searches then you must also use the -D and -w flags to specify
 a user DN and password to log in as to perform the searches, as in the
 following complex Active Directory example
 .IP
-squid_ldap_auth -P -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver
+basic_ldap_auth -P -R -b "dc=your,dc=domain" -D "cn=squid,cn=users,dc=your,dc=domain" -w "secretsquidpassword" -f "(&(userPrincipalName=%s)(objectClass=Person))" activedirectoryserver
 .
 .SH NOTES
 .
 When constructing search filters it is strongly recommended to test the filter
-using ldapsearch before you attempt to use squid_ldap_auth. This to verify
+using ldapsearch before you attempt to use basic_ldap_auth. This to verify
 that the filter matches what you expect.
 .
 .SH AUTHOR
 This manual page was written by 
 .I Henrik Nordstrom <hno@squid-cache.org>
 .P
-squid_ldap_auth is written by 
+basic_ldap_auth is written by 
 .I Glenn Newton <gnewton@wapiti.cisti.nrc.ca>
 and
 .I Henrik Nordstrom <hno@squid-cache.org>

diff --git a/helpers/basic_auth/LDAP/squid_ldap_auth.c b/helpers/basic_auth/LDAP/basic_ldap_auth.cc
similarity index 100%
rename from helpers/basic_auth/LDAP/squid_ldap_auth.c
rename to helpers/basic_auth/LDAP/basic_ldap_auth.cc

diff --git a/helpers/basic_auth/Makefile.am b/helpers/basic_auth/Makefile.am
index 742720e7f2c73a8831df8b0b45d802b563ce1c18..2a5e09e9196dd557d98e4ba26f9f9163f6f321f0 100644 (file)
--- a/helpers/basic_auth/Makefile.am
+++ b/helpers/basic_auth/Makefile.am
@@ -1,7 +1,17 @@
-#  Makefile for storage modules in the Squid Object Cache server
-#
-#  $Id$
-#
+## Alphabetical list of sub-directories to distribute with Squid:
+DIST_SUBDIRS = \
+       DB \
+       getpwnam \
+       LDAP \
+       MSNT \
+       mswin_sspi \
+       multi-domain-NTLM \
+       NCSA \
+       PAM \
+       POP3 \
+       squid_radius_auth \
+       SASL \
+       SMB \
+       YP
 
-DIST_SUBDIRS   = getpwnam LDAP MSNT multi-domain-NTLM NCSA PAM SMB YP SASL mswin_sspi POP3 DB squid_radius_auth
-SUBDIRS                = @BASIC_AUTH_HELPERS@
+SUBDIRS        = @BASIC_AUTH_HELPERS@

diff --git a/helpers/digest_auth/eDirectory/Makefile.am b/helpers/digest_auth/eDirectory/Makefile.am
index 82af4fe4430ca1e070ba6a756e341d0c20d5412b..ce63875874c58da4a6902c3cefe105847e7f3767 100644 (file)
--- a/helpers/digest_auth/eDirectory/Makefile.am
+++ b/helpers/digest_auth/eDirectory/Makefile.am
@@ -23,8 +23,8 @@ digest_edir_auth_SOURCES = digest_pw_auth.c \
 LDADD = \
        $(top_builddir)/compat/libcompat.la \
        -L$(top_builddir)/lib -lmiscutil \
-       $(LIB_LDAP) \
-       $(LIB_LBER) \
+       @LDAPLIB@ \
+       @LBERLIB@ \
        $(CRYPTLIB) \
        $(XTRA_LIBS) \
        $(SSLLIB)

diff --git a/helpers/digest_auth/ldap/Makefile.am b/helpers/digest_auth/ldap/Makefile.am
index 7d57e771dd959fdfd8b0e511b73709157260c258..c306ffb25d909a0ef60a1cb387a57a7938c96f2a 100644 (file)
--- a/helpers/digest_auth/ldap/Makefile.am
+++ b/helpers/digest_auth/ldap/Makefile.am
@@ -21,8 +21,8 @@ digest_ldap_auth_SOURCES = digest_pw_auth.c \
 LDADD = \
        $(top_builddir)/compat/libcompat.la \
        -L$(top_builddir)/lib -lmiscutil \
-       $(LIB_LDAP) \
-       $(LIB_LBER) \
+       @LDAPLIB@ \
+       @LBERLIB@ \
        $(CRYPTLIB) \
        $(XTRA_LIBS) \
        $(SSLLIB)

diff --git a/helpers/external_acl/ldap_group/Makefile.am b/helpers/external_acl/ldap_group/Makefile.am
index 8ce92a39ce29b7a8006baedb2d4d4fad48fb7fde..08c2fc84e66c172a54b9147a468cf674cda83ba4 100644 (file)
--- a/helpers/external_acl/ldap_group/Makefile.am
+++ b/helpers/external_acl/ldap_group/Makefile.am
@@ -20,6 +20,6 @@ squid_ldap_group_SOURCES      = squid_ldap_group.c
 LDADD = \
        $(top_builddir)/compat/libcompat.la \
        -L$(top_builddir)/lib -lmiscutil \
-       $(LIB_LDAP) \
-       $(LIB_LBER) \
+       @LDAPLIB@ \
+       @LBERLIB@ \
        @XTRA_LIBS@